Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
phpseclib - creating RSA encrypted key
  • Hi !
    I got a problem using phpseclib. I would like generate RSA keys and encrypt it with a password. So I do :

    $crypt = new Crypt_RSA();
    $crypt->setPassword('123456789');
    $key = $crypt->createKey();

    But I got an exception during the createKey() :

    Fuel\Core\PhpErrorException [ Notice ]:
    Use of undefined constant CRYPT_DES_MODE_CBC - assumed 'CRYPT_DES_MODE_CBC'

    This is an exception thrown in TripleDES. When I try to encrypt something with TripleDES, I got the same exception.

    Thanks for help me.

  • It is because it is defined in Crypt_DES, but from what I can see that isn't loaded as a dependency.

    You can probably fix it using:

    new Crypt_DES();
    $crypt = new Crypt_RSA();
    $crypt->setPassword('123456789');
    $key = $crypt->createKey();
  • It doesn't works. I read the code of phpseclib original library, and there is a Base.php file which define several var, like 'CRYPT_MODE_DES_CBC'.

    In my code, when I do define('CRYPT_MODE_DES_CBC', 2); 
    and it works.
  • The current PHPSecLib is 0.3.6, while we have implemented 0.2.2, so it's quite possible there are differences. It was never meant to be used by framework users, only internally.

    Can you create an issue for it at https://github.com/fuel/core/issues? It's going to be a bit of work, our version contains custom code to support PBKDF2.
  • Eh... Forget it. See https://github.com/phpseclib/phpseclib/issues/20

    Pushed the fix to 1.8/develop.
  • I created the issue.
    I will re-import phpseclib in my app folder.
  • It works, thanks !
    But it's necessary to run  new Crypt_DES() before.
  • isn't it an option to include this via Composer?
  • The problem is in the modifications we had to make to support PBKDF2, which it doesn't natively.

    If we start using the Composer package (which isn't all that btw, it means for example losing the namespace), we need to rewrite that part, and have it security checked again.

    If you want the latest for your app, you could use composer for that. Since "our" phpseclib is in a namespace, there should not be any class name collisions.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion