Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
phpseclib - creating RSA encrypted key
  • GuiguillermoGuiguillermo
    Hi !
    I got a problem using phpseclib. I would like generate RSA keys and encrypt it with a password. So I do :

    $crypt = new Crypt_RSA();
    $crypt->setPassword('123456789');
    $key = $crypt->createKey();

    But I got an exception during the createKey() :

    Fuel\Core\PhpErrorException [ Notice ]:
    Use of undefined constant CRYPT_DES_MODE_CBC - assumed 'CRYPT_DES_MODE_CBC'

    This is an exception thrown in TripleDES. When I try to encrypt something with TripleDES, I got the same exception.

    Thanks for help me.

  • HarroHarro
    It is because it is defined in Crypt_DES, but from what I can see that isn't loaded as a dependency.

    You can probably fix it using:

    new Crypt_DES();
    $crypt = new Crypt_RSA();
    $crypt->setPassword('123456789');
    $key = $crypt->createKey();
  • GuiguillermoGuiguillermo
    It doesn't works. I read the code of phpseclib original library, and there is a Base.php file which define several var, like 'CRYPT_MODE_DES_CBC'.

    In my code, when I do define('CRYPT_MODE_DES_CBC', 2); 
    and it works.
  • HarroHarro
    The current PHPSecLib is 0.3.6, while we have implemented 0.2.2, so it's quite possible there are differences. It was never meant to be used by framework users, only internally.

    Can you create an issue for it at https://github.com/fuel/core/issues? It's going to be a bit of work, our version contains custom code to support PBKDF2.
  • HarroHarro
    Eh... Forget it. See https://github.com/phpseclib/phpseclib/issues/20

    Pushed the fix to 1.8/develop.
  • GuiguillermoGuiguillermo
    I created the issue.
    I will re-import phpseclib in my app folder.
  • GuiguillermoGuiguillermo
    It works, thanks !
    But it's necessary to run  new Crypt_DES() before.
  • itcanitcan
    isn't it an option to include this via Composer?
  • HarroHarro
    The problem is in the modifications we had to make to support PBKDF2, which it doesn't natively.

    If we start using the Composer package (which isn't all that btw, it means for example losing the namespace), we need to rewrite that part, and have it security checked again.

    If you want the latest for your app, you could use composer for that. Since "our" phpseclib is in a namespace, there should not be any class name collisions.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion