Java RSA to PHP phpseclib RSA

Question

There is a payment gateway that I'm working on, and they have a Java demo that is working however I want to implement this in php instead.

The payment gateway encrypt the payload by using 3DES with a random generated key. That key was encrypted with RSA by using the payment gateway's PUBLIC key.

The problem is when I use the php script to do RSA encryption on that key, the payment gateway isn't can't extract the key correctly and apparently the RSA encryption on the PHP wasn't working correctly...

Here's the Java version of the RSA encryption:

public static byte[] encrypt(byte[] data, String pubKey64) {

    try {
         byte[] key = Toolkit.base64Decode(pubKey64);
         KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
         X509EncodedKeySpec keySpec = new X509EncodedKeySpec(key);
         RSAPublicKey pbk = (RSAPublicKey) rsaKeyFac.generatePublic(keySpec);
         System.out.println("MODE:"+Cipher.ENCRYPT_MODE);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
        cipher.init(Cipher.ENCRYPT_MODE, pbk);

        byte[] encDate = cipher.doFinal(data);
        return encDate;
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

And here what's I came out with at the PHP script:

use phpseclib\Crypt\RSA as RSA;




$PUB_KEY = '-----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ1fKGMV/yOUnY1ysFCk0yPP4bfOolC/nTAyHmoser+1yzeLtyYsfitYonFIsXBKoAYwSAhNE+ZSdXZs4A5zt4EKoU+T3IoByCoKgvpCuOx8rgIAqC3O/95pGb9n6rKHR2sz5EPT0aBUUDAB2FJYjA9Sy+kURxa52EOtRKolSmEwIDAQAB
-----END PUBLIC KEY-----';

$PAYLOAD = 'b78850d2f35108b4bc4e7a41';

function encrypt($key,$payload){
    $rsa = new RSA();
    $rsa->loadKey($key); // public key

    $rsa->setEncryptionMode(2);
    $ciphertext = $rsa->encrypt($payload);

    return base64_encode($ciphertext);
}

The Java version was using PKCSPADDING so I set the mode on phpseclib to 2 which is PKCSPADDING but still it won't work. Am I missing anything? Can anyone please point it out for me?

UPDATE:

Not sure if this is the reason that causing it but I removed the "-----BEGIN PUBLIC KEY-----" and "-----END PUBLIC KEY ----" portion and it worked.

Thanks for everyone's help.

Answer 1

Try doing define('CRYPT_RSA_PKCS15_COMPAT', true); before you start the encryption process.

Quoting phpseclib 2.0's RSA.php:

/**
 * RSAES-PKCS1-V1_5-DECRYPT
 *
 * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
 *
 * For compatibility purposes, this function departs slightly from the description given in RFC3447.
 * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
 * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
 * public key should have the second byte set to 2.  In RFC3447 (PKCS#1 v2.1), the second byte is supposed
 * to be 2 regardless of which key is used.  For compatibility purposes, we'll just check to make sure the
 * second byte is 2 or less.  If it is, we'll accept the decrypted string as valid.
 *
 * As a consequence of this, a private key encrypted ciphertext produced with \phpseclib\Crypt\RSA may not decrypt
 * with a strictly PKCS#1 v1.5 compliant RSA implementation.  Public key encrypted ciphertext's should but
 * not private key encrypted ciphertext's.
 *
 * @access private
 * @param string $c
 * @return string
 */