How can I decrypt data created by npm-rsa in PHP?

Question

I am encrypting data in the browser with JS, and then attempting to decrypt it on the backend with PHP.

In JS, I am using npm-rsa which was built using browserify. In PHP, I am using phpseclib

My JS:

key = new rsa({
            environment: 'browser',
            encryptionScheme: 'pkcs1_oaep',
            signingScheme: 'pkcs1-sha256',
            b: 2048
        });

cleartext = 'this is a test';
console.log(key.encrypt(cleartext, 'base64'));
console.log(this.key.exportKey('pkcs8-private-pem'));

I then take my public key and cyphertext to PHP:

$rsa = new RSA();
$rsa->load($privkey, 'pkcs8');
$cleartext = $rsa->decrypt(base64_decode($cyphertext));

When I run this, $cleartext is null. Using Xdebug, I can see that $rsa->load($pubkey, 'pkcs8'); does appear to be populating the modulus, exponents, primes, coefficients, etc fields of $rsa.

I have even tried $rsa->setHash('sha256'); before calling decrypt(), but it's my understanding that the hash method is only used for encryption and not even used in decryption.

Also, I understand that this is not secure because i'm sharing the private key. I'm just trying to verify compatibility between the two libraries.

I have tested that i can encrypt and decrypt with both libraries independently, but taking a key from the JS lib to the PHP lib I can't get to work.

EDIT: Exported private key:

-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDX7/224Phogd/B
4DGOf81GeNAkE0bAWieN9Tmq6S1Xe0iMY56J9hJ86HveCcJcJCMNAJtGVPjOObNf
HZ58CUrqyMoj6VJ8wXGVPZuwkvBQrVFg4k/h+8+b3p5Z0cb8J9m8WWpnL/hifoyt
9O7aEiSnkvHBWBgEK6qxEYVLJKUPI94HlZe4B+ScCaflUMw1/uMfp1pVGxVUAfER
f8URfCjCUY8cL+yFNQ5/CVNMQ8CTlb6HItpfS/QVBqTUD3wNf97oFZDPzbFfFCD7
M50NbCal6CfRTaMBPoWrhsUGVab/Nj81qcY7dpoYEFyLLnJ80jHR6+o1fKDSinuQ
KIYkQ9PxAgMBAAECggEBANKs7tgx/anYrDo3RaJFxjzvOgM4W1rnmpfBnRXGkdo8
CbgOqWrojXkYSWGEHABRsXDKGrQvyt9JJFu0Rh+14UXXyH/o7/WPtgVpKjDH63aK
4k6n/k/4ocDtHYl8RatWJfTBODKcdrWByjceNLrF4MUtdHiyPhwzjkFbWrTJd9Cf
3wEh0aD83JT/wg1VkRYEOdJTPeq2kCpgoukBFXYAnGj9DYL2+Kityhnx/GB0RG/8
GGpMyG8R72P6zYkXr0YfLhGLlW7+XbLT+WiPThjT9+e00uPAKMj7d0qaerKR6Asf
NGSAg83eWG9ZKT1GXtn8mOP6p+15DcVLBbFXvPAA/cECgYEA7IYRWGNhEJ9l+XJH
DYQVndS9KN8+zMx5OM/wy47v9FiiwGdAnwwHFAX3GyZe6eJ2sAX73tPm56QadRPK
HGZFNnYx3BBdcl7WKT13DrmgpsH9CO6ish+2TwHfYDqOKs5EvT3yHJIG4T/Z50JM
bUKSdrndV6LtOT2gplLxjUwastUCgYEA6bf23y5p8t9Unn55bIYKdFWj/5kLJdI1
d/MBP3eZ405veVzZqvhs04JscElx1M0U1mTx7g96IWnBTuqsgkU9TLlXg8N5nLM0
AWVlFlu657NwJaAc9zfmaamI4UKwNHCXDoxx+u2zJuzNOJwttPV3d7NTBWZOh+P+
DEgAzNYOEq0CgYEA42Oo/U7dnHuCMCTbhnT7yzchfE/UMlRKHoJbP3f13PXx0gPy
LnYDwA5UGLf0++oKrQOzt/AEx6IPBYu2/UKdO9S57pWVIUVno1JCSdfQSUGqoJG7
vH+cZ6ynMf5Ze3G+yCjrwOfq0VbviNNGYqxj3tylnYE3i5ZiAkUvkOYfrNkCgYBa
rZBvyN88Zt+62pEbxOm7dxq46VUE6IjsL/EVAb9IDL99U8Pz7Iy0h06xRh2PFb52
7BVdas3UtuZUSwKBTIHbCbHlomrFnFWaEQ/mW9KpYNorDvMOC7cu2aMM2sXooqJI
976lP6IZgRiiVR36rp4aaA3W83mWiaOgejMtRgORxQKBgQDTMG0Wl3FbPZ57uqmi
rE2Gwr1TiZ7LcYSEt4Z7KQV/u0Q7b9hyNXctaK2DzcEz+wA1eiAzioC9ZULOVVvW
xZzVvj2D741A6EXMITa3E/Wv1XkbotNg8RXG8lvNY/IJ+35TZGBNzJ4gD+n0lOCK
IrdIMYPrt9dcGIqqRE4wwaeLmA==
-----END PRIVATE KEY-----

cyphertext:

mbPLBF3YNmyb5AD1vk6D8K0C9AiRU3C2a2aCKXpzDXb1uUCy7KYUFB3bOoU4ZhU7RXcWr9VHZq3APxtdyqKyEqr48NqVEPeBuYsDjcgDfPBFdPXf36f1FveeCJ7cFtHIvGy9/2EHIyNyXKy/6VaoakGRwBB3V14shXdqCDIW2FfEdUcfka5X8sAroq9pKrTGbN21hwtbiAjP2MmTHDYWu1zhDmrKxdcBbP6wdBgnZodCwGhBw11uXoEAnL1/yYFFqGZeKAhzxfjdPY2irvAuQOPN3U7UDBF0zhyMNF07JbCccCsNIguX4esferShw8w1mVzAxgwHzbjDpudko1/VSg==

I saved these into two files, privatekey.pem and cypher.text. Then I base64 decoded the cyphertext:

cat cypher.text | base64 --decode > -in cypher.bin

And use openssl to decrypt this:

openssl rsautl -decrypt -inkey privatekey.pem -in cypher.bin -oaep

This gives me the cleartext! So it appears that phpseclib has an issue in decoding.

Answer 1

It turns out that the hash has to be set in the decryption method with BOTH:

$rsa->setMGFHash('sha1');
$rsa->setHash('sha1');

Although i had tried it with setHash(), it was not enough without also setMGFHash()