Openssl asymmetric encryption without salt (in php)

Question

I need to encrypt a string data with SSH-2 RSA 1024 bit ( with the public key ) then with RMD-160 algorithm. I do it like this:

generate private key:

openssl genrsa -des3 -out privatekey.key 1024

public key:

openssl rsa -in privatekey.key -pubout -out public.pem

encrypt the data:

openssl rsautl -encrypt -inkey public.pem -pubin -in file.txt -out encrypted_data.txt

But , the request is: need to get the same output with the same input! For example if the input string is "some data" and the encrypted string is "a23c40327a6c5a67a5bb332" then i need to get the "a23c40327a6c5a67a5bb332" output every time when the input is "some data"

Can i do it with asymmetric encryption?

I know it can be done with symmetric encryption like DES with the -nosalt option

openssl des3 -nosalt -in file.txt -out file.des3

but is it possible with asymmetric encryption?

Answer 1

Cameron Skinner is right - you should be making use of randomized padding.

That said, if you don't want to, you can use phpseclib, a pure PHP RSA implementation, to do so, as follows:

$ciphertext = base64_decode('...');
$ciphertext = new Math_BigInteger($ciphertext, 256);
echo $rsa->_exponentiate($ciphertext)->toBytes();

It's a hackish solution since phpseclib doesn't natively let you do RSA encryption without randomized padding but it does get the job done.

Answer 2

Probably not.

The man page for openssl shows that the rsautl sub-command accepts pkcs1 1.5 padding, oaep padding, backwards-compatible SSL padding or no padding. All of these (except no padding) generate random data to pad the message, so no two encryptions will generate that same ciphertext (this is a good thing).

If you can manually pad your data to the right length then you might be able to use no padding but be warned that this will significantly weaken your security.