I have a web application that uses private and public keys to encrypte my fillable form.
I'm using OPENSSL and PHP. My question is that how can i store private keys for each user in database or server? I dont know which one is more safely. Additionaly, my encyrption code ;
//create new private and public key
$new_key_pair = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
openssl_pkey_export($new_key_pair, $private_key_pem);
$details = openssl_pkey_get_details($new_key_pair);
$public_key_pem = $details['key'];
//create signature
//openssl_sign($data, $signature, $private_key_pem, OPENSSL_ALGO_SHA256);
//save for later
file_put_contents('private_key.pem', $private_key_pem);
file_put_contents('public_key.pem', $public_key_pem);
//file_put_contents('signature.dat', $signature);
//verify signature
//$r = openssl_verify($data, $signature, $public_key_pem, "sha256WithRSAEncryption");
//var_dump($r);
echo $private_key_pem;
echo "
";
echo $public_key_pem;
echo "
";
echo $data;
echo "
";
How can i prevent my private and public keys ? It shows on the screen