Lianja
Lianja
Duplicate PHP's openssl_encrypt and openssl_random_pseudo_bytes
See more OpenSSL Examples
Demonstrates how to duplicate PHP's openssl_encrypt function. (https://www.php.net/manual/en/function.openssl-encrypt.php)Chilkat Lianja Downloads
llSuccess = .F.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Duplicates thw following PHP script:
// $text = "This is a test";
// $passphrase = "my password";
// $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("AES-256-CBC"));
// $crypted = base64_encode($iv.openssl_encrypt($text, "AES-256-CBC", $passphrase, OPENSSL_RAW_DATA, $iv));
// echo $crypted;
loCrypt = createobject("CkCrypt2")
lcText = "This is a test"
lcPassphrase = "my password"
// AES is a block cipher. The IV size for any block cipher is the size of the block, which is defined by the encryption algorithm.
// For AES, the block size is always 16 bytes, regardless of key size (i.e. 128-bits, 192-bits, or 256-bits).
// Therefore, generate 16 random bytes for the IV.
loCrypt.EncodingMode = "base64"
lcIvBase64 = loCrypt.GenRandomBytesENC(16)
? "Generated IV = " + lcIvBase64
// Because we're doing AES-256-CBC, the key length must be 256-bits (i.e. 32 bytes).
// Given that our passphrase is a us-ascii string that can be shorter or longer than 32-bytes, we need to
// somehow transform the passphrase to a 32-byte secret key. We need to know what openssl_encrypt does.
// Here's the answer from the openssl_encrypt documentation:
//
// "If the passphrase is shorter than expected, it is silently padded with NUL characters;
// if the passphrase is longer than expected, it is silently truncated."
// OK.... so let's pad or shorten to get a 32-byte key.
loBdKey = createobject("CkBinData")
loBdKey.AppendString(lcPassphrase,"utf-8")
lnSz = loBdKey.NumBytes
if (lnSz > 32) then
loBdKey.RemoveChunk(32,lnSz - 32)
else
loBdKey.Clear()
loBdKey.AppendPadded(lcPassphrase,"utf-8",.F.,32)
endif
// Setup for encryption.
loCrypt.CryptAlgorithm = "aes"
loCrypt.KeyLength = 256
loCrypt.SetEncodedIV(lcIvBase64,"base64")
loCrypt.SetEncodedKey(loBdKey.GetEncoded("base64"),"base64")
// Encrypt and base64 encode.
lcCipherText64 = loCrypt.EncryptStringENC(lcText)
// The PHP code fragment above returns the base64 encoded bytes of the IV and the encrypted text.
// So let's do that..
loBd = createobject("CkBinData")
loBd.AppendEncoded(lcIvBase64,"base64")
loBd.AppendEncoded(lcCipherText64,"base64")
lcResult = loBd.GetEncoded("base64")
? "result = " + lcResult
// Sample output:
// dN0vS1O0cWi5BbLAAY+NTf7bs3S27xzPf11RkG47sjs=
// Now let's decrypt from the output...
// Setup for decryption.
loCrypt.CryptAlgorithm = "aes"
loCrypt.KeyLength = 256
loCrypt.SetEncodedKey(loBdKey.GetEncoded("base64"),"base64")
loBdResult = createobject("CkBinData")
loBdResult.AppendEncoded(lcResult,"base64")
loCrypt.SetEncodedIV(loBdResult.GetEncodedChunk(0,16,"base64"),"base64")
// Remove the IV (first 16 bytes) from the result.
loBdResult.RemoveChunk(0,16)
llSuccess = loCrypt.DecryptBd(loBdResult)
lcOriginalText = loBdResult.GetString("utf-8")
? "original text = " + lcOriginalText
release loCrypt
release loBdKey
release loBd
release loBdResult