Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP ActiveX) Duplicate SQL Server ENCRYPTBYPASSPHRASESee more Encryption ExamplesDemonstrates how to duplicate SQL Server's ENCRYPTBYPASSPHRASE.
<?php // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For SQL Server 2008 - SQL Server 2016 we must use TripleDES with SHA1 // For SQL Server 2017 and later, use AES256 / SHA256. $password = 'tEst1234'; $encryptedHex_v1 = '0x010000001E8E7DCDBD4061B951999E25D18445D2305474D2D71EEE98A241C755246F58AB'; // Here's an encrypted string using AES256/SHA256 $encryptedHex_v2 = '0x02000000FFE880C0354780481E64EF25B6197A02E2A854A4BA9D8D9BDDFDAB27EB56537ABDA0B1D9C4D1050C91B313550DECF429'; // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbEncHex = new COM("Chilkat.StringBuilder"); $sbEncHex->Append($encryptedHex_v1); // If present, we don't want the leading "0x" if ($sbEncHex->StartsWith('0x',0) == 1) { $sbEncHex->RemoveCharsAt(0,2); } // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2') $crypt = new COM("Chilkat.Crypt2"); $crypt->EncodingMode = 'hex'; // The encrypted hex string will begin with either 01000000 or 02000000 // version 1 is produced by SQL Server 2008 to SQL Server 2016, and we must use TripleDES with SHA1 // version 2 is for SQL Server 2017 and later, and uses AES256 / SHA256. $v1 = $sbEncHex->StartsWith('01',0); $ivLen = 0; if ($v1 == 1) { $crypt->CryptAlgorithm = '3des'; $crypt->CipherMode = 'cbc'; $crypt->KeyLength = 168; $ivLen = 8; $hashAlg = 'sha1'; } else { $crypt->CryptAlgorithm = 'aes'; $crypt->CipherMode = 'cbc'; $crypt->KeyLength = 256; $ivLen = 16; $hashAlg = 'sha256'; } // Remove the SQL Server version info (i.e. the "01000000") $sbEncHex->RemoveCharsAt(0,8); // Get the IV part of the sbEncHex, and also remove it from the StringBuilder. $ivHex = $sbEncHex->getRange(0,$ivLen * 2,1); print 'IV = ' . $ivHex . "\n"; $crypt->SetEncodedIV($ivHex,'hex'); // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbPassword = new COM("Chilkat.StringBuilder"); $sbPassword->Append($password); $pwd_hash = $sbPassword->getHash($hashAlg,'hex','utf-16'); // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbKey = new COM("Chilkat.StringBuilder"); $sbKey->Append($pwd_hash); if ($v1 == 1) { // For v1, we only want the 1st 16 bytes of the 20 byte hash. // (remember, the hex encoding uses 2 chars per byte, so we remove the last 8 chars) $sbKey->Shorten(8); } print 'crypt key: ' . $sbKey->getAsString() . "\n"; $crypt->SetEncodedKey($sbKey->getAsString(),'hex'); // Decrypt // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.BinData') $bd = new COM("Chilkat.BinData"); $bd->AppendEncoded($sbEncHex->getAsString(),'hex'); $crypt->DecryptBd($bd); // The result is composed of a header of 8 bytes which we can discard. // The remainder is the decrypted text. // The header we are discarding is composed of: // Bytes 0-3: Magic number equal to 0DF0ADBA // Bytes 4-5: Number of integrity bytes, which is 0 unless an authenticator is used. We're assuming no authenticator is used. // Bytes 6-7: Number of plain-text bytes. We really don't need this because the CBC padding takes care of it. // Therefore, just return the data after the 1st 8 bytes. // Assuming the encrypted string was utf-8 text... $bd->RemoveChunk(0,8); $plainText = $bd->getString('utf-8'); print 'decrypted plain text: ' . $plainText . "\n"; // The output: // IV = 1E8E7DCDBD4061B9 // crypt key: 710B9C2E61ACCC9570D4112203BD9738 // decrypted plain text: Hello world. // ------------------------------------------------------------------------------------------ // To encrypt, do the reverse... // Let's do v1 with TripleDES with SHA1 // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2') $encryptor = new COM("Chilkat.Crypt2"); $encryptor->EncodingMode = 'hex'; $encryptor->CryptAlgorithm = '3des'; $encryptor->CipherMode = 'cbc'; $encryptor->KeyLength = 168; // Generate a random 8-byte IV // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Prng') $prng = new COM("Chilkat.Prng"); $ivHex = $prng->genRandom(8,'hex'); $encryptor->SetEncodedIV($ivHex,'hex'); // The binary password is generated the same as above. // We'll use the same password (and same binary password) $encryptor->SetEncodedKey($sbKey->getAsString(),'hex'); $plainTextLen = 8; $plainText = 'ABCD1234'; // Encrypt the header + the plain-text. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.BinData') $bdData = new COM("Chilkat.BinData"); $bdData->AppendEncoded('0DF0ADBA','hex'); $bdData->AppendEncoded('0000','hex'); $bdData->AppendInt2($plainTextLen,1); print 'header: ' . $bdData->getEncoded('hex') . "\n"; $bdData->AppendString($plainText,'utf-8'); $encryptor->EncryptBd($bdData); // Compose the result.. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbEnc = new COM("Chilkat.StringBuilder"); $sbEnc->Append('0x01000000'); $sbEnc->Append($ivHex); $sbEnc->Append($bdData->getEncoded('hex')); print 'result: ' . $sbEnc->getAsString() . "\n"; ?> |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.