Sample code for 30+ languages & platforms
PureBasic

Duplicate PHP's openssl_encrypt and openssl_random_pseudo_bytes

See more OpenSSL Examples

Demonstrates how to duplicate PHP's openssl_encrypt function. (https://www.php.net/manual/en/function.openssl-encrypt.php)

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCrypt2.pb"
IncludeFile "CkBinData.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; Duplicates thw following PHP script:

    ; $text = "This is a test";
    ; $passphrase = "my password";
    ; $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("AES-256-CBC"));
    ; $crypted = base64_encode($iv.openssl_encrypt($text, "AES-256-CBC", $passphrase, OPENSSL_RAW_DATA, $iv));
    ; echo $crypted;

    crypt.i = CkCrypt2::ckCreate()
    If crypt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    text.s = "This is a test"
    passphrase.s = "my password"

    ; AES is a block cipher.  The IV size for any block cipher is the size of the block, which is defined by the encryption algorithm. 
    ; For AES, the block size is always 16 bytes, regardless of key size (i.e. 128-bits, 192-bits, or 256-bits).
    ; Therefore, generate 16 random bytes for the IV.
    CkCrypt2::setCkEncodingMode(crypt, "base64")
    ivBase64.s = CkCrypt2::ckGenRandomBytesENC(crypt,16)

    Debug "Generated IV = " + ivBase64

    ; Because we're doing AES-256-CBC, the key length must be 256-bits (i.e. 32 bytes).
    ; Given that our passphrase is a us-ascii string that can be shorter or longer than 32-bytes, we need to 
    ; somehow transform the passphrase to a 32-byte secret key.  We need to know what openssl_encrypt does.
    ; Here's the answer from the openssl_encrypt documentation:
    ; 
    ; "If the passphrase is shorter than expected, it is silently padded with NUL characters; 
    ; if the passphrase is longer than expected, it is silently truncated."

    ; OK.... so let's pad or shorten to get a 32-byte key.
    bdKey.i = CkBinData::ckCreate()
    If bdKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendString(bdKey,passphrase,"utf-8")

    sz.i = CkBinData::ckNumBytes(bdKey)
    If sz > 32
        CkBinData::ckRemoveChunk(bdKey,32,sz - 32)
    Else
        CkBinData::ckClear(bdKey)
        CkBinData::ckAppendPadded(bdKey,passphrase,"utf-8",0,32)
    EndIf

    ; Setup for encryption.
    CkCrypt2::setCkCryptAlgorithm(crypt, "aes")
    CkCrypt2::setCkKeyLength(crypt, 256)
    CkCrypt2::ckSetEncodedIV(crypt,ivBase64,"base64")
    CkCrypt2::ckSetEncodedKey(crypt,CkBinData::ckGetEncoded(bdKey,"base64"),"base64")

    ; Encrypt and base64 encode.
    cipherText64.s = CkCrypt2::ckEncryptStringENC(crypt,text)

    ; The PHP code fragment above returns the base64 encoded bytes of the IV and the encrypted text.
    ; So let's do that..
    bd.i = CkBinData::ckCreate()
    If bd.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bd,ivBase64,"base64")
    CkBinData::ckAppendEncoded(bd,cipherText64,"base64")
    result.s = CkBinData::ckGetEncoded(bd,"base64")

    Debug "result = " + result

    ; Sample output:
    ; dN0vS1O0cWi5BbLAAY+NTf7bs3S27xzPf11RkG47sjs=

    ; Now let's decrypt from the output...

    ; Setup for decryption.
    CkCrypt2::setCkCryptAlgorithm(crypt, "aes")
    CkCrypt2::setCkKeyLength(crypt, 256)
    CkCrypt2::ckSetEncodedKey(crypt,CkBinData::ckGetEncoded(bdKey,"base64"),"base64")

    bdResult.i = CkBinData::ckCreate()
    If bdResult.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bdResult,result,"base64")
    CkCrypt2::ckSetEncodedIV(crypt,CkBinData::ckGetEncodedChunk(bdResult,0,16,"base64"),"base64")

    ; Remove the IV (first 16 bytes) from the result.
    CkBinData::ckRemoveChunk(bdResult,0,16)
    success = CkCrypt2::ckDecryptBd(crypt,bdResult)
    originalText.s = CkBinData::ckGetString(bdResult,"utf-8")

    Debug "original text = " + originalText


    CkCrypt2::ckDispose(crypt)
    CkBinData::ckDispose(bdKey)
    CkBinData::ckDispose(bd)
    CkBinData::ckDispose(bdResult)


    ProcedureReturn
EndProcedure