Sample code for 30+ languages & platforms
Swift

Duplicate PHP's openssl_encrypt and openssl_random_pseudo_bytes

See more OpenSSL Examples

Demonstrates how to duplicate PHP's openssl_encrypt function. (https://www.php.net/manual/en/function.openssl-encrypt.php)

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Duplicates thw following PHP script:

    // $text = "This is a test";
    // $passphrase = "my password";
    // $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("AES-256-CBC"));
    // $crypted = base64_encode($iv.openssl_encrypt($text, "AES-256-CBC", $passphrase, OPENSSL_RAW_DATA, $iv));
    // echo $crypted;

    let crypt = CkoCrypt2()!

    var text: String? = "This is a test"
    var passphrase: String? = "my password"

    // AES is a block cipher.  The IV size for any block cipher is the size of the block, which is defined by the encryption algorithm. 
    // For AES, the block size is always 16 bytes, regardless of key size (i.e. 128-bits, 192-bits, or 256-bits).
    // Therefore, generate 16 random bytes for the IV.
    crypt.encodingMode = "base64"
    var ivBase64: String? = crypt.genRandomBytesENC(numBytes: 16)

    print("Generated IV = \(ivBase64!)")

    // Because we're doing AES-256-CBC, the key length must be 256-bits (i.e. 32 bytes).
    // Given that our passphrase is a us-ascii string that can be shorter or longer than 32-bytes, we need to 
    // somehow transform the passphrase to a 32-byte secret key.  We need to know what openssl_encrypt does.
    // Here's the answer from the openssl_encrypt documentation:
    // 
    // "If the passphrase is shorter than expected, it is silently padded with NUL characters; 
    // if the passphrase is longer than expected, it is silently truncated."

    // OK.... so let's pad or shorten to get a 32-byte key.
    let bdKey = CkoBinData()!
    bdKey.appendString(str: passphrase, charset: "utf-8")

    var sz: Int = bdKey.numBytes.intValue
    if sz > 32 {
        bdKey.removeChunk(offset: 32, numBytes: sz - 32)
    }
    else {
        bdKey.clear()
        bdKey.appendPadded(str: passphrase, charset: "utf-8", padWithSpace: false, fieldLen: 32)
    }

    // Setup for encryption.
    crypt.cryptAlgorithm = "aes"
    crypt.keyLength = 256
    crypt.setEncodedIV(ivStr: ivBase64, encoding: "base64")
    crypt.setEncodedKey(keyStr: bdKey.getEncoded(encoding: "base64"), encoding: "base64")

    // Encrypt and base64 encode.
    var cipherText64: String? = crypt.encryptStringENC(str: text)

    // The PHP code fragment above returns the base64 encoded bytes of the IV and the encrypted text.
    // So let's do that..
    let bd = CkoBinData()!
    bd.appendEncoded(encData: ivBase64, encoding: "base64")
    bd.appendEncoded(encData: cipherText64, encoding: "base64")
    var result: String? = bd.getEncoded(encoding: "base64")

    print("result = \(result!)")

    // Sample output:
    // dN0vS1O0cWi5BbLAAY+NTf7bs3S27xzPf11RkG47sjs=

    // Now let's decrypt from the output...

    // Setup for decryption.
    crypt.cryptAlgorithm = "aes"
    crypt.keyLength = 256
    crypt.setEncodedKey(keyStr: bdKey.getEncoded(encoding: "base64"), encoding: "base64")

    let bdResult = CkoBinData()!
    bdResult.appendEncoded(encData: result, encoding: "base64")
    crypt.setEncodedIV(ivStr: bdResult.getEncodedChunk(offset: 0, numBytes: 16, encoding: "base64"), encoding: "base64")

    // Remove the IV (first 16 bytes) from the result.
    bdResult.removeChunk(offset: 0, numBytes: 16)
    success = crypt.decryptBd(bd: bdResult)
    var originalText: String? = bdResult.getString(charset: "utf-8")

    print("original text = \(originalText!)")

}