Sample code for 30+ languages & platforms
Unicode C

Duplicate PHP's openssl_encrypt and openssl_random_pseudo_bytes

See more OpenSSL Examples

Demonstrates how to duplicate PHP's openssl_encrypt function. (https://www.php.net/manual/en/function.openssl-encrypt.php)

Chilkat Unicode C Downloads

Unicode C
#include <C_CkCrypt2W.h>
#include <C_CkBinDataW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCrypt2W crypt;
    const wchar_t *text;
    const wchar_t *passphrase;
    const wchar_t *ivBase64;
    HCkBinDataW bdKey;
    int sz;
    const wchar_t *cipherText64;
    HCkBinDataW bd;
    const wchar_t *result;
    HCkBinDataW bdResult;
    const wchar_t *originalText;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Duplicates thw following PHP script:

    // $text = "This is a test";
    // $passphrase = "my password";
    // $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("AES-256-CBC"));
    // $crypted = base64_encode($iv.openssl_encrypt($text, "AES-256-CBC", $passphrase, OPENSSL_RAW_DATA, $iv));
    // echo $crypted;

    crypt = CkCrypt2W_Create();

    text = L"This is a test";
    passphrase = L"my password";

    // AES is a block cipher.  The IV size for any block cipher is the size of the block, which is defined by the encryption algorithm. 
    // For AES, the block size is always 16 bytes, regardless of key size (i.e. 128-bits, 192-bits, or 256-bits).
    // Therefore, generate 16 random bytes for the IV.
    CkCrypt2W_putEncodingMode(crypt,L"base64");
    ivBase64 = CkCrypt2W_genRandomBytesENC(crypt,16);

    wprintf(L"Generated IV = %s\n",ivBase64);

    // Because we're doing AES-256-CBC, the key length must be 256-bits (i.e. 32 bytes).
    // Given that our passphrase is a us-ascii string that can be shorter or longer than 32-bytes, we need to 
    // somehow transform the passphrase to a 32-byte secret key.  We need to know what openssl_encrypt does.
    // Here's the answer from the openssl_encrypt documentation:
    // 
    // "If the passphrase is shorter than expected, it is silently padded with NUL characters; 
    // if the passphrase is longer than expected, it is silently truncated."

    // OK.... so let's pad or shorten to get a 32-byte key.
    bdKey = CkBinDataW_Create();
    CkBinDataW_AppendString(bdKey,passphrase,L"utf-8");

    sz = CkBinDataW_getNumBytes(bdKey);
    if (sz > 32) {
        CkBinDataW_RemoveChunk(bdKey,32,sz - 32);
    }
    else {
        CkBinDataW_Clear(bdKey);
        CkBinDataW_AppendPadded(bdKey,passphrase,L"utf-8",FALSE,32);
    }

    // Setup for encryption.
    CkCrypt2W_putCryptAlgorithm(crypt,L"aes");
    CkCrypt2W_putKeyLength(crypt,256);
    CkCrypt2W_SetEncodedIV(crypt,ivBase64,L"base64");
    CkCrypt2W_SetEncodedKey(crypt,CkBinDataW_getEncoded(bdKey,L"base64"),L"base64");

    // Encrypt and base64 encode.
    cipherText64 = CkCrypt2W_encryptStringENC(crypt,text);

    // The PHP code fragment above returns the base64 encoded bytes of the IV and the encrypted text.
    // So let's do that..
    bd = CkBinDataW_Create();
    CkBinDataW_AppendEncoded(bd,ivBase64,L"base64");
    CkBinDataW_AppendEncoded(bd,cipherText64,L"base64");
    result = CkBinDataW_getEncoded(bd,L"base64");

    wprintf(L"result = %s\n",result);

    // Sample output:
    // dN0vS1O0cWi5BbLAAY+NTf7bs3S27xzPf11RkG47sjs=

    // Now let's decrypt from the output...

    // Setup for decryption.
    CkCrypt2W_putCryptAlgorithm(crypt,L"aes");
    CkCrypt2W_putKeyLength(crypt,256);
    CkCrypt2W_SetEncodedKey(crypt,CkBinDataW_getEncoded(bdKey,L"base64"),L"base64");

    bdResult = CkBinDataW_Create();
    CkBinDataW_AppendEncoded(bdResult,result,L"base64");
    CkCrypt2W_SetEncodedIV(crypt,CkBinDataW_getEncodedChunk(bdResult,0,16,L"base64"),L"base64");

    // Remove the IV (first 16 bytes) from the result.
    CkBinDataW_RemoveChunk(bdResult,0,16);
    success = CkCrypt2W_DecryptBd(crypt,bdResult);
    originalText = CkBinDataW_getString(bdResult,L"utf-8");

    wprintf(L"original text = %s\n",originalText);


    CkCrypt2W_Dispose(crypt);
    CkBinDataW_Dispose(bdKey);
    CkBinDataW_Dispose(bd);
    CkBinDataW_Dispose(bdResult);

    }