Solved

PHP  AES Bit     - 256 Bit  Encryption

Posted on 2015-01-08
5
741 Views
Last Modified: 2015-01-13
Hello I am trying to use PHP to encrypt a string using AES 256 but I can not seem to get the correct out put..The information below shows what I am trying to encrypt and the correct output..Any help would be greatly appreciated.


Algorithm Details
 
Name - AES
Bit     - 256 Bit  
Key  - bvXB4fMlk5hjkacfg28GTdr270FGHgdc
IV -  jTfQrHFg4esdrtyRE8gh45rtyFG8tm1e
 
 
use the following simple text for testing:
 
plain text(input):   Hodanglobal
 
Encrypted text (output): 0hVNjVnRrmFS10x647nA/WAkWSuPOpbUgewMIJnBd+I=
0
Comment
Question by:bradley525
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40538526
Please show us the code you are trying to use.  Note that there are differences in the way things are handled by Microsoft .NET code and PHP.
0
 

Author Comment

by:bradley525
ID: 40538644
I am using the following code. And it is rendering the following errors...Thanks!

Before encryption: Hodanglobal
Warning: openssl_encrypt(): IV passed is 32 bytes long which is longer than the 16 expected by selected cipher, truncating in C:\Inetpub\vhosts\hodanfinancial.com\httpdocs\encrypt.php on line 75
Encrypted: 2LeVFWKbJQPUkO0gSHNH6Q==
Warning: openssl_decrypt(): IV passed is 32 bytes long which is longer than the 16 expected by selected cipher, truncating in C:\Inetpub\vhosts\hodanfinancial.com\httpdocs\encrypt.php on line 88
Decrypted: Hodanglobal

// DEFINE our cipher
define('AES_256_CBC', 'aes-256-cbc');

// Generate a 256-bit encryption key
// This should be stored somewhere instead of recreating it each time
//$encryption_key = openssl_random_pseudo_bytes(32);
$encryption_key =  'bvXB4fMlk5hjkacfg28GTdr270FGHgdc';
// Generate an initialization vector
// This *MUST* be available for decryption as well
//$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(AES_256_CBC));
$iv = 'jTfQrHFg4esdrtyRE8gh45rtyFG8tm1e';
// Create some data to encrypt
$data = "Hodanglobal";
echo "Before encryption: $data\n";

// Encrypt $data using aes-256-cbc cipher with the given encryption key and 
// our initialization vector. The 0 gives us the default options, but can
// be changed to OPENSSL_RAW_DATA or OPENSSL_ZERO_PADDING
$encrypted = openssl_encrypt($data, AES_256_CBC, $encryption_key, 0, $iv);
echo "Encrypted: $encrypted\n";

// If we lose the $iv variable, we can't decrypt this, so append it to the 
// encrypted data with a separator that we know won't exist in base64-encoded 
// data
$encrypted = $encrypted . ':' . $iv;

// To decrypt, separate the encrypted data from the initialization vector ($iv)
$parts = explode(':', $encrypted);
// $parts[0] = encrypted data
// $parts[1] = initialization vector

$decrypted = openssl_decrypt($parts[0], AES_256_CBC, $encryption_key, 0, $parts[1]);
echo "Decrypted: $decrypted\n";

Open in new window

0
 

Accepted Solution

by:
bradley525 earned 0 total points
ID: 40538674
Got it to work...


ini_set('display_errors', 1);
error_reporting(E_ALL);

// I blantantly stole, tweaked and happily used this code from: 
// Lord of Ports http://www.experts-exchange.com/M_1736399.html

/*
$ky = 'lkirwf897+22#bbtrm8814z5qq=498j5'; // 32 * 8 = 256 bit key
$iv = '741952hheeyy66#cs!9hjv887mxx7@8y'; // 32 * 8 = 256 bit iv
*/
$ky = 'bvXB4fMlk5hjkacfg28GTdr270FGHgdc';
$iv = 'jTfQrHFg4esdrtyRE8gh45rtyFG8tm1e';

$text = "Hodanglobal";

$from_vb = "0hVNjVnRrmFS10x647nA/WAkWSuPOpbUgewMIJnBd+I=";   // enter value from vb.net app here to test

$etext = encryptRJ256($ky, $iv, $text);
$dtext = decryptRJ256($ky, $iv, $etext);
$vtext = decryptRJ256($ky, $iv, $from_vb);

echo "<HR>orignal string: $text";
echo "<HR>encrypted in php: $etext";
echo "<HR>decrypted in php: $dtext";
echo "<HR>encrypted in vb: $from_vb";
echo "<HR>from vb decrypted in php: $vtext"; 



exit;



function decryptRJ256($key,$iv,$string_to_decrypt)
{

    $string_to_decrypt = base64_decode($string_to_decrypt);

    $rtn = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_decrypt, MCRYPT_MODE_CBC, $iv);

    $rtn = rtrim($rtn, "\0\4");

    return($rtn);

}


function encryptRJ256($key,$iv,$string_to_encrypt)
{

    $rtn = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_encrypt, MCRYPT_MODE_CBC, $iv);

    $rtn = base64_encode($rtn);

    return($rtn);

}    

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40538696
The functions are almost undocumented.  http://php.net/manual/en/function.openssl-encrypt.php  I suggest you believe their error messages and use a 16 byte key for $iv.
0
 

Author Closing Comment

by:bradley525
ID: 40546202
Figured it out myself..It seems to have worked!
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question