PHP AES encrypt decrypt

Question

I found an example for en decoding strings in PHP  At first it looks very good but it wont work  -   Does anyone know what the problem is    Pass    Passwort    Clear    Klartext     crypted   fnEncrypt  Clear   Pass   echo  Encrypted     crypted   lt  br gt      newClear   fnDecrypt  crypted   Pass   echo  Decrypted     newClear   lt  br gt     function fnEncrypt  sValue   sSecretKey        return trim base64 encode mcrypt encrypt MCRYPT RIJNDAEL 256   sSecretKey   sDecrypted  MCRYPT MODE ECB  mcrypt create iv mcrypt get iv size MCRYPT RIJNDAEL 256  MCRYPT MODE ECB   MCRYPT RAND         function fnDecrypt  sValue   sSecretKey        return trim mcrypt decrypt MCRYPT RIJNDAEL 256   sSecretKey  base64 decode  sEncrypted   MCRYPT MODE ECB  mcrypt create iv mcrypt get iv size MCRYPT RIJNDAEL 256  MCRYPT MODE ECB   MCRYPT RAND         The result is   Encrypted  boKRNTYYNp7AiOvY1CidqsAn9wX4ufz D9XrpjAOPk8   Decrypted                  y   F                    2   B

User · Answer

Here s an improved version based on code written by blade  add comments overwrite arguments before throwing to avoid leaking secrets with the exception check return values from openssl and hmac functions  The code  class Crypto                  Encrypt data using OpenSSL  AES-256-CBC          param string  plaindata Data to be encrypted         param string  cryptokey key for encryption  with 256 bit of entropy          param string  hashkey key for hashing  with 256 bit of entropy          return string IV Hash Encrypted as raw binary string  The first 16            bytes is IV  next 32 bytes is HMAC-SHA256 and the rest is             plaindata as encrypted          throws Exception on internal error               Based on code from  https   stackoverflow com a 46872528             public static function encrypt  plaindata   cryptokey   hashkey                 method    quot AES-256-CBC quot            key   hash  sha256    cryptokey  true            iv   openssl random pseudo bytes 16             cipherdata   openssl encrypt  plaindata   method   key  OPENSSL RAW DATA   iv            if   cipherdata     false                         cryptokey    quot   REMOVED   quot                hashkey    quot   REMOVED   quot               throw new  Exception  quot Internal error  openssl encrypt   failed  quot  openssl error string                         hash   hash hmac  sha256    cipherdata  iv   hashkey  true            if   hash     false                         cryptokey    quot   REMOVED   quot                hashkey    quot   REMOVED   quot               throw new  Exception  quot Internal error  hash hmac   failed quot                       return  iv  hash  cipherdata                       Decrypt data using OpenSSL  AES-256-CBC          param string  encrypteddata IV Hash Encrypted as raw binary string            where the first 16 bytes is IV  next 32 bytes is HMAC-SHA256 and            the rest is encrypted payload          param string  cryptokey key for decryption  with 256 bit of entropy          param string  hashkey key for hashing  with 256 bit of entropy          return string Decrypted data         throws Exception on internal error               Based on code from  https   stackoverflow com a 46872528             public static function decrypt  encrypteddata   cryptokey   hashkey                 method    quot AES-256-CBC quot            key   hash  sha256    cryptokey  true            iv   substr  encrypteddata  0  16            hash   substr  encrypteddata  16  32            cipherdata   substr  encrypteddata  48            if   hash equals hash hmac  sha256    cipherdata  iv   hashkey  true    hash                          cryptokey    quot   REMOVED   quot                hashkey    quot   REMOVED   quot               throw new  Exception  quot Internal error  Hash verification failed quot                        plaindata   openssl decrypt  cipherdata   method   key  OPENSSL RAW DATA   iv            if   plaindata     false                         cryptokey    quot   REMOVED   quot                hashkey    quot   REMOVED   quot               throw new  Exception  quot Internal error  openssl decrypt   failed  quot  openssl error string                        return  plaindata           If you truly cannot have proper encryption and hash keys but have to use an user entered password as the only secret  you can do something like this          param string  password user entered password as the only source of      entropy to generate encryption key and hash key      return array  encryption key   hash key  - note that PBKDF2 algorithm      has been configured to take around 1-2 seconds per conversion      from password to keys on a normal CPU to prevent brute force attacks      public static function generate encryptionkey hashkey from password  password         hash   hash pbkdf2  quot sha512 quot    quot  password quot    quot salt password quot   1500000       return str split  hash  64

User · Answer

Please use an existing secure PHP encryption library  It s generally a bad idea to write your own cryptography unless you have experience breaking other peoples  cryptography implementations   None of the examples here authenticate the ciphertext  which leaves them vulnerable to bit-rewriting attacks   If you can install PECL extensions  libsodium is even better   lt  php    PECL libsodium 0 2 1 and newer         Encrypt a message         param string  message - message to encrypt     param string  key - encryption key     return string     function safeEncrypt  message   key         nonce    Sodium randombytes buf           Sodium CRYPTO SECRETBOX NONCEBYTES             return base64 encode           nonce           Sodium crypto secretbox               message               nonce               key                            Decrypt a message         param string  encrypted - message encrypted with safeEncrypt       param string  key - encryption key     return string     function safeDecrypt  encrypted   key            decoded   base64 decode  encrypted        nonce   mb substr  decoded  0   Sodium CRYPTO SECRETBOX NONCEBYTES   8bit         ciphertext   mb substr  decoded   Sodium CRYPTO SECRETBOX NONCEBYTES  null   8bit         return  Sodium crypto secretbox open           ciphertext           nonce           key                Then to test it out    lt  php    This refers to the previous code block  require  safeCrypto php        Do this once then store it somehow   key    Sodium randombytes buf  Sodium CRYPTO SECRETBOX KEYBYTES    message    We are all living in a yellow submarine     ciphertext   safeEncrypt  message   key    plaintext   safeDecrypt  ciphertext   key    var dump  ciphertext   var dump  plaintext     This can be used in any situation where you are passing data to the client  e g  encrypted cookies for sessions without server-side storage  encrypted URL parameters  etc   with a reasonably high degree of certainty that the end user cannot decipher or reliably tamper with it   Since libsodium is cross-platform  this also makes it easier to communicate with PHP from  e g  Java applets or native mobile apps     Note  If you specifically need to add encrypted cookies powered by libsodium to your app  my employer Paragon Initiative Enterprises is developing a library called Halite that does all of this for you

User · Answer

This is a working solution of AES encryption - implemented using openssl  It uses the Cipher Block Chaining Mode  CBC-Mode   Thus  alongside  data and  key  you can specify iv and block size    lt  php       class AESEncryption                protected  key              protected  data              protected  method              protected  iv                                  Available OPENSSL RAW DATA   OPENSSL ZERO PADDING                                var type  options                             protected  options   0                                                   param type  data                 param type  key                 param type  iv                 param type  blockSize                 param type  mode                             public function   construct  data   null   key   null   iv   null   blockSize   null   mode    CBC                      this- gt setData  data                    this- gt setKey  key                    this- gt setInitializationVector  iv                    this- gt setMethod  blockSize   mode                                                                  param type  data                             public function setData  data                     this- gt data    data                                                                 param type  key                             public function setKey  key                     this- gt key    key                                                CBC 128 192 256                CBC-HMAC-SHA1 128 256               CBC-HMAC-SHA256 128 256               CFB 128 192 256               CFB1 128 192 256               CFB8 128 192 256               CTR 128 192 256               ECB 128 192 256               OFB 128 192 256               XTS 128 256                 param type  blockSize                 param type  mode                             public function setMethod  blockSize   mode    CBC                     if  blockSize  192  amp  amp  in array     array  CBC-HMAC-SHA1   CBC-HMAC-SHA256   XTS                           this- gt method null                      throw new Exception  Invalid block size and mode combination                                        this- gt method    AES-     blockSize    -     mode                                                                 param type  data                             public function setInitializationVector  iv                     this- gt iv    iv                                                                 return boolean                             public function validateParams                     if   this- gt data    null  amp  amp                           this- gt method    null                         return true                    else                       return FALSE                                                 it must be the same when you encrypt and decrypt             protected function getIV                      return  this- gt iv                                                  return type                 throws Exception                             public function encrypt                     if   this- gt validateParams                           return trim openssl encrypt  this- gt data   this- gt method   this- gt key   this- gt options  this- gt getIV                        else                       throw new Exception  Invalid params                                                                                      return type                 throws Exception                             public function decrypt                     if   this- gt validateParams                          ret openssl decrypt  this- gt data   this- gt method   this- gt key   this- gt options  this- gt getIV                         return   trim  ret                      else                       throw new Exception  Invalid params                                                  Sample usage    lt  php          data   json encode   first name   gt  Dunsin   last name   gt  Olubobokun   country   gt  Nigeria              inputKey    W92ZB837943A711B98D35E799DFE3Z18            iv    tuqZQhKP48e8Piuc            blockSize   256           aes   new AESEncryption  data   inputKey   iv   blockSize            enc    aes- gt encrypt             aes- gt setData  enc            dec  aes- gt decrypt            echo  After encryption     enc   lt br  gt            echo  After decryption     dec   lt br  gt

User · Answer

sDecrypted and  sEncrypted  were undefined in your code   See a solution that works  but is not secure       STOP      This example is insecure  Do not use it       Pass    Passwort    Clear    Klartext             crypted   fnEncrypt  Clear   Pass   echo  Encrypred     crypted   lt  br gt      newClear   fnDecrypt  crypted   Pass   echo  Decrypred     newClear   lt  br gt             function fnEncrypt  sValue   sSecretKey        return rtrim          base64 encode              mcrypt encrypt                  MCRYPT RIJNDAEL 256                   sSecretKey   sValue                   MCRYPT MODE ECB                   mcrypt create iv                      mcrypt get iv size                          MCRYPT RIJNDAEL 256                           MCRYPT MODE ECB                                             MCRYPT RAND                                     0                function fnDecrypt  sValue   sSecretKey        return rtrim          mcrypt decrypt              MCRYPT RIJNDAEL 256                sSecretKey               base64 decode  sValue                MCRYPT MODE ECB              mcrypt create iv                  mcrypt get iv size                      MCRYPT RIJNDAEL 256                      MCRYPT MODE ECB                                     MCRYPT RAND                            0             But there are other problems in this code which make it insecure  in particular the use of ECB  which is not an encryption mode  only a building block on top of which encryption modes can be defined   See Fab Sa s answer for a quick fix of the worst problems and Scott s answer for how to do this right

User · Answer

If you are using MCRYPT RIJNDAEL 128  try rtrim  output    0 3    If the length of the string is less than 16  the decrypt function will return a string with length of 16 characters  adding 03 at the end   You can easily check this  e g  by trying    string    TheString    decrypted string   decrypt function  stirng   key    echo bin2hex  decrypted string      bin2hex  TheString

User · Answer

These are compact methods to encrypt   decrypt strings with PHP using AES256 CBC  function encryptString  plaintext   password   encoding   null         iv   openssl random pseudo bytes 16        ciphertext   openssl encrypt  plaintext   quot AES-256-CBC quot   hash  sha256    password  true   OPENSSL RAW DATA   iv        hmac   hash hmac  sha256    ciphertext  iv  hash  sha256    password  true   true       return  encoding     quot hex quot    bin2hex  iv  hmac  ciphertext      encoding     quot base64 quot    base64 encode  iv  hmac  ciphertext     iv  hmac  ciphertext      function decryptString  ciphertext   password   encoding   null         ciphertext    encoding     quot hex quot    hex2bin  ciphertext      encoding     quot base64 quot    base64 decode  ciphertext     ciphertext       if   hash equals hash hmac  sha256   substr  ciphertext  48  substr  ciphertext  0  16   hash  sha256    password  true   true   substr  ciphertext  16  32    return null      return openssl decrypt substr  ciphertext  48    quot AES-256-CBC quot   hash  sha256    password  true   OPENSSL RAW DATA  substr  ciphertext  0  16       Usage   enc   encryptString  quot mysecretText quot    quot myPassword quot     dec   decryptString  enc   quot myPassword quot

User · Answer

If you don t want to use a heavy dependency for something solvable in 15 lines of code  use the built in OpenSSL functions  Most PHP installations come with OpenSSL  which provides fast  compatible and secure AES encryption in PHP  Well  it s secure as long as you re following the best practices   The following code    uses AES256 in CBC mode is compatible with other AES implementations  but not mcrypt  since mcrypt uses PKCS 5 instead of PKCS 7  generates a key from the provided password using SHA256 generates a hmac hash of the encrypted data for integrity check generates a random IV for each message prepends the IV  16 bytes  and the hash  32 bytes  to the ciphertext should be pretty secure   IV is a public information and needs to be random for each message  The hash ensures that the data hasn t been tampered with   function encrypt  plaintext   password         method    AES-256-CBC        key   hash  sha256    password  true        iv   openssl random pseudo bytes 16         ciphertext   openssl encrypt  plaintext   method   key  OPENSSL RAW DATA   iv        hash   hash hmac  sha256    ciphertext    iv   key  true        return  iv    hash    ciphertext     function decrypt  ivHashCiphertext   password         method    AES-256-CBC        iv   substr  ivHashCiphertext  0  16        hash   substr  ivHashCiphertext  16  32        ciphertext   substr  ivHashCiphertext  48        key   hash  sha256    password  true        if   hash equals hash hmac  sha256    ciphertext    iv   key  true    hash   return null       return openssl decrypt  ciphertext   method   key  OPENSSL RAW DATA   iv       Usage    encrypted   encrypt  Plaintext string     password       this yields a binary string  echo decrypt  encrypted   password       decrypt  encrypted   wrong password       null     edit  Updated to use hash equals and added IV to the hash

User · Answer

For information MCRYPT MODE ECB doesn t use the IV  initialization vector   ECB mode divide your message into blocks and each block is encrypted separately  I really don t recommended it   CBC mode use the IV to make each message unique  CBC is recommended and should be used instead of ECB   Example     lt  php  password    myPassword      messageClear    Secret message       32 byte binary blob  aes256Key   hash  SHA256    password  true       for good entropy  for MCRYPT RAND  srand  double  microtime     1000000      generate random iv  iv   mcrypt create iv mcrypt get iv size MCRYPT RIJNDAEL 256  MCRYPT MODE CBC   MCRYPT RAND      crypted   fnEncrypt  messageClear   aes256Key     newClear   fnDecrypt  crypted   aes256Key    echo  IV          lt code gt    iv   lt  code gt  lt br  gt     Encrypred   lt code gt    crypted   lt  code gt  lt br  gt     Decrypred   lt code gt    newClear   lt  code gt  lt br  gt     function fnEncrypt  sValue   sSecretKey        global  iv      return rtrim base64 encode mcrypt encrypt MCRYPT RIJNDAEL 256   sSecretKey   sValue  MCRYPT MODE CBC   iv      0 3       function fnDecrypt  sValue   sSecretKey        global  iv      return rtrim mcrypt decrypt MCRYPT RIJNDAEL 256   sSecretKey  base64 decode  sValue   MCRYPT MODE CBC   iv     0 3        You have to stock the IV to decode each message  IV are not secret   Each message is unique because each message has an unique IV    More informations about mode of operation  wikipedia

User · Answer

If you are using PHP    7 2 consider using inbuilt sodium core extension for encrption    Find more information here - http   php net manual en intro sodium php

User · Answer

Few important things to note with AES encryption     Never use plain text as encryption key  Always hash the plain text key and then use for encryption   Always use Random IV  initialization vector  for encryption and decryption  True randomization is important   As mentioned above  don t use ecb  mode  use CBC instead

[php] PHP AES encrypt / decrypt

Examples related to php

Examples related to encryption

Examples related to cryptography

Examples related to aes

Examples related to encryption-symmetric