I have problem with mine AES encryption class. Here it is:
<?php
require_once 'SecretData.php';
class AESEncryption
{
private static $AES_METHOD = 'aes-256-cbc';
public static function encrypt($data, $key = null)
{
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = openssl_random_pseudo_bytes($ivSize);
$encryptedData = openssl_encrypt($data, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedData);
}
public static function decrypt($data, $key = null)
{
$data = base64_decode($data);
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = mb_substr($data, 0, $ivSize, '8bit');
$decryptedData = mb_substr($data, $ivSize, null, '8bit');
return openssl_decrypt($decryptedData, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
}
}
Something in my login class was wrong, and I caught that this function is cause of errors. I made following debug file:
<?php require_once '/var/www/backend/security/HashingAlgorithms.php'; require_once '/var/www/backend/security/AESEncryption.php'; $data = 'alpha'; $enc = AESEncryption::encrypt($data); $dec = AESEncryption::decrypt($enc); echo 'Input: ' . $data . ' <> Encrypted: ' . $enc . ' <> Decrypted: ' . $dec; var_dump($dec);
This is an output:
Input: alpha <> Encrypted: 7hB1hNiSYvU+Hy4xgvHb2sf/cVa2NPkx4+3kX+qdvUM= <> Decrypted: bool(false)
When I looked at the code, everthing looks fine:
- I get key from SecretData function (secret key is 100% correct),
- Get IV length and generate it,
- OpenSSL encrypts data and I use base64 to store IV and encrypted value.
Same I did with decrypt function:
- Decode from base64,
- Get IV length and divide base64 decoded data to IV itself and encrypted data
- OpenSSL decrypt data and return value.
Can anyone look at this and tell me what is wrong
Advertisement
Answer
Without seeing the SecretData.php file, I cannot direct you to a specific point of failure. However, I can just create one dummy myself to confirm that the code itself works fine.
Code
<?php
class SecretData
{
public $universalAESKey = '79f0f1a2e72b6654bba3071ff8210c13';
}
class AESEncryption
{
private static $AES_METHOD = 'aes-256-cbc';
public static function encrypt($data, $key = null)
{
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = openssl_random_pseudo_bytes($ivSize);
$encryptedData = openssl_encrypt($data, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedData);
}
public static function decrypt($data, $key = null)
{
$data = base64_decode($data);
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = mb_substr($data, 0, $ivSize, '8bit');
$decryptedData = mb_substr($data, $ivSize, null, '8bit');
return openssl_decrypt($decryptedData, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
}
}
Test
$data = 'alpha'; $enc = AESEncryption::encrypt($data); $dec = AESEncryption::decrypt($enc); echo 'INPUT:' . $data . PHP_EOL; echo 'ENCRP:' . $enc . PHP_EOL; echo 'DECRP:' . $dec . PHP_EOL; $enc = AESEncryption::encrypt($data, "e2e0cc36ea14bc5cd94473facd4731a6"); $dec = AESEncryption::decrypt($enc, "e2e0cc36ea14bc5cd94473facd4731a6"); echo 'INPUT:' . $data . PHP_EOL; echo 'ENCRP:' . $enc . PHP_EOL; echo 'DECRP:' . $dec . PHP_EOL;
Result
INPUT:alpha ENCRP:PUn1xaDRMX4U0K4NVnJiRv4mtROpn3WvcFnSrR9EJ98= DECRP:alpha INPUT:alpha ENCRP:QOs1vvy/6aKRSVGmZQWp7EvSNoISCpJ4Vsy3T3ixXZ4= DECRP:alpha