Skip to main content

php


<?php

// Generate a key from a password using PBKDF2
function getKeyFromPassword($password, $salt) {
    return hash_pbkdf2('sha256', $password, $salt, 65536, 32, true);
}

// Encrypt plaintext using AES/CBC/PKCS5Padding
function encryptPasswordBased($plainText, $key, $iv) {
    $cipherText = openssl_encrypt($plainText, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
    return base64_encode($cipherText);
}

// Decrypt ciphertext using AES/CBC/PKCS5Padding
function decryptPasswordBased($encryptedText, $key, $iv) {
    $cipherText = base64_decode($encryptedText);
    $plainText = openssl_decrypt($cipherText, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
    return $plainText;
}

// Function to Base64 encode and then encrypt
function encrypt($stringToEncrypt, $password, $salt) {
    // Base64 encode the plaintext
    $base64Encoded = base64_encode($stringToEncrypt);
    echo "Base64 Encoded: $base64Encoded\n";

    // Generate a 16-byte zero-filled IV
    $iv = str_repeat("\0", 16);

    // Get key from password
    $key = getKeyFromPassword($password, $salt);
    echo "Derived Key: " . bin2hex($key) . "\n";

    // Encrypt the base64-encoded plaintext
    $encrypted = encryptPasswordBased($base64Encoded, $key, $iv);
    echo "Encrypted: $encrypted\n";

    return $encrypted;
}

// Function to Decrypt and then Base64 decode
function decrypt($encryptedText, $password, $salt) {
    // Generate a 16-byte zero-filled IV
    $iv = str_repeat("\0", 16);

    // Get key from password
    $key = getKeyFromPassword($password, $salt);
    echo "Derived Key: " . bin2hex($key) . "\n";

    // Decrypt the ciphertext
    $decryptedBase64 = decryptPasswordBased($encryptedText, $key, $iv);
    echo "Decrypted Base64: $decryptedBase64\n";

    // Base64 decode the decrypted plaintext
    $decrypted = base64_decode($decryptedBase64);
    echo "Decrypted: $decrypted\n";

    return $decrypted;
}

// Example usage
$password = 'your encryption key';
$salt = 'your aoi key';

$plainText = 'things to test';

try {
    $encrypted = encrypt($plainText, $password, $salt);
    echo "Encrypted: $encrypted\n";

    $decrypted = decrypt($encrypted, $password, $salt);
    echo "Decrypted: $decrypted\n";
} catch (Exception $ex) {
    echo 'Error: ' . $ex->getMessage() . "\n";
}
?>