Recently we discussed how to encrypt something in PHP and then decrypt in Xojo. Check out the CipherMBS class in our plugin, which corresponds to openssl_encrypt/openssl_decrypt functions in PHP.
Here is a sample script in PHP to generate a random initial vector and a random key. Then encrypt some text with openssl using blowfish algorithm and CBC as block mode:
$cipher = 'bf-cbc'; $iv_size = openssl_cipher_iv_length($cipher); $key_size = 20; $iv = random_bytes($iv_size); $key = random_bytes($key_size); $encrypted = openssl_encrypt('Hello World. Just a test here!', $cipher, $key, OPENSSL_RAW_DATA, $iv); print "iv: ".base64_encode($iv)."\n"; print "key: ".base64_encode($key)."\n"; print "encrypted: ".base64_encode($encrypted)."\n";
For such an encryption, you need to replicate on both sides the same settings:
- Identical key data. May need you to hash key first.
- Identical initial vector
- Identical setting for padding of data to match required block size.
- Identical handling for keys with too small size. e.g. fill up with zero bytes.
You can run the PHP script above and copy the values into the Xojo code below:
If everything works fine, the result in the unencrypted text as in the PHP script.