Decrypt data from PHP in Xojo
Recently we discussed how to encrypt something in PHP and then decrypt in Xojo. Check out the CipherMBS class in our plugin, which corresponds to openssl_encrypt/openssl_decrypt functions in PHP.
Here is a sample script in PHP to generate a random initial vector and a random key. Then encrypt some text with openssl using blowfish algorithm and CBC as block mode:
$cipher = 'bf-cbc';
$iv_size = openssl_cipher_iv_length($cipher);
$key_size = 20;
$iv = random_bytes($iv_size);
$key = random_bytes($key_size);
$encrypted = openssl_encrypt('Hello World. Just a test here!', $cipher, $key, OPENSSL_RAW_DATA, $iv);
print "iv: ".base64_encode($iv)."\n";
print "key: ".base64_encode($key)."\n";
print "encrypted: ".base64_encode($encrypted)."\n";
For such an encryption, you need to replicate on both sides the same settings:
- Identical key data. May need you to hash key first.
- Identical initial vector
- Identical setting for padding of data to match required block size.
- Identical handling for keys with too small size. e.g. fill up with zero bytes.
You can run the PHP script above and copy the values into the Xojo code below:
Var Cipher As CipherMBS = CipherMBS.bf_cbc
Call Cipher.EncryptInit(DecodeBase64("79aMfVRxPw0="), DecodeBase64("2peenIoTK1k="))
Var Decrypted As MemoryBlock = Cipher.ProcessMemory(DecodeBase64("JBvDgbeC6vECJGiRnh27GQ==")) + Cipher.FinalizeAsMemory()
Print Decrypted
If everything works fine, the result in the unencrypted text as in the PHP script.