Recently we discussed how to encrypt something in PHP and then decrypt in Xojo. Check out the CipherMBS class in our plugin, which corresponds to openssl_encrypt/openssl_decrypt functions in PHP.
Here is a sample script in PHP to generate a random initial vector and a random key. Then encrypt some text with openssl using blowfish algorithm and CBC as block mode:
$cipher = 'bf-cbc';
$iv_size = openssl_cipher_iv_length($cipher);
$key_size = 20;
$iv = random_bytes($iv_size);
$key = random_bytes($key_size);
$encrypted = openssl_encrypt('Hello World. Just a test here!', $cipher, $key, OPENSSL_RAW_DATA, $iv);
print "iv: ".base64_encode($iv)."\n";
print "key: ".base64_encode($key)."\n";
print "encrypted: ".base64_encode($encrypted)."\n";
For such an encryption, you need to replicate on both sides the same settings:
- Identical key data. May need you to hash key first.
- Identical initial vector
- Identical setting for padding of data to match required block size.
- Identical handling for keys with too small size. e.g. fill up with zero bytes.
You can run the PHP script above and copy the values into the Xojo code below:
Var Cipher As CipherMBS = CipherMBS.bf_cbc Call Cipher.EncryptInit(DecodeBase64("79aMfVRxPw0="), DecodeBase64("2peenIoTK1k=")) Var Decrypted As MemoryBlock = Cipher.ProcessMemory(DecodeBase64("JBvDgbeC6vECJGiRnh27GQ==")) + Cipher.FinalizeAsMemory() Print Decrypted
If everything works fine, the result in the unencrypted text as in the PHP script.