Encrypt PHP, Decrypt Xojo

Richard_Gorbutt · July 16, 2014, 3:12am

Hi all,

I have a need to encrypt some data in PHP and store in a MYSQL database, and then decrypt that with a XOJO Console app triggered by CRON. I have the MBS plugins, and was playing with Blowfish (MBS) and mcrypt in PHP but never the twain they shall meet.

Anyone done similar?

Thanks

Johnny_Harris · July 16, 2014, 3:41am

I did a small project with PHP, Xojo, Einhugur Plugins and MySQL a few years ago. I just needed some simple encryption to store personal information. I don’t recall any of the code. If nobody else has a good example by tomorrow, I’ll try to find the code that I used for the encryption. I do recall it took a little time and research to get it working.

Richard_Vivash · July 16, 2014, 10:43am

I can’t help unfortunately, but I have also tried to use the public/private key encryption available in Xojo and interface with OpenSSL public/private key encryption available through PHP. Couldn’t get that to work either. The Keys produced by Xojo were said to be badly formed by PHP and the same visa versa.

So I’d also be interested in a solution to encrypt data between PHP and Xojo.

Johnny_Harris · July 16, 2014, 11:07am

I was able to access the PHP files from home and apparently I used a 3rd party library: http://phpseclib.sourceforge.net/

When I get to work I’ll look for the Xojo project.

Greg_O_Lone · July 16, 2014, 11:11am

I did this years ago using AES_CBC in einhugur’s plugins, but darned if I remember where that code is…

Richard_Gorbutt · July 16, 2014, 1:11pm

Thanks all, I appreciate the response. For some reason PHP.Blowfish.EncryptECB <> Xojo.BlowFishMBS.EncryptECB (simplified) using same key and string and encoding.

I’ll investigate the phpseclib stuff.

Greg_O_Lone · July 16, 2014, 1:26pm

[quote=112047:@Richard Gorbutt]Thanks all, I appreciate the response. For some reason PHP.Blowfish.EncryptECB <> Xojo.BlowFishMBS.EncryptECB (simplified) using same key and string and encoding.

I’ll investigate the phpseclib stuff.[/quote]
Make sure the Endianess is set the same. If they’re not you’ll have troubles.

Johnny_Harris · July 16, 2014, 8:11pm

I looked up the code I used several years ago and it was using the Einhugur plugins and AES_CBC.

This code seems to work with the MBS Plugins. Be sure to look at the example provided in the MBS downloads example folder.

<?php
function hex2str( $hex ) {
  return pack('H*', $hex);
}

function str2hex( $str ) {
  return array_shift( unpack('H*', $str) );
}

$key = "ABCD123";
$secret = "Xojo Is Fun     ";
// Encrypt Secret
$crypted = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $secret, MCRYPT_MODE_CBC);



$td        = mcrypt_module_open('blowfish', '', 'cbc', '');
$ivsize    = mcrypt_enc_get_iv_size($td);
$iv        = hex2str("0000000000000000");
// Decrypt Secret
mcrypt_generic_init($td,$key, $iv);
$plaintext = mdecrypt_generic($td, $crypted);

print 'The Secret: ' . $secret . '<br><br>';
print 'Encrypted As HEX: ' . strtoupper(bin2hex($crypted)) . '<br><br>';
print "Decrypted Secret: " . $plaintext;
?>

Richard_Gorbutt · July 16, 2014, 9:55pm

Many thanks, I’ll give it a try hopefully over the weekend.

Richard_Gorbutt · July 19, 2014, 3:27am

Perfect, did the trick. MBS Blowfish and the guidance above. Many thanks.