Notes
Notes - notes.io |
require __DIR__ . '/../vendor/autoload.php';
final class OpenSSLCryptography
{
/** @var string */
const AES_256_CBC = 'aes-256-cbc';
const AES_128_CBC = 'aes-128-cbc';
/**
* @param string $cipher
*
* @return int
*/
public static function createIv($cipher)
{
$ivLength = self::getIvLength($cipher);
return openssl_random_pseudo_bytes($ivLength);
}
public static function getIvLength($cipher)
{
if (!in_array($cipher, openssl_get_cipher_methods())) {
throw new LogicException("A none existent cipher is trying to be used for `openssl` encryption");
}
return openssl_cipher_iv_length($cipher);
}
public static function encrypt($message, $cipher, $key, $options, $initializationVector)
{
return openssl_encrypt($message, $cipher, $key, $options, $initializationVector);
}
public static function decrypt($encryptedMessage, $cipher, $key, $options, $initializationVector)
{
return openssl_decrypt($encryptedMessage, $cipher, $key, $options, $initializationVector);
}
}
//dump(openssl_get_cipher_methods());
$message = 'This is a plain text message';
$key = 'Vs-I8-' . date('YmdH'); // Dit zou in een Vault moeten ofzo, ipv een string per server zijn
/*
// Server A
$cipher = OpenSSLCryptography::AES_256_CBC;
$key = 'Vs-I8-' . date('YmdH'); // Dit zou in een Vault moeten ofzo, ipv een string per server zijn
dump('key: ' . $key);
dump('keyLength: ' . strlen($key));
$initializationVector = OpenSSLCryptography::createIv($cipher);
$messageRaw = OpenSSLCryptography::encrypt(
$message,
$cipher,
$key,
OPENSSL_RAW_DATA,
$initializationVector
);
$hmac = hash_hmac('sha256', $messageRaw, $key, true);
dump($messageRaw);
$base64Encoded = base64_encode($initializationVector.$hmac.$messageRaw);
$decryptedData = mcrypt_decrypt(
MCRYPT_RIJNDAEL_128,
$key,
$messageRaw,
MCRYPT_MODE_CBC,
$initializationVector
);
dump('Decryption time using Rijndael CBC with mcrypt: ' . (microtime(true) - $startTime) . 's');
dump('Decrypted value with mcrypt: ' . $decryptedData);
die();
// Server B
$input = base64_decode($base64Encoded);
$cipher = OpenSSLCryptography::AES_128_CBC;
$ivLength = OpenSSLCryptography::getIvLength($cipher);
$initializationVector = substr($input, 0, $ivLength);
$hmac = substr($input, $ivLength, $sha2Length = 32);
$messageRaw = substr($input, ($ivLength + $sha2Length));
$messagePlainTxt = OpenSSLCryptography::decrypt($messageRaw, $cipher, $key, OPENSSL_RAW_DATA, $initializationVector);
$calcMac = hash_hmac('sha256', $messageRaw, $key, true);
if (hash_equals($hmac, $calcMac)) {
dump($messagePlainTxt);
} else {
dump('Nah ah ah, you didnt say the magic word');
}
*/
// PHPSecLib
use phpseclibCryptRandom;
use phpseclibCryptRijndael;
$environmentId = 1;
$userId = 2;
$message = str_pad($environmentId, 3, 0, STR_PAD_LEFT) . str_pad($userId, 6, 0, STR_PAD_LEFT);
//$message = 'This is a plain text messageasd';
$message = "This is a plain text message";
dump('original msg: ' . $message);
// Remove hardcoded 32
$message = str_pad($message, 32, chr(0), STR_PAD_RIGHT);
// "Decrypted value with mcrypt: 001000002x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17x17"
// Encryption (phpseclib)
$startTime = microtime(true);
$cipher = new Rijndael(Rijndael::MODE_CBC);
$cipher->setPreferredEngine(Rijndael::ENGINE_INTERNAL);
$cipher->setBlockLength(256);
$iv = Random::string($cipher->getBlockLength() >> 3);
//$cipher->setKeyLength(128);
$cipher->setKey($key);
$cipher->setIV($iv);
// Don't use padding because we do our own. This is because phpseclib uses PCKS7
$cipher->disablePadding();
//dump($cipher->block_size);
//$encryptedData = $cipher->encrypt(str_pad($message, $cipher->block_size, ' 3', STR_PAD_RIGHT));
$encryptedData = $cipher->encrypt($message);
$endTime = (microtime(true) - $startTime);
dump('bin2hex of phpseclib encrypted data: '. bin2hex($encryptedData));
dump('Encryption time using Rijndael CBC with phpseclib: ' . $endTime . 's');
// Decryption (phpseclib)
$startTime = microtime(true);
$decryptedData = $cipher->decrypt($encryptedData);
dump('Decryption time using Rijndael CBC with phpseclib: ' . (microtime(true) - $startTime) . 's');
dump('Decrypted value with phpseclib: ' . $decryptedData);
$startTime = microtime(true);
$decryptedData = mcrypt_decrypt(
MCRYPT_RIJNDAEL_256,
$key,
$encryptedData,
MCRYPT_MODE_CBC,
$iv
);
dump('Decryption time using Rijndael CBC with mcrypt: ' . (microtime(true) - $startTime) . 's');
dump('Decrypted value with mcrypt: ' . $decryptedData);
dump('-----------------------------------------------------------------------------------------------------------');
// Encryption (mcrypt)
$startTime = microtime(true);
$iv = mcrypt_create_iv(
mcrypt_get_iv_size(
MCRYPT_RIJNDAEL_256,
MCRYPT_MODE_CBC
),
MCRYPT_RAND
);
$encryptedData = mcrypt_encrypt(
MCRYPT_RIJNDAEL_256,
$key,
$message,
MCRYPT_MODE_CBC,
$iv
);
$endTime = (microtime(true) - $startTime);
dump('bin2hex of mcrypt encrypted data: '. bin2hex($encryptedData));
dump('Encryption time using Rijndael CBC with mcrypt: ' . $endTime . 's');
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team