I have problem with mine AES encryption class. Here it is:
<?php
require_once 'SecretData.php';
class AESEncryption
{
private static $AES_METHOD = 'aes-256-cbc';
public static function encrypt($data, $key = null)
{
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = openssl_random_pseudo_bytes($ivSize);
$encryptedData = openssl_encrypt($data, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedData);
}
public static function decrypt($data, $key = null)
{
$data = base64_decode($data);
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = mb_substr($data, 0, $ivSize, '8bit');
$decryptedData = mb_substr($data, $ivSize, null, '8bit');
return openssl_decrypt($decryptedData, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
}
}
Something in my login class was wrong, and I caught that this function is cause of errors. I made following debug file:
<?php
require_once '/var/www/backend/security/HashingAlgorithms.php';
require_once '/var/www/backend/security/AESEncryption.php';
$data = 'alpha';
$enc = AESEncryption::encrypt($data);
$dec = AESEncryption::decrypt($enc);
echo 'Input: ' . $data . ' <> Encrypted: ' . $enc . ' <> Decrypted: ' . $dec;
var_dump($dec);
This is an output:
Input: alpha <> Encrypted: 7hB1hNiSYvU+Hy4xgvHb2sf/cVa2NPkx4+3kX+qdvUM= <> Decrypted: bool(false)
When I looked at the code, everthing looks fine:
Same I did with decrypt function:
Can anyone look at this and tell me what is wrong
Without seeing the SecretData.php file, I cannot direct you to a specific point of failure. However, I can just create one dummy myself to confirm that the code itself works fine.
Code
<?php
class SecretData
{
public $universalAESKey = '79f0f1a2e72b6654bba3071ff8210c13';
}
class AESEncryption
{
private static $AES_METHOD = 'aes-256-cbc';
public static function encrypt($data, $key = null)
{
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = openssl_random_pseudo_bytes($ivSize);
$encryptedData = openssl_encrypt($data, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedData);
}
public static function decrypt($data, $key = null)
{
$data = base64_decode($data);
if($key == null)
{
$secretData = new SecretData();
$key = $secretData->universalAESKey;
}
$ivSize = openssl_cipher_iv_length(self::$AES_METHOD);
$iv = mb_substr($data, 0, $ivSize, '8bit');
$decryptedData = mb_substr($data, $ivSize, null, '8bit');
return openssl_decrypt($decryptedData, self::$AES_METHOD, $key, OPENSSL_RAW_DATA, $iv);
}
}
Test
$data = 'alpha';
$enc = AESEncryption::encrypt($data);
$dec = AESEncryption::decrypt($enc);
echo 'INPUT:' . $data . PHP_EOL;
echo 'ENCRP:' . $enc . PHP_EOL;
echo 'DECRP:' . $dec . PHP_EOL;
$enc = AESEncryption::encrypt($data, "e2e0cc36ea14bc5cd94473facd4731a6");
$dec = AESEncryption::decrypt($enc, "e2e0cc36ea14bc5cd94473facd4731a6");
echo 'INPUT:' . $data . PHP_EOL;
echo 'ENCRP:' . $enc . PHP_EOL;
echo 'DECRP:' . $dec . PHP_EOL;
Result
INPUT:alpha
ENCRP:PUn1xaDRMX4U0K4NVnJiRv4mtROpn3WvcFnSrR9EJ98=
DECRP:alpha
INPUT:alpha
ENCRP:QOs1vvy/6aKRSVGmZQWp7EvSNoISCpJ4Vsy3T3ixXZ4=
DECRP:alpha