$password = '******'; $plaintext = 'This is something secret'; $ivSize = 16; $randomIV = phpseclib\Crypt\Random::string($ivSize); echo 'Plaintext: ' . $plaintext . "\r\n"; //Create new AES Object $aes_encrypt = new \phpseclib\Crypt\AES(\phpseclib\Crypt\AES::MODE_CBC); //Use OPENSSL as Default engine $aes_encrypt->setPreferredEngine(phpseclib\Crypt\AES::ENGINE_OPENSSL); //set key length to 256 $aes_encrypt->setKeyLength(256); //set password $aes_encrypt->setPassword($password, 'pbkdf2', 'sha512', NULL, 4096); $aes_encrypt->setIV($randomIV); //Encrypt $raw_ciphertext = $aes_encrypt->encrypt($plaintext); $ciphertext = base64_encode($randomIV . $raw_ciphertext); echo 'Random IV: ' . $randomIV . "\r\n"; echo 'RAW Ciphertext: ' . $raw_ciphertext . "\r\n"; echo 'Ciphertext: ' . $ciphertext . "\r\n"; //Create new AES Object for decryption $aes_decrypt = new \phpseclib\Crypt\AES(\phpseclib\Crypt\AES::MODE_CBC); //Set OPENSSL as default engine $aes_decrypt->setPreferredEngine(phpseclib\Crypt\AES::ENGINE_OPENSSL); //set key length to 256 $aes_decrypt->setKeyLength(256); //set password $aes_decrypt->setPassword($password, 'pbkdf2', 'sha512', NULL, 4096); $decoded_ciphertext = base64_decode($ciphertext); $aes_decrypt->setIV(substr($decoded_ciphertext, 0, $ivSize)); //Decode from base64 and decrypts
/** * Encrypt data using the given secret using AES * * The mode is CBC with a random initialization vector, the key is derived * using pbkdf2. * * @param string $data The data that shall be encrypted * @param string $secret The secret/password that shall be used * @return string The ciphertext */ function auth_encrypt($data, $secret) { $iv = auth_randombytes(16); $cipher = new \phpseclib\Crypt\AES(); $cipher->setPassword($secret); /* this uses the encrypted IV as IV as suggested in http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf, Appendix C for unique but necessarily random IVs. The resulting ciphertext is compatible to ciphertext that was created using a "normal" IV. */ return $cipher->encrypt($iv . $data); }
public function encrypt() { $aes = new \phpseclib\Crypt\AES(); $aes->setKey($this->key); $plaintext = file_get_contents($this->getFileUploadDir() . '/' . $this->file_name); $ciphertext = $aes->encrypt($plaintext); $hash = md5($plaintext); $this->save_name = "EncryptedFile_" . $hash; file_put_contents($this->getFileRootDir() . '/' . $this->save_name, $ciphertext); unlink($this->file->getPathname()); return new CryptoFile($hash, $this->getWebPath() . '/' . $this->save_name); }