PHP implementation of RNCryptor

I encrypt a string with secrect key on server (PHP)

public static function Encrypt($string, $password) { require LIBS . '/RNCryptor/autoload.php';

    $cryptor = new \RNCryptor\Encryptor();
    return $cryptor->encrypt($string, $password);
}

and try to decrypt it on iPhone

NSData* encryptedData = [@"AwH3lRq1dHsdyjsWzYmBpIVQSHkdjvGbOXLbCW1r240ZFIgFXgCj" dataUsingEncoding:NSUTF8StringEncoding]; NSData *decryptedData = [RNDecryptor decryptData:encryptedData withPassword:@"123456" error:&error]; //convert decryptedData to decryptedString but it is an empty string

Help me fix that please !

Thanks !

Hello, I have an encrypted string like this: BQPafXL85Mc01lu9cyWthMxlwdi7uYXdE/jlbNo7LAJZBdKBhw9gdejwgSEJAJFUjjykSdYMmMnE9gUZdlpiHh6u6MJ/mXy3tRjOdwTfsq87dxCck+QCob6ZRPlC0Ysv3uvCSDIeNv8/imR7KOXbxTYh8cZzHm36ZBR4ivH91+iiLBdnmH7flP/zHBY/12CoTZ2A

But when i put to decrypt function the code warning to me this error: Exception: Unsupported schema version 5 in D:\Hosting_Local\wamp\www\test\lib\RNCryptor\Cryptor.php on line 70 When i check line 70 on Cryptor.php i saw that the code just have 0 -> 3 version of encryption. So why do the hash return version 5? further more i notice that the encrypted hash will have some format like this: AW + [the rest of encrypted hash] But in the hash client sent to me i see the format has changed to: BQ + [the rest of encrypted hash] Do i have some way to know which version or config that the client used to encrypt this? it's kinda weird to normal hash of RNCryptor which i am using so i don't know how to decrypt this hash to orginal source.

Function mcrypt_create_iv() is deprecated in PHP 7.1 File: /lib/RNCryptor/Encryptor.php Line: 114

Function mcrypt_encrypt() is deprecated in PHP 7.1 File: /lib/RNCryptor/Encryptor.php Line: 82

Hi

The server where I try RNCryptor (latest version of both iOS and php) work with PHP 5.3.13. The function hash_pbkdf2 called in cryptor.php doesn't exist so I replaced the line

	return hash_pbkdf2($this->_settings->pbkdf2->prf, $password, $salt, $this->_settings->pbkdf2->iterations, $this->_settings->pbkdf2->keyLength, true);

with a class found in php.net. Then I changed the function _generateKey as follow

public function _generateKey($salt, $password) {

	if ($this->_settings->truncatesMultibytePasswords) {
		$utf8Length = mb_strlen($password, 'utf-8');
		$password = substr($password, 0, $utf8Length);
	}

	$hash =  $this->hash_pbkdf2($this->_settings->pbkdf2->prf, $password, $salt, $this->_settings->pbkdf2->iterations, $this->_settings->pbkdf2->keyLength, true);
    return $hash;
}

introducing the function

public function hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) { $data = array('algorithm' => $algorithm, 'password' => $password, 'salt' => $salt, 'count' => $count, 'key_length' => $key_length, 'raw_output' => $raw_output); try { $pbkdf2 = new pbkdf2($data); return $pbkdf2->hash(); } catch (Exception $e) { throw $e; } }

and the class

    class pbkdf2  extends Cryptor {
        public $algorithm;
        public $password;
        public $salt;
        public $count;
        public $key_length;
        public $raw_output;

        private $hash_length;
        private $output         = "";

        public function __construct($data = null)
        {
            if ($data != null) {
                $this->init($data);
            }
        }

        public function init($data)
        {
            $this->algorithm  = $data["algorithm"];
            $this->password   = $data["password"];
            $this->salt       = $data["salt"];
            $this->count      = $data["count"];
            $this->key_length = $data["key_length"];
            $this->raw_output = $data["raw_output"];
        }

        public function hash()
        {
            $this->algorithm = strtolower($this->algorithm);
            if(!in_array($this->algorithm, hash_algos(), true))
                throw new Exception('PBKDF2 ERROR: Invalid hash algorithm.');

            if($this->count <= 0 || $this->key_length <= 0)
                throw new Exception('PBKDF2 ERROR: Invalid parameters.');

            $this->hash_length = strlen(hash($this->algorithm, "", true));
            $block_count = ceil($this->key_length / $this->hash_length);
            for ($i = 1; $i <= $block_count; $i++) {
                // $i encoded as 4 bytes, big endian.
                $last = $this->salt . pack("N", $i);
                // first iteration
                $last = $xorsum = hash_hmac($this->algorithm, $last, $this->password, true);
                // perform the other $this->count - 1 iterations
                for ($j = 1; $j < $this->count; $j++) {
                    $xorsum ^= ($last = hash_hmac($this->algorithm, $last, $this->password, true));
                }
                $this->output .= $xorsum;
                if($this->raw_output)
                    return substr($this->output, 0, $this->key_length);
                else
                    return bin2hex(substr($this->output, 0, $this->key_length));
            }
        }

	}

found in php.net.

I have a problem decrypting a string generated by a simple iOS app, transmitted to a simple php module on the server that only GET the crypted string and try to decrypting it (null string returned), the question is:

may these changes in cryptor.php module could compromise the decrypting process?

Thanks in advance Marino

Hello fellow developers,

I was looking for ways of optimizing and reducing encryption/decryption time...

From the examples I can see that I need to encrypt / decrypt data using 'plain text password' and Library generates key from that 'plain text password'...

Is there any possibilities that I could use that generated KEY straight away without loosing time on its generation?

Thanks in advance.

I'm trying to encrypt and decrypt data between client (C#) and server PHP.

i don't understand encryption enough to work out

so i need to convert C# to php thanks

Any help is appreciated.

here is my code: C#:

private static readonly string PasswordHash = "P@@Sw0rd"; private static readonly string SaltKey = "S@LT&KEY"; private static readonly string VIKey = "@1B2c3D4e5F6g7H8";

    static void Main(string[] args)
    {
  
        string message = "test@123";

     
        string encrypted = Encrypt(message);

        string DecryptString = encrypted;
        string decrypted = Decrypt(DecryptString);
        Console.WriteLine(encrypted);


    }
    

    public static string Encrypt(string plainText)
    {
        byte[] bytes1 = Encoding.UTF8.GetBytes(plainText);
        byte[] bytes2 = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(32);

        RijndaelManaged rijndaelManaged = new RijndaelManaged();
        rijndaelManaged.Mode = CipherMode.CBC;
        rijndaelManaged.Padding = PaddingMode.Zeros;
        ICryptoTransform encryptor = rijndaelManaged.CreateEncryptor(bytes2, Encoding.ASCII.GetBytes(VIKey));
        byte[] array;
        using (MemoryStream memoryStream = new MemoryStream())
        {
            using (CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, encryptor, CryptoStreamMode.Write))
            {
                cryptoStream.Write(bytes1, 0, bytes1.Length);
                cryptoStream.FlushFinalBlock();
                array = memoryStream.ToArray();
                cryptoStream.Close();
            }
            memoryStream.Close();
        }
        return Convert.ToBase64String(array);
    }

    public static string Decrypt(string encryptedText)
    {
        byte[] buffer = Convert.FromBase64String(encryptedText);
        byte[] bytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(32);
        RijndaelManaged rijndaelManaged = new RijndaelManaged();
        rijndaelManaged.Mode = CipherMode.CBC;
        rijndaelManaged.Padding = PaddingMode.None;
        ICryptoTransform decryptor = rijndaelManaged.CreateDecryptor(bytes, Encoding.ASCII.GetBytes(VIKey));
        MemoryStream memoryStream = new MemoryStream(buffer);
        CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, decryptor, CryptoStreamMode.Read);
        byte[] numArray = new byte[buffer.Length];
        int count = cryptoStream.Read(numArray, 0, numArray.Length);
        memoryStream.Close();
        cryptoStream.Close();
        return Encoding.UTF8.GetString(numArray, 0, count).TrimEnd("\0".ToCharArray());
    }

}

I encrypt an image file on Android, and then upload it to the server. In PHP, I try to decrypt, but it keeps getting errors. Sometimes base64_decode returns nothing, sometimes I get Fatal error: Uncaught exception 'Exception' with message 'Unsupported schema version 23' in Cryptor.php.

Android:

            File file = new File(Environment.getExternalStorageDirectory()
                    .getPath() + "/" + filename);

            byte[] originalBytes = FileUtils.readFileToByteArray(file);
            byte[] encryptedBytes = new AES256JNCryptor().encryptData(originalBytes, "test".toCharArray());

            FileUtils.writeByteArrayToFile(file, encryptedBytes);

PHP: $string = file_get_contents($file); $decryptor = new \RNCryptor\Decryptor(); $decryptedData` = $decryptor->decrypt($string, "test");

This line of code has two cryptographic vulnerabilities.

1. The PHP "magic hash" evaluation flaw
2. String comparison is vulnerable to timing attacks

I'd suggest replacing it with hash_equals().

A MIT licensed polyfill for hash_equals() already exists.

I think is better uses pbkdf2 function because hash_pbkdf2 is only in php 5.5 and later and this other function can work in 5.3 and 5.4... Saludos desde Mexico!!!

Hi, ObjC side encryption: (Using RNCryptor (3.0.1))

NSData *data = [@"TEST STRING" dataUsingEncoding:NSUTF8StringEncoding];
NSError *error;
NSData *encryptedData = [RNEncryptor encryptData:data
                                    withSettings:kRNCryptorAES256Settings
                                        password:@"myPassword"
                                           error:&error];
if (error == nil) {
    NSString* output = [encryptedData base64EncodedStringWithOptions:0];
}

PHP side decryption: (rncryptor/rncryptor 3.1.4 on Windows + PHP5.4.45 + mcrypt 2.5.8)

$decryptor = new \RNCryptor\Decryptor;
$password = "myPassword";
$base64Encrypted = "AwEpke5sjJK7vtz3Nt4BuJg8/BU03AiguUkl7BlYXOyY8A1MqyOwH5BRub+XBiPZDVWeYZ512XVU/wkL/J+d72NzQeSc4NFri5aAk0hCGbgpbA==";
echo "Base64 Encrypted:\n$base64Encrypted\n\n";
$decrypted = $decryptor->decrypt($base64Encrypted, $password);
echo "Plaintext:\n$decrypted\n\n";

If I do the encrypt/decrypt on the same side or I do the decryption in PHP CLI (5.6) on my mac it works fine. Do you know any issue what could cause this?

Regards, Imre

Hello

Thank you so much for the great effort. I seem to have a problem with accessing the functionality of this library. I am new to Composer and I seem to have a problem with understanding wich "autoloader.php" to require in the code. I am simply using the supplied "encrypt.php" example and getting the "Class 'RNCryptor\RNCryptor\Encryptor' not found " no matter which autoloader I try to require.

I am working on a shared hosting server where my composer got installed in .php and "vendor" got installed in the application user directory "~/" next to ".php".

I am thinking my problem is not requiring the correct autoloader.php and/or instantiating the correct classpath 'RNCryptor\RNCryptor\Encryptor'.

I hope you can help me with this pit hole

Baher