aes encryption (encapsulation) of ecshop

Keywords: PHP REST

From a company that makes shopex and ecstore to a company that makes b2b ecshop, we have to go into action when we come. Let's leave the rest aside, let's first understand what aes encryption of php is.

AES (Advanced Encryption Standard), AES block length fixed at 128 bits, key length can be 128, 192 or 256 bits; it is a reversible encryption method, different from md5.

AES is divided into several modes, such as ECB, CBC, CFB and so on. These modes are not very safe except ECB because it does not use IV. The differences between other modes are not too obvious. Most of the differences are slightly different in the way IV and KEY calculate ciphertext.

The role of iv?

IV is called the initial vector. Different IV encrypted strings are different. Encryption and decryption need the same IV. Since IV looks the same as key, there is another IV for each block. For each block, the key is unchanged, but only the IV of the first block is provided by the user, and the other blocks IV are automatically generated.
IV is 16 bytes long. Over or under, the libraries that may be implemented will be complemented or truncated. However, since the length of the block is 16 bytes, it is generally considered that the IV required is 16 bytes.

Now that we have a certain understanding of aes, let's start coding.

<?php

class cryptaes{
    protected $cipher = MCRYPT_RIJNDAEL_128;
    protected $mode = MCRYPT_MODE_ECB;
    protected $pad_method = '';
    protected $secret_key = '';
    protected $iv = '';
 
    public function set_cipher($cipher)
    {
        $this->cipher = $cipher;
    }
 
    public function set_mode($mode)
    {
        $this->mode = $mode;
    }
 
    public function set_iv($iv)
    {
        $this->iv = $iv;
    }
 
    public function set_key($key)
    {
        $this->secret_key = $key;
    }
 
    public function require_pkcs5()
    {
        $this->pad_method = 'pkcs5';
    }
 
    protected function pad_or_unpad($str, $ext)
    {
        if ( is_null($this->pad_method) )
        {
            return $str;
        }
        else
        {
            $func_name = __CLASS__ . '::' . $this->pad_method . '_' . $ext . 'pad';
            if ( is_callable($func_name) )
            {
                $size = mcrypt_get_block_size($this->cipher, $this->mode);
                return call_user_func($func_name, $str, $size);
            }
        }
        return $str;
    }
 
    protected function pad($str)
    {
        return $this->pad_or_unpad($str, '');
    }
 
    protected function unpad($str)
    {
        return $this->pad_or_unpad($str, 'un');
    }
     //Encryption class
    public function encrypt($str)
    {
        print_r($str);
        $str = $this->pad($str);
        $td = mcrypt_module_open($this->cipher, '', $this->mode, '');
 
        if ( empty($this->iv) )
        {
            $iv = @mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        }
        else
        {
            $iv = $this->iv;
        }
 
        mcrypt_generic_init($td, $this->secret_key, $iv);
        $cyper_text = mcrypt_generic($td, $str);
        $rt=base64_encode($cyper_text);
        //$rt = bin2hex($cyper_text);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
 
        return $rt;
    }
     //avg
    public function decrypt($str){
        $td = mcrypt_module_open($this->cipher, '', $this->mode, '');
 
        if ( empty($this->iv) )
        {
            $iv = @mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        }
        else
        {
            $iv = $this->iv;
        }
 
        mcrypt_generic_init($td, $this->secret_key, $iv);
        //$decrypted_text = mdecrypt_generic($td, self::hex2bin($str));
        $decrypted_text = mdecrypt_generic($td, base64_decode($str));
        $rt = $decrypted_text;
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
 
        return $this->unpad($rt);
    }
 
    public static function hex2bin($hexdata) {
        $bindata = '';
        $length = strlen($hexdata);
        for ($i=0; $i < $length; $i += 2)
        {
            $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
        }
        return $bindata;
    }
 
    public static function pkcs5_pad($text, $blocksize)
    {
        $pad = $blocksize - (strlen($text) % $blocksize);
        return $text . str_repeat(chr($pad), $pad);
    }
 
    public static function pkcs5_unpad($text)
    {
        $pad = ord($text{strlen($text) - 1});
        if ($pad > strlen($text)) return false;
        if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
        return substr($text, 0, -1 * $pad);
    }
}
?>

The encapsulation class of aes encryption and decryption is encapsulated and encrypted where needed:

require_once(ROOT_PATH . 'includes/lib_smt_cryptaes.php'); //ecshop Introducing file format
        $aes_obj     = new cryptaes();
        $iv         = '12345678baiducom';
        $privateKey = '12345678baiducom';

        $data['a'] =  'Tuesday';
        $data['b'] =  'Wednesday';
        $data['c'] =  'Thursday';

        $da = json_encode($data);
        $aes_obj->set_key($privateKey);
        $aes_obj->require_pkcs5();
        $aes_obj->set_iv($iv);
        $il = $aes_obj->encrypt($da);
        //Write in cookie
        setcookie('il', $il,time()+360000); //Encryption result $il

What I want to pass here is an array. It's important to note that aes can only encrypt strings. You need to convert to a string.

 

        $il = $_COOKIE['il'];
            require_once(ROOT_PATH . 'includes/lib_smt_cryptaes.php');
            $aes_obj     = new cryptaes();
            $keyStr     = '12345678baiducom';//secret key
            $iv         = '12345678baiducom';

            $aes_obj->set_key($keyStr);
            $aes_obj->require_pkcs5();
            $aes_obj->set_iv($iv);
            $j_token = $aes_obj->decrypt($il);
            $j_token = json_decode($j_token,true);    
       print_r($j_token);//Decryption results

This completes the encryption and transmission of aes.

Welcome to ask questions, exchange and grow together.

Posted by mikesmith76 on Tue, 18 Jun 2019 10:37:34 -0700