Sample code for 30+ languages & platforms
PHP Extension

Manually Duplicate SetSecretKeyViaPassword

Demonstrates how to duplicate the password string to binary secret key computation of SetSecretKeyViaPassword.

This is a cryptographically weak way of generating a secret key from a password. The SetSecretKeyViaPassword method is deprecated and should not be used.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$crypt = new CkCrypt2();

// The password string is transformed to a binary secret key by computing the 
// MD5 digest (of the utf-8 password) to obtain 16 bytes.  
// If the KeyLength is greater than 16 bytes, then the MD5 digest of the Base64 encoding 
// of the utf-8 password is added.  A max of 32 bytes of key material is generated, and 
// this is truncated to the actual KeyLength required.

$crypt->put_CryptAlgorithm('aes');
$crypt->put_KeyLength(256);

$password = 'this is my password';
$crypt->SetSecretKeyViaPassword($password);

// Examine the resulting SecretKey in hex:
print 'Computed Secret Key = ' . $crypt->getEncodedKey('hex') . "\n";

// Now perform the same computation manually:
$sb = new CkStringBuilder();

$crypt->put_HashAlgorithm('md5');
$crypt->put_Charset('utf-8');
$crypt->put_EncodingMode('hex');
$sb->Append($crypt->hashStringENC($password));

$passwordBase64 = $crypt->encodeString($password,'utf-8','base64');
$sb->Append($crypt->hashStringENC($passwordBase64));

print 'Manually Computed = ' . $sb->getAsString() . "\n";

// The output is:
// Computed Secret Key = 210D53992DFF432EC1B1A9698AF9DA16C7E90518F90E24828F78EC9E0A413B36
// Manually Computed = 210D53992DFF432EC1B1A9698AF9DA16C7E90518F90E24828F78EC9E0A413B36

?>