PHP Extension
PHP Extension
Manually Duplicate SetSecretKeyViaPassword
Demonstrates how to duplicate the password string to binary secret key computation of SetSecretKeyViaPassword.This is a cryptographically weak way of generating a secret key from a password. The SetSecretKeyViaPassword method is deprecated and should not be used.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$crypt = new CkCrypt2();
// The password string is transformed to a binary secret key by computing the
// MD5 digest (of the utf-8 password) to obtain 16 bytes.
// If the KeyLength is greater than 16 bytes, then the MD5 digest of the Base64 encoding
// of the utf-8 password is added. A max of 32 bytes of key material is generated, and
// this is truncated to the actual KeyLength required.
$crypt->put_CryptAlgorithm('aes');
$crypt->put_KeyLength(256);
$password = 'this is my password';
$crypt->SetSecretKeyViaPassword($password);
// Examine the resulting SecretKey in hex:
print 'Computed Secret Key = ' . $crypt->getEncodedKey('hex') . "\n";
// Now perform the same computation manually:
$sb = new CkStringBuilder();
$crypt->put_HashAlgorithm('md5');
$crypt->put_Charset('utf-8');
$crypt->put_EncodingMode('hex');
$sb->Append($crypt->hashStringENC($password));
$passwordBase64 = $crypt->encodeString($password,'utf-8','base64');
$sb->Append($crypt->hashStringENC($passwordBase64));
print 'Manually Computed = ' . $sb->getAsString() . "\n";
// The output is:
// Computed Secret Key = 210D53992DFF432EC1B1A9698AF9DA16C7E90518F90E24828F78EC9E0A413B36
// Manually Computed = 210D53992DFF432EC1B1A9698AF9DA16C7E90518F90E24828F78EC9E0A413B36
?>