(PowerBuilder) Duplicate PHP's openssl_encrypt and openssl_random_pseudo_bytes

Demonstrates how to duplicate PHP's openssl_encrypt function. (https://www.php.net/manual/en/function.openssl-encrypt.php)

For more information, see https://www.php.net/manual/en/function.openssl-encrypt.php

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

integer li_rc
integer li_Success
oleobject loo_Crypt
string ls_Text
string ls_Passphrase
string ls_IvBase64
oleobject loo_BdKey
integer li_Sz
string ls_CipherText64
oleobject loo_Bd
string ls_Result
oleobject loo_BdResult
string ls_OriginalText

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Duplicates thw following PHP script:

// $text = "This is a test";
// $passphrase = "my password";
// $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("AES-256-CBC"));
// $crypted = base64_encode($iv.openssl_encrypt($text, "AES-256-CBC", $passphrase, OPENSSL_RAW_DATA, $iv));
// echo $crypted;

loo_Crypt = create oleobject
li_rc = loo_Crypt.ConnectToNewObject("Chilkat_9_5_0.Crypt2")
if li_rc < 0 then
    destroy loo_Crypt
    MessageBox("Error","Connecting to COM object failed")
    return
end if

ls_Text = "This is a test"
ls_Passphrase = "my password"

// AES is a block cipher.  The IV size for any block cipher is the size of the block, which is defined by the encryption algorithm. 
// For AES, the block size is always 16 bytes, regardless of key size (i.e. 128-bits, 192-bits, or 256-bits).
// Therefore, generate 16 random bytes for the IV.
loo_Crypt.EncodingMode = "base64"
ls_IvBase64 = loo_Crypt.GenRandomBytesENC(16)

Write-Debug "Generated IV = " + ls_IvBase64

// Because we're doing AES-256-CBC, the key length must be 256-bits (i.e. 32 bytes).
// Given that our passphrase is a us-ascii string that can be shorter or longer than 32-bytes, we need to 
// somehow transform the passphrase to a 32-byte secret key.  We need to know what openssl_encrypt does.
// Here's the answer from the openssl_encrypt documentation:
// 
// "If the passphrase is shorter than expected, it is silently padded with NUL characters; 
// if the passphrase is longer than expected, it is silently truncated."

// OK.... so let's pad or shorten to get a 32-byte key.
loo_BdKey = create oleobject
li_rc = loo_BdKey.ConnectToNewObject("Chilkat_9_5_0.BinData")

loo_BdKey.AppendString(ls_Passphrase,"utf-8")

li_Sz = loo_BdKey.NumBytes
if li_Sz > 32 then
    loo_BdKey.RemoveChunk(32,li_Sz - 32)
else
    loo_BdKey.Clear()
    loo_BdKey.AppendPadded(ls_Passphrase,"utf-8",0,32)
end if

// Setup for encryption.
loo_Crypt.CryptAlgorithm = "aes"
loo_Crypt.KeyLength = 256
loo_Crypt.SetEncodedIV(ls_IvBase64,"base64")
loo_Crypt.SetEncodedKey(loo_BdKey.GetEncoded("base64"),"base64")

// Encrypt and base64 encode.
ls_CipherText64 = loo_Crypt.EncryptStringENC(ls_Text)

// The PHP code fragment above returns the base64 encoded bytes of the IV and the encrypted text.
// So let's do that..
loo_Bd = create oleobject
li_rc = loo_Bd.ConnectToNewObject("Chilkat_9_5_0.BinData")

loo_Bd.AppendEncoded(ls_IvBase64,"base64")
loo_Bd.AppendEncoded(ls_CipherText64,"base64")
ls_Result = loo_Bd.GetEncoded("base64")

Write-Debug "result = " + ls_Result

// Sample output:
// dN0vS1O0cWi5BbLAAY+NTf7bs3S27xzPf11RkG47sjs=

// Now let's decrypt from the output...

// Setup for decryption.
loo_Crypt.CryptAlgorithm = "aes"
loo_Crypt.KeyLength = 256
loo_Crypt.SetEncodedKey(loo_BdKey.GetEncoded("base64"),"base64")

loo_BdResult = create oleobject
li_rc = loo_BdResult.ConnectToNewObject("Chilkat_9_5_0.BinData")

loo_BdResult.AppendEncoded(ls_Result,"base64")
loo_Crypt.SetEncodedIV(loo_BdResult.GetEncodedChunk(0,16,"base64"),"base64")

// Remove the IV (first 16 bytes) from the result.
loo_BdResult.RemoveChunk(0,16)
li_Success = loo_Crypt.DecryptBd(loo_BdResult)
ls_OriginalText = loo_BdResult.GetString("utf-8")

Write-Debug "original text = " + ls_OriginalText


destroy loo_Crypt
destroy loo_BdKey
destroy loo_Bd
destroy loo_BdResult