We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

why the result of `decryptBase64` is different?

$crypt = new Crypt();

$key = ".";
$text = '12345x67';

$encrypt = $crypt->encryptBase64($text, $key);

echo ($crypt->decryptBase64($encrypt, $key));
echo var_dump($crypt->decryptBase64($encrypt, $key));

the first line is 12345x67

but the second line is 12345x67������������������������'(length=32) why?



12.2k
Accepted
answer
edited Apr '16

Also, CBC mode (default one in 2.0.9) encrypts complete blocks, so mcrypt pads your plaintext with zero bytes.

// Get all available modes
$crypt->getAvailableModes();

// Get current mode
$crypt->getMode();

// Get all ciphers
$crypt->getAvailableCiphers();

// Get current cipher
$crypt->getCipher();

If you set mode to CFB, OFB or CTR then no padding will take place.

// Set mode to CFB
$crypt->setMode('cfb');


31.3k

Thanks, @mraspor

more questions:

I want to send the encrypt string by URL, is encryptBase64/decryptBase64 the unique way?

I've set default key or crypt:

$di->set('crypt', function () use ($config) {
    $crypt = new Crypt();
    $crypt->setKey('afweaasdf');
    return $crypt;
});

How to omit the second parament and remain the third parament of the function encryptBase64($text, $key, $safe), like:

$crypt->encryptBase64($text, , true);

More information on this feature: https://github.com/phalcon/cphalcon/issues/749

edited Apr '16

Hello xaero, recently i had to battle this myself. I added little functions to a helper of mine. Here they are:

    /**
     *  Generate url safe encoded string
     *
     *  @param string $string string to be encoded
     *  @return encoded string
     */
    public static function encodeString($string)
    {
        $crypt = new \Phalcon\Crypt();
        $key = \Phalcon\DI::getDefault()->getConfig()->dev->cryptKey;
        return $crypt->encryptBase64($string, $key, true);
    }

    /**
     *  Decode string generated with encodeString()
     *
     *  @param string $string Encoded string
     *  @return decoded string
     */
    public static function decodeString($string)
    {
        $crypt = new \Phalcon\Crypt();
        $key = \Phalcon\DI::getDefault()->getConfig()->dev->cryptKey;
        return $crypt->decryptBase64($string, $key, true);
    }

My crypt key is something like: "i$2^&/:%[email protected]<@{(e=*!<7u|rI~0"



12.2k

@xaero7

You can extend Crypt class and then have it as your crypt service


$di->set('crypt', function () use ($config) {
    $crypt = new MyCrypt(); // MyCrypt extends Crypt class
    $crypt->setKey('afweaasdf');
    return $crypt;
});

And in your MyCrypt class you can have something like:

use Phalcon\Crypt

class MyCrypt extends Crypt {

    function encryptBase64($text, $key, $safe) {        // or whatever you want to call it
        return parent::encryptBase64($text, $key, true)
    }

}


31.3k

Thanks All !

And I'm sorry, I can't click any button of the "Accept Answer" , "Reply", "thumbs up" and so on. Maybe the JS files under some CDNs can't be loaded(because of the Great Fire Wall)