PHP Script for Decryption or Encryption in AES-256-CBC

By using the same function for both encryption and decryption, you can verify if the issue lies with the data or the decryption process itself. the function openssl_decrypt() will work on the server if the OpenSSL extension is installed and enabled in PHP. The OpenSSL extension is typically included in most PHP installations by default, but it may need to be enabled explicitly in the server configuration.

Here’s how you can ensure openssl_decrypt() works on your server:

1. Check if OpenSSL is installed:
   • You can check if the OpenSSL extension is enabled in PHP by running the following command in your terminal or by creating a PHP file with the following content:
   php

   <?php
phpinfo();
?>


   
   Look for a section named OpenSSL in the output. If it’s there, the extension is installed and enabled.

2. Enable OpenSSL (if not enabled):
   • If the OpenSSL extension is not enabled, you can enable it by editing your php.ini file. Look for the following line and ensure it’s uncommented:
   ini

   extension=openssl


   After making this change, restart your web server (e.g., Apache or Nginx) for the changes to take effect.

3. Error Handling:
   • It’s a good idea to include error handling to ensure that if decryption fails, you get informative error messages. You can modify the decryption function like this:
   php

   <?php
function encrypt($data, $passphrase) {
$salt = openssl_random_pseudo_bytes(8);
$salted = $dx = '';
while (strlen($salted) < 48) {
$dx = md5($dx . $passphrase . $salt, true);
$salted .= $dx;
}
$key = substr($salted, 0, 32);
$iv = substr($salted, 32, 16);
$encrypted_data = openssl_encrypt($data, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
return base64_encode('Salted__' . $salt . $encrypted_data);
}

   function decrypt($encrypted, $passphrase) {
$encrypted = base64_decode($encrypted);
if (substr($encrypted, 0, 8) !== 'Salted__') {
return "Invalid encrypted data format";
}
$salt = substr($encrypted, 8, 8);
$encrypted = substr($encrypted, 16);
$salted = $dx = '';
while (strlen($salted) < 48) {
$dx = md5($dx . $passphrase . $salt, true);
$salted .= $dx;
}
$key = substr($salted, 0, 32);
$iv = substr($salted, 32, 16);
$decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
if ($decrypted === false) {
return "Decryption failed: " . openssl_error_string();
}
return $decrypted;
}

   // Test encryption and decryption
$test_data = "Hello, OpenSSL!";
$passphrase = "gHDI:#bV8a-fo9x4W5Ly";

   // Encrypt the data
$encrypted_data = encrypt($test_data, $passphrase);
echo "Encrypted Data: " . $encrypted_data . "\n";

   // Decrypt the data
$decrypted_data = decrypt($encrypted_data, $passphrase);
echo "Decrypted Data: " . $decrypted_data . "\n";
?>

Output :

Explanation:

• • phpinfo(): This PHP function will print detailed information about your PHP configuration, including enabled extensions like OpenSSL.

• OpenSSL Extension: OpenSSL is required for functions like openssl_encrypt() and openssl_decrypt() to work. This extension provides a variety of cryptographic functions.
• Error Handling: It’s good practice to handle potential decryption errors by checking if openssl_decrypt() returns false and then outputting an error message.

What to do if OpenSSL is not installed:

If OpenSSL is not installed or enabled, you’ll need to enable it or contact your hosting provider to enable it for you.