Hi everyone,
i've encrypted a username on the client side using cryptojs which look like so:
Code:
var username = getUsername();
var user = CryptoJS.AES.encrypt(username, "<? echo($passPhrase);?>").toString();
with a random string i created on the controller and stored in my session.
After i've passed the encrypted string i'm trying to use the 'encryption' library to decrypt that string with the session stored key like so:
PHP Code:
$this->encryption->decrypt($this->input->post('username'), array(
'key' => $this->session->get_userdata('passPhrase')
));
But i keep getting (bool)false from it, any idea what i'm doing wrong?
p.s i also tried this:
PHP Code:
$this->encryption->initialize(
array(
'key' => $this->session->get_userdata('passPhrase')
)
);
$this->encryption->decrypt($this->input->post('username'));
and got the same result.
Thanks in advance.
**UPDATE**
I'm now with this call:
PHP Code:
$this->encryption->decrypt($this->input->post('username'), array(
'cipher' => 'aes-128',
'mode' => 'cbc',
'hmac' => FALSE,
'key' => $this->session->get_userdata('passPhrase')['passPhrase']
))
which should be correct, as i've debugged inside
system/libraries/Encryption.php.
I now reach the
_openssl_decrypt function (line 610) and this is being called:
PHP Code:
openssl_decrypt(
$data,
$params['handle'],
$params['key'],
1, // DO NOT TOUCH!
$iv
);
but returns false, that's all i got so far...