36 lines
1.3 KiB
PHP
36 lines
1.3 KiB
PHP
<?php
|
|
require_once('Crypto.php');
|
|
try {
|
|
$key = Crypto::CreateNewRandomKey();
|
|
// WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
|
|
// they may leak the key to the attacker through side channels.
|
|
} catch (CryptoTestFailedException $ex) {
|
|
die('Cannot safely create a key');
|
|
} catch (CannotPerformOperationException $ex) {
|
|
die('Cannot safely create a key');
|
|
}
|
|
|
|
$message = "ATTACK AT DAWN";
|
|
try {
|
|
$ciphertext = Crypto::Encrypt($message, $key);
|
|
} catch (CryptoTestFailedException $ex) {
|
|
die('Cannot safely perform encryption');
|
|
} catch (CannotPerformOperationException $ex) {
|
|
die('Cannot safely perform decryption');
|
|
}
|
|
|
|
try {
|
|
$decrypted = Crypto::Decrypt($ciphertext, $key);
|
|
} catch (InvalidCiphertextException $ex) { // VERY IMPORTANT
|
|
// Either:
|
|
// 1. The ciphertext was modified by the attacker,
|
|
// 2. The key is wrong, or
|
|
// 3. $ciphertext is not a valid ciphertext or was corrupted.
|
|
// Assume the worst.
|
|
die('DANGER! DANGER! The ciphertext has been tampered with!');
|
|
} catch (CryptoTestFailedException $ex) {
|
|
die('Cannot safely perform encryption');
|
|
} catch (CannotPerformOperationException $ex) {
|
|
die('Cannot safely perform decryption');
|
|
}
|
|
?>
|