Jason Ellmers - 2020-01-29 11:43:28
Hi,
I am trying to test the encryption class, and find that even with a static key, the result changes every single time the script is run.
Also if I paste back into the script an encrypted string then even if the key is changed the string is decrypted..... That cant be right surely, because every single person that runs your class would be able to just decrypt strings without knowing the key?
running this code will replicate the issue
<?php
use Lablnet\Encryption;
require 'vendor/autoload.php';
$encryption = new Encryption('openssl','test');
//Encrypt the message
$encrypt = $encryption->encrypt('some text');
echo strlen(utf8_decode($encrypt)).'<br>';
echo 'Encrypted text: '.$encrypt;
echo "<br\>";
//Decrypt the message
$decrypt = $encryption->decrypt('SWJuRkE1SmxUS0FrRHpacXc0OG9raXl0MUZITnl3T3ZzM2FjcnlYbWViQT0mJmQwMzg3ZjUxYzliNzdmOThmZTRiNjQ0M2E0ODFiMmQ1');
echo '<br> Decrypted/plain text: '.$decrypt;
$decrypt2 = $encryption->decrypt($encrypt);
echo '<br>Decrypted/plain text: '.$decrypt2;
Can you tell me what the encoded string resolves too? Even though the key that encrypted it was not the one in the script
