Page 1 of 1

ESP32 + PHP string encryption

Posted: Thu Sep 20, 2018 4:58 pm
by giotlab
Hi, everyone.
I want to make an encrypted string communication between my esp32 and PHP. I am using the HTTPClient.h library (HTTPS connection).
Every request I send parameters and I want to encrypt them on my esp32 and decrypt them on my PHP script. My PHP also sends back some data to the esp32 so I want it to be encrypted too. I've tried so many libraries and searched everywhere for information but I haven't found anything yet. I tried using mbedtls AES encryption which I wasn't able to work with on my PHP. I tried the XXTEA library for both the ESP32: and the PHP: but the encryption values were different. On XXTEA I used the key "ENCRYPTION KEY" and encrypted the string "HELLO WORLD" both on PHP and my esp32 and those were the results:
PHP -> T1YNYC4P4R2Y5eCxUqtjuw==
ESP32 -> 35bd3126715874f741518f4d
My esp32 sketch looks like this:

Code: Select all

#include <xxtea-iot-crypt.h>

void setup() {

void loop() {
  String plaintext = "HELLO WORLD";

  // Set the Password
  xxtea.setKey("ENCRYPTION KEY");

  // Perform Encryption on the Data
  Serial.print(F(" Encrypted Data: "));
  String result = xxtea.encrypt(plaintext);


  // Perform Decryption
  Serial.print(F(" Decrypted Data: "));

My PHP code looks like this:

Code: Select all

$str = "HELLO WORLD"
$encrypt_data = xxtea_encrypt($str, $key);
error_log($encrypt_data); //for outputting the data
I even tried to base64 encode the result from the esp32 because it looks like hex for me but it still wasn't the same.
I have opened two issues, one on GitHub: and one on stack overflow: ... encryption but both of those didn't get me the response I wanted, I didn't even get a response on GitHub.
Is there a way to encrypt and decrypt strings between PHP and esp32?

Re: ESP32 + PHP string encryption

Posted: Wed Nov 14, 2018 10:56 am
by costaud
giotlab wrote:
Thu Sep 20, 2018 4:58 pm
Is there a way to encrypt and decrypt strings between PHP and esp32?
Sure, there is certainly a way to encrypt data on esp32.
For this issue it self, I think you should find a third party tool to confirm which side is wrong first.
We will try to provide some examples.