-
-
Save joashp/a1ae9cb30fa533f4ad94 to your computer and use it in GitHub Desktop.
<?php | |
/** | |
* simple method to encrypt or decrypt a plain text string | |
* initialization vector(IV) has to be the same when encrypting and decrypting | |
* | |
* @param string $action: can be 'encrypt' or 'decrypt' | |
* @param string $string: string to encrypt or decrypt | |
* | |
* @return string | |
*/ | |
function encrypt_decrypt($action, $string) { | |
$output = false; | |
$encrypt_method = "AES-256-CBC"; | |
$secret_key = 'This is my secret key'; | |
$secret_iv = 'This is my secret iv'; | |
// hash | |
$key = hash('sha256', $secret_key); | |
// iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning | |
$iv = substr(hash('sha256', $secret_iv), 0, 16); | |
if ( $action == 'encrypt' ) { | |
$output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv); | |
$output = base64_encode($output); | |
} else if( $action == 'decrypt' ) { | |
$output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv); | |
} | |
return $output; | |
} | |
$plain_txt = "This is my plain text"; | |
echo "Plain Text =" .$plain_txt. "\n"; | |
$encrypted_txt = encrypt_decrypt('encrypt', $plain_txt); | |
echo "Encrypted Text = " .$encrypted_txt. "\n"; | |
$decrypted_txt = encrypt_decrypt('decrypt', $encrypted_txt); | |
echo "Decrypted Text =" .$decrypted_txt. "\n"; | |
if ( $plain_txt === $decrypted_txt ) echo "SUCCESS"; | |
else echo "FAILED"; | |
echo "\n"; | |
?> |
Thank u so much
Hi is correct if use a secretkey generated with RSA 2048 and as secret_iv a public key?
You should always use a random Initialization Vector if you want to protect against replaying attacks. (although the probability of it happening is low)
You can just append or prepend the IV to the output and use it in your decrypt function, it may be exposed publically.
thanks so much for sharing
Nice share fam.
This is dangerous! IV MUST be random, that is the whole purpose of it. You have just disabled one of the cipher's key mechanisms, well done.
@czubehead If it's random, how would you decrypt? How would you modify the code for a more secure encrypt/decrypt?
@petemolinero read the reply by @twicejr and @bladeSk
This function does two things instead of one and yes functions should do one thing. The name of the function is aweful too! Please don't write such code in that way if you copy that into your projects.
thank you so much for sharing.
this code help me, very simple and easy to use.
Thanks for sharing.
Mcrypt is a replacement for the popular Unix crypt command. the crypt was a file encryption tool that used an algorithm very close to the World War II Enigma cipher. Mcrypt provides the same functionality but uses several modern algorithms such as AES.
class MCrypt {
private $iv = 'abcdef9876541720';
private $key = '1720456789fedcba';
function __construct() {
}
/**
* @param string $str
* @param bool $isBinary whether to encrypt as binary or not. Default is: false
* @return string Encrypted data
*/
function encrypt($str, $isBinary = false) {
$iv = $this->iv;
$str = $isBinary ? $str : utf8_decode($str);
$td = mcrypt_module_open('rijndael-128', ' ', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return $isBinary ? $encrypted : bin2hex($encrypted);
}
/**
* @param string $code
* @param bool $isBinary whether to decrypt as binary or not. Default is: false
* @return string Decrypted data
*/
function decrypt($code, $isBinary = false) {
$code = $isBinary ? $code : $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', ' ', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return $isBinary ? trim($decrypted) : utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
function encryptkey($key) {
$mcrypt = new MCrypt();
$encrypted = $mcrypt->encrypt($key);
return $encrypted;
}
function decryptkey($key) {
$mcrypt = new MCrypt();
$decrypted = $mcrypt->decrypt($key);
return $decrypted;
}
$value = "Legend Blogs";
echo $value.'
';
echo "Encrypt: ". encryptkey($value).'
';
echo "Decrypt: ". decryptkey(encryptkey($value)).'
';
Complete example at here How do you Encrypt and Decrypt a PHP String
Thanks Man !
How can I decrypt this in java ?
Thank you so much, but I have some questions :
- Is it safe to use that code in my website when every one know it?
- What's the maximum length of the $secret_key and the $secret_iv?
- What's the best way to hide that code from everyone?
-Adel Sbeh
How to add cs5 padding with the encryption?? please, I need to know urgently.
great code, thanks a lot
Hello thanks for the code, works well, and works with short text strings but how I can encrypt text longer?
Hello from 2021,
Helped me ;)
Helped me 👍
How can I decrypt this in java ?
simple, you must move to php. haha. just kidding
The problem with open_ssl is that is cannot work with large strings. You get errors...
So you have to split a large string in smaller chuncks..
And as bladeSk mentionend: The IV should be generated for each encrypted message and transmitted with the message.
See working example at (written as static class):
https://gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba