Instantly share code, notes, and snippets.

Embed
What would you like to do?
AES-256 encryption and decryption in PHP and C#
@sannyi

This comment has been minimized.

sannyi commented Dec 20, 2017

Hi!
I am new to encryption. In this case can the C# function derypt, what the PHP function encrypts and vice versa?

@tdowgielewicz

This comment has been minimized.

tdowgielewicz commented Jan 4, 2018

c# headers

using System.Security.Cryptography;
using System.IO;
using System.Text;
using System;
@esguhan

This comment has been minimized.

esguhan commented Jan 10, 2018

I have only encrypted password that need to be decrypted. How can I do that in PHP?

$plaintext = 'My secret message 1234';
$password = '3sc3RLrpd17';

From the above example, I don't understand what is plaintext variable password means the encrypted password?

Can someone tell me that how can I get decrypted value from the encrypted value?

@vip3r011

This comment has been minimized.

vip3r011 commented May 17, 2018

Any ideas to get same results in Go,?

@odan

This comment has been minimized.

Owner

odan commented May 21, 2018

@vip3r011 Sorry no (go) ;-)

@NoOneWithThatName

This comment has been minimized.

NoOneWithThatName commented Jun 20, 2018

@odan omg. you had to... go there ;-)

@saranrajKeshika

This comment has been minimized.

saranrajKeshika commented Jun 22, 2018

I need code for swift language. can you please anyone help me!!!

@PlaychildrenLTD

This comment has been minimized.

PlaychildrenLTD commented Aug 14, 2018

Thanks very much for this. I have managed to translate the C# into vb.net as im hoping to use this in a vb.net application. Everything seems to be working in terms of when it encrypts and saves the encrypted version to the database. Then the php gets the encrypted value from the database and tries to decrypt however when i run this i dont get any errors at all in the php however it doesnt display any text in the encrypted area just a blank area. Can you provide some assistance as to where i may be going wrong please.

Thanks in advanced.

`<?php

			$servername = "server";
			$username = "user";
			$password = "password";
			$dbname = "database";
				
			$sqlcon = mysqli_connect($servername, $username, $password, $dbname);
		
			// Check connection
			if (mysqli_connect_error()) {
			    die("Database connection failed: " . mysqli_connect_error());
			}

			$sql = "SELECT * FROM tblcustomersinfo";
			$result = $sqlcon->query($sql);

			if ($result->num_rows > 0) {
				echo "<div style='overflow-x:auto;'><table style='width:100%' min-width='60px'>
			<col width=10px>
			<col width=22.5%>
			<col width=22.5%>
			<col width=22.5%>
			<col width=22.5%>
		  <tr>
			<th>View</th>
			<th>Title</th> 
			<th>First Name</th>
			<th>Surname</th>
			  <th>Postcode</th>
		  </tr>";
				// output data of each row
				while($row = $result->fetch_assoc()) {		
					$encryptionpassword = '11DiGiTs123';
					$method = 'aes-256-cbc';
					$hashedpassword = password_hash($encryptionpassword, PASSWORD_BCRYPT, ['cost' => 12]);

					$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);
					
					$title = openssl_decrypt(base64_decode($row["title"]), $method, $hashedpassword, OPENSSL_RAW_DATA, $iv);
					$first_name = openssl_decrypt(base64_decode($row["first_name"]), $method, $hashedpassword, OPENSSL_RAW_DATA, $iv);
					$surname = openssl_decrypt(base64_decode($row["surname"]), $method, $hashedpassword, OPENSSL_RAW_DATA, $iv);
					$postcode = openssl_decrypt(base64_decode($row["postcode"]), $method, $hashedpassword, OPENSSL_RAW_DATA, $iv);
						echo "<tr>
			<td align='center'><a href='customerdetails.php?ID=".$row["urn"]."'>".$row["urn"]."</a></td>
			<td align='center'>" .$title. "</td> 
			<td align='center'>" .$first_name. "</td>
			  <td align='center'>" .$surname. "</td>
			  <td align='center'>" .$postcode. "</td>
					</tr>";
												 
					}
				echo "</table></br></div>";
			} else {
				echo "No Customers";
			}
			$sqlcon->close();
	
		?>`
@ghost

This comment has been minimized.

ghost commented Aug 18, 2018

Hi @odan
Thanks for this.
How can I write code to encrypt and decrypt this string in other language?
I need Java Code for this.
Can You help me?
thanks

@thursday42

This comment has been minimized.

thursday42 commented Sep 4, 2018

This is perfect and exactly what I needed. Thanks!!

@swingingtom

This comment has been minimized.

swingingtom commented Sep 14, 2018

Hi, could you add explanations on how communications between both parts should work ?
As each time password_hash() is executed, the hashed value differs.
ie:

$h1 = password_hash("Foo", PASSWORD_BCRYPT, ['cost' => 12]);
$h2 = password_hash("Foo", PASSWORD_BCRYPT, ['cost' => 12]);
//False
echo $h1==$h2;

So, how could one client decrypt information received from server ? What informations should be transmitted ? Should the encryptor send the hashed_key ? Should hashed key be the same on each parts ?

Thanks

@LuanDevecchi

This comment has been minimized.

LuanDevecchi commented Sep 26, 2018

i'm using this on some projects, perfect =)

@korniltsev

This comment has been minimized.

korniltsev commented Oct 11, 2018

Don't ever ever use iv=0

@Arashz22

This comment has been minimized.

Arashz22 commented Oct 24, 2018

Hi, could you add explanations on how communications between both parts should work ?
As each time password_hash() is executed, the hashed value differs.
ie:

$h1 = password_hash("Foo", PASSWORD_BCRYPT, ['cost' => 12]);
$h2 = password_hash("Foo", PASSWORD_BCRYPT, ['cost' => 12]);
//False
echo $h1==$h2;

So, how could one client decrypt information received from server ? What informations should be transmitted ? Should the encryptor send the hashed_key ? Should hashed key be the same on each parts ?

Thanks

That's my question too.
if hashedPassword changes every time how the other side can decrypt ? even if the other side knows password ?

@StefansArya

This comment has been minimized.

StefansArya commented Nov 1, 2018

After you hash it you should use password_verify($password, $hash ) to check if your password matched with the hash.

$h1 = password_hash("Foo", PASSWORD_BCRYPT, ['cost' => 12]);
if(password_verify("Foo", $h1))
    die("true");

@swingingtom @Arashz22

@odan

This comment has been minimized.

Owner

odan commented Nov 7, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment