tags:

views:

875

answers:

3
+2  Q: 

how to encrypt string in php

I want to make one function like It should have some secret key to mix with so that one one can break it

function encrypt($string)
{
$key ="mastermind"
return encryptfunc($string,$key)
}

and same thing for decryption

A: 

http://php.net/manual/en/book.mcrypt.php

Galen  2009-11-24 06:14:33
Anyone can link to that page, why not show how to actually use the functions in the context he has provided. -1
Sam152  2009-11-24 06:18:10
because it was obvious he was being lazy and didn't look anything up himself, or he would've googled 'php encrypt' and gotten to that page in 2 seconds where there are plenty of examples. judging by your questions you're just like him =)plus, he'll learn more by doing some reading
Galen  2009-11-24 06:22:47
There is nothing wrong with building a list of basic questions on stack overflow, http://stackoverflow.com/questions/1003841, enough said. You are lazy for thinking you can justify an answer with 1 link.
Sam152  2009-11-24 06:30:03
There is nothing wrong with the answer, the link has "examples" page which does exactly what OP asked for. Not to mention I agree with Galen 100%. SO is for questions that can not be easily googled, this is just plain lazy.
Terry Felkrow  2009-11-24 06:32:11
This has been beaten to death on meta, "easily googled" questions and questions for beginners are welcomed on stack overflow because the site aims to be a complete resource for developers, one that can be maintained an kept up to date with the wiki features. The bottom line is, someone looking at this answer would not be any better off with a link they could have found themselves. Just because you have no first hand experience with the functions that the OP could benefit from, it doesn't mean that the question is invalid.
Sam152  2009-11-24 06:42:02
I agree that i could have google the question but i like asking in stackoverflow as we have variey of responses and sometime someone tells the better way of doing things rather than what i originally thought. Google too can give answers but it will only give us what we want , so for better responses i like asking question here . Correct me if its wrong to ask dumb questions here?
Mirage  2009-11-24 23:28:05
+4  A: 

If you are using PHP >= 5.3, the new openssl_encrypt might help you : it allows encryption of data using a wide range of cypher methods.

Those data can later be decrypted with openssl_decrypt, which, obviously, does the exact opposite.

And if you want to know which cypher functions you can use, openssl_get_cipher_methods will be helpful ;-)
There is quite a lot of those, it seems ^^


Here's a portion of code I posted on my blog some time ago, that should demonstrate the usage of those three functions :

$methods = openssl_get_cipher_methods();

var_dump($methods);

$texteACrypter = "he who doesn't do anything, doesn't go wrong -- Zeev Suraski";
$clefSecrete = "glop";

echo '<pre>';
foreach ($methods as $method) {
    $encrypted = openssl_encrypt($texteACrypter, $method, $clefSecrete);
    $decrypted = openssl_decrypt($encrypted, $method, $clefSecrete);
    echo $method . ' : ' . $encrypted . ' ; ' . $decrypted . "\n";
}
echo '</pre>';

The output I got when writting this was something like that :

bf-ecb : /nyRYCzQPE1sunxSBclxXBd7p7gl1fUnE80gBCS1NM4s3wS1Eho6rFHOOR73V9UtnolYW+flbiCwIKa/DYh5CQ== ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
bf-ofb : M9wwf140zhwHo98k8sj2MEXdogqXEQ+TjN81pebs2tmhNOsfU3jvMy91MBM76dWM7GVjeh95p8oDybDt ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
cast5-cbc : xKgdC1y654PFYW1rIjdevu8MsQOegvJoZx0KmMwb8aCHFmznxIQVy1yvAWR3bZztvGCGrM84WkpbG33pZcxUiQ== ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
cast5-cfb : t8ABR9mPvocRikrX0Kblq2rUXHiVnA/OnjR/mDJDq8+/nn6Z9yfPbpcpRat0lYqfVAcwlypT4A4KNq4S ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
cast5-ecb : xKgdC1y654NIzRl9gJqbhYKtmJoXBoFpgLhwgdtPtYB7VZ1tRHLX0MjErtfREMJBAonp48zngSiTKlsKV0/WhQ== ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
cast5-ofb : t8ABR9mPvofCv9+AKTcRO4Q0doYlavn8zRzLvV3dZk0niO7l20KloA4nUll4VN1B5n89T/IuGh9piPte ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
des-cbc : WrCiOVPU1ipF+0trwXyVZ/6cxiNVft+TK2+vAP0E57b9smf9x/cZlQQ4531aDX778S3YJeP/5/YulADXoHT/+Q== ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski
des-cfb : cDDlaifQN+hGOnGJ2xvGna7y8+qRxwQG+1DJBwQm/4abKgdZYUczC4+aOPGesZM1nKXjgoqB4+KTxGNo ; he who doesn't do anything, doesn't go wrong -- Zeev Suraski


And if you are not using PHP 5.3, you might want to take a look to the Mcrypt section of the manual, and functions such as mcrypt_encrypt ;-)

This is an interface to the mcrypt library, which supports a wide variety of block algorithms such as DES, TripleDES, Blowfish (default), 3-WAY, SAFER-SK64, SAFER-SK128, TWOFISH, TEA, RC2 and GOST in CBC, OFB, CFB and ECB cipher modes.

Pascal MARTIN  2009-11-24 06:33:26
That function was great and very easy to use , if i want to use AES256Should i useopenssl_encrypt($texteACrypter, "AES265", $clefSecrete);
Mirage  2009-11-24 23:39:17
A: 

I'm not a crypto guy, but I use this kind of things :

function crypt($dataToEncrypt){
  $appKey = '%39d15#13P0£df458asdc%/dfr_A!8792*dskjfzaesdfpopdfo45s4dqd8d4fsd+dfd4s"Z1';
  $td = mcrypt_module_open(MCRYPT_SERPENT, '', MCRYPT_MODE_CBC, '');
  // Creates IV and gets key size
  $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
  $ks = mcrypt_enc_get_key_size($td);

  // Creates key from application key
  $key = substr($appKey, 0, $ks);

  // Initialization
  mcrypt_generic_init($td, $key, $iv);

  // Crypt data
  $encrypted = mcrypt_generic($td, $dataToEncrypt);

  // Close
  mcrypt_generic_deinit($td);
  mcrypt_module_close($td);
  return array($encrypted, $iv);
}

To decrypt a string you need the key and the initialization vector ($iv).

function decrypt($encryptedData, $iv){
  $appKey = '%39d15#13P0£df458asdc%/dfr_A!8792*dskjfzaesdfpopdfo45s4dqd8d4fsd+dfd4s"Z1';
  $td = mcrypt_module_open(MCRYPT_SERPENT, '', MCRYPT_MODE_CBC, '');
  // Gets key size
  $ks = mcrypt_enc_get_key_size($td);

  // Creates key from application key
  $key = substr($appKey, 0, $ks);

  // Initialization
  mcrypt_generic_init($td, $key, $iv);

  // Decrypt data
  $decrypted = mdecrypt_generic($td, $encryptedData);

  // Close
  mcrypt_generic_deinit($td);
  mcrypt_module_close($td);

  return trim($decrypted);
}
Arkh  2009-11-24 13:17:47

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases