14

I need two functions/methods, one to encode, one to decode. This is not for storing passwords. Each user will have a specific key/salt to encode the data.

This is how I would like it to work:

function encode($str, $key) {
    // something fancy
}

function decode($str, $key) {
    // something fancy
}

$key = $logged_in_user->get_key();
$plain = 'abc abc 123 123';
$encoded_data = encode($plain, $key);
// some_fancy_encrypted_data_that_is_really_cooooool
$decoded_data = decode($encoded_data, $key);
// abc abc 123 123

Another thing is that every time I use this function it needs to return the same thing every time I use the encode function with the same user key.

How would I do this??

bwoebi
  • 23,637
  • 5
  • 58
  • 79
Jason Silberman
  • 2,471
  • 6
  • 29
  • 47
  • 4
    So have you looked at mcrypt (http://www.php.net/manual/en/mcrypt.examples.php) at all? And drop the `hash` tag, because you say you __don't__ want a hash – Mark Baker Apr 08 '13 at 16:27
  • I have a [small class](http://stackoverflow.com/questions/15034368/cannot-decrypt-openssl-encrypt-output-on-command-line) that can do what you need, but the real question is why you feel the need to individually encrypt each user's data independently. It is generally assumed that once an attacked can see your stored data they can also see your source code which invalidates most uses of internal encryption, as well-intentioned as they might be. – Sammitch Apr 08 '13 at 16:37
  • @Sammitch In some cases it's useful if the key used to encrypt/decrypt the data cannot be found anywhere (and only belongs to the user). I'm pretty sure that LastPass does this as well. – h2ooooooo Apr 08 '13 at 16:39
  • @Sammitch Because it is not for the user, but for messages between users. So on the database it is not plain text data. – Jason Silberman Apr 08 '13 at 16:41
  • @MarkBaker I have, but even with the same key, every time the output is different. – Jason Silberman Apr 08 '13 at 16:42

2 Answers2

48
$myVarIWantToEncodeAndDecode

Define key (salt, broth etc..): $key = "#&$sdfdfs789fs7d";

To encode:

$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $myVarIWantToEncodeAndDecode, MCRYPT_MODE_CBC, md5(md5($key))));

To decode:

$decoded = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encoded), MCRYPT_MODE_CBC, md5(md5($key))), "\0");

Note: mcrypt_decrypt has been DEPRECATED as of PHP 7.1.0. Relying on this function is highly discouraged.

Ali Hesari
  • 1,821
  • 5
  • 25
  • 51
rinchik
  • 2,642
  • 8
  • 29
  • 46
1

Use openssl_encrypt instead of mcrypt_encrypt

mcrypt_encrypt DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0.

So, Try this..

function encrypt_decrypt($string, $action = 'encrypt')
{
    $encrypt_method = "AES-256-CBC";
    $secret_key = 'AA74CDCC2BBRT935136HH7B63C27'; // user define private key
    $secret_iv = '5fgf5HJ5g27'; // user define secret key
    $key = hash('sha256', $secret_key);
    $iv = substr(hash('sha256', $secret_iv), 0, 16); // sha256 is hash_hmac_algo
    if ($action == 'encrypt') {
        $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
        $output = base64_encode($output);
    } else if ($action == 'decrypt') {
        $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
    }
    return $output;
}
 
echo "Your Encrypted password is = ". $pwd = encrypt_decrypt('spaceo', 'encrypt');
echo "Your Decrypted password is = ". encrypt_decrypt($pwd, 'decrypt');
Gowthamraj Vungarala
  • 168
  • 11