encryption with php

Question

how can i encrypt things with php using a key? I would prefer not to have to install Mcrypt. I also need the encryption to be pretty strong.

Possible duplicate of [PHP, Simplest Two Way Encryption](http://stackoverflow.com/questions/9262109/php-simplest-two-way-encryption) — Artjom B., Jan 27 '16 at 18:03

score 1 · Accepted Answer · answered Jan 03 '10 at 03:03

1

How about phpseclib with eg. AES? Will use mcrypt where available, else a native-PHP implementation. Which will be slow, of course, but that's unavoidable.

answered Jan 03 '10 at 03:03

bobince

528,062
107
651
834

score 0 · Answer 2 · answered Jan 03 '10 at 02:38

From http://www.ibm.com/developerworks/opensource/library/os-php-encrypt/:

... With PGP and other public-key encryption methods, there's no way to deduce someone's private key from the public key.

... An added feature of PGP is that the password for the private key isn't really a password; it's a passphrase. And it can be an entire saying, including punctuation, spaces, and all manner of characters.

... One way to use PGP-based public-key encryption is to use GNU Privacy Guard (GPG). Any messages encrypted using GPG can be decrypted with GPG, PGP, or any number of e-mail client plug-ins that support either program. In the example, an online form accepts user input, including a message; encrypts that message for a particular recipient using GPG; then sends it on.

Example:

<?php
    //set up users
    $from = "webforms@example.com";
    $to = "you@example.com";

    //cut the message down to size, remove HTML tags
    $messagebody = strip_tags(substr($_POST['msg'],0,5000));
    $message_body = escapeshellarg($messagebody);

    $gpg_path = '/usr/local/bin/gpg';
    $home_dir = '/htdocs/www';
    $user_env = 'web';

    $cmd = "echo $message_body | HOME=$home_dir USER=$user_env $gpg_path" .
        "--quiet --no-secmem-warning --encrypt --sign --armor " .
        "--recipient $to --local-user $from";

    $message_body = `$cmd`;

    mail($to,'Message from Web Form', $message_body,"From:$from\r\n");

?>

where does the question say one-way? – President James K. Polk Jan 03 '10 at 02:50 — President James K. Polk, Jan 03 '10 at 02:50

score 0 · Answer 3 · answered Jan 03 '10 at 02:43

0

For one-way encryption, I always use phpass

I believe it tries a few encryption methods and falls back in case they are not available on your build.

answered Jan 03 '10 at 02:43

Matt McCormick

13,041
22
75
83

score 0 · Answer 4 · edited Jul 17 '22 at 21:04

0

Try openssl_xxx functions. There's RSA and Diffie-Hellman in there. Maybe more, I only worked with these.

edited Jul 17 '22 at 21:04

Bruno Rohée

3,436
27
32

answered Jan 03 '10 at 03:03

Seva Alekseyev

59,826
25
160
281

score 0 · Answer 5 · answered Nov 29 '14 at 23:30

using one of the many built in php functions and available libraries will be the best way. alternatively you may want to write your own encryption class, similar to this one HERE incase you may want to encrypt something that you want to pass in the URL.

encryption with php

5 Answers5