1

I'm trying to find a very secure php encryption that can be decrypted in Android and vice-versa to send data securely. I found old functions not compatible with new versions of PHP. Any ideas please?

PHP User
  • 2,350
  • 6
  • 46
  • 87
  • Cryptographic functions are generally well defined and if you manage to implement them correctly they should be compatible regardless of the implementation. This kind of question is sure to give rise to *completely insecure* answers that *"just work"*. At the very minimum you would need an authenticated cipher such as AES-GCM. But in all honesty, you will probably need a full *transport protocol* and in that case you might as well turn to TLS. You need to learn crypto basics using an up to date guide if just to eval any answers given. – Maarten Bodewes Feb 27 '19 at 01:52

1 Answers1

0

Possible duplicate SHA1 in Java and PHP with different results

Encryption and decryption functions are deterministic. If you encrypt SHA-256 on Android, and then decrypt it with PHP, it should work fine. They use the same functionality.

If you have tried this and it didn't work, your problem most likely lies in your encoding method.

Current PHP encryption method: http://php.net/manual/en/function.openssl-encrypt.php

Function to get available ciphers: http://php.net/manual/en/function.openssl-get-cipher-methods.php

Peter-M
  • 145
  • 10
  • That's since 2013 and as you know many old encryption functions have been hacked and others are not even compatible with PHP >=7.0 that's why I'm looking for updated or recent functions. In addition, this answer ir related to one-way encryption only it's about SHA1 – PHP User Feb 26 '19 at 13:07
  • how to use this on Android then? https://github.com/defuse/php-encryption ? – PHP User Feb 26 '19 at 13:15
  • Here's another one https://blog.turret.io/the-missing-php-aes-encryption-example/ but how to make it work in Java? That's what i'm asking about. – PHP User Feb 26 '19 at 13:18
  • SHA is an acronym for Secure Hash Algorithm, which is two way. One way encryption isn't a thing. You would be left with a hashed string that cannot be un-encrypted. The current encryption function in PHP is openssl_encrypt. http://php.net/manual/en/function.openssl-encrypt.php – Peter-M Feb 26 '19 at 14:29
  • 1
    "SHA is an acronym for Secure Hash Algorithm, which is two way" Are you sure you should be giving crypto advice? – Maarten Bodewes Feb 27 '19 at 01:49
  • Yeah, you're right. Dunno what I was thinking. I conflated one/two-way with symmetrical/asymmetrical. Thanks for the correction. – Peter-M Feb 27 '19 at 09:46
  • So how to decrypt openssl hash which is encrypted in PHP using openssl – PHP User Feb 27 '19 at 16:12
  • – PHP User Feb 27 '19 at 16:17
  • This might help: https://gist.github.com/Haehnchen/3cb18c40fea2ab883ef1a7a8e25422dc – Peter-M Feb 27 '19 at 19:26
  • If you don't crack it I'll give it a go this weekend. – Peter-M Feb 27 '19 at 19:27
  • SHA256 is a one-way encryption https://stackoverflow.com/questions/9316437/how-to-decrypt-sha-256-encrypted-string#answer-9316461 – PHP User Feb 27 '19 at 21:47
  • No body really knows a secure functions to encrypt/decrypt data between PHP and JAVA? No ready code to use? – PHP User Feb 27 '19 at 22:01
  • There almost definitely is if your google-fu is good enough. I'm not using java at the moment, so I'll have to wait until I have some free time to actually run your problem as code. I'm at work all week, so don't have the time til then. – Peter-M Feb 28 '19 at 09:12