14

I need two functions/methods, one to encode, one to decode. This is not for storing passwords. Each user will have a specific key/salt to encode the data.

This is how I would like it to work:

function encode($str, $key) {
    // something fancy
}

function decode($str, $key) {
    // something fancy
}

$key = $logged_in_user->get_key();
$plain = 'abc abc 123 123';
$encoded_data = encode($plain, $key);
// some_fancy_encrypted_data_that_is_really_cooooool
$decoded_data = decode($encoded_data, $key);
// abc abc 123 123

Another thing is that every time I use this function it needs to return the same thing every time I use the encode function with the same user key.

How would I do this??

Improve this question
5
  • 4
    So have you looked at mcrypt (php.net/manual/en/mcrypt.examples.php) at all? And drop the hash tag, because you say you don't want a hash Commented Apr 8, 2013 at 16:27
  • I have a small class that can do what you need, but the real question is why you feel the need to individually encrypt each user's data independently. It is generally assumed that once an attacked can see your stored data they can also see your source code which invalidates most uses of internal encryption, as well-intentioned as they might be. Commented Apr 8, 2013 at 16:37
  • @Sammitch In some cases it's useful if the key used to encrypt/decrypt the data cannot be found anywhere (and only belongs to the user). I'm pretty sure that LastPass does this as well. Commented Apr 8, 2013 at 16:39
  • @Sammitch Because it is not for the user, but for messages between users. So on the database it is not plain text data. Commented Apr 8, 2013 at 16:41
  • @MarkBaker I have, but even with the same key, every time the output is different. Commented Apr 8, 2013 at 16:42

2 Answers 2

Reset to default
48 
$myVarIWantToEncodeAndDecode

Define key (salt, broth etc..): $key = "#&$sdfdfs789fs7d";

To encode:

$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $myVarIWantToEncodeAndDecode, MCRYPT_MODE_CBC, md5(md5($key))));

To decode:

$decoded = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encoded), MCRYPT_MODE_CBC, md5(md5($key))), "\0");

Note: mcrypt_decrypt has been DEPRECATED as of PHP 7.1.0. Relying on this function is highly discouraged.

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

hmm.. This seems to work, but the data I am getting back from decoding the string is A”·fµŒ”÷Óÿ‰Zvÿ“õE¥‰¬DõØ&Hå§. What's wrong?
So it decodes and encodes right? What are you encoding? plain text? encoded data should look something like this: VXHE0iM0bMXQecCAKYAzYZjy4gbctqLGQHYvW2cFhaE=
I am encoding just "abc abc 123 123"
Sweet, simple, one liner. Thanks a ton!! Cheers!! +1 :)
mcrypt_encrypt / _decode are deprecated. Use openssl_encrypt / _decrypt instead. php.net/manual/en/function.openssl-encrypt.php
|
1

Use openssl_encrypt instead of mcrypt_encrypt

mcrypt_encrypt DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0.

So, Try this..

function encrypt_decrypt($string, $action = 'encrypt')
{
    $encrypt_method = "AES-256-CBC";
    $secret_key = 'AA74CDCC2BBRT935136HH7B63C27'; // user define private key
    $secret_iv = '5fgf5HJ5g27'; // user define secret key
    $key = hash('sha256', $secret_key);
    $iv = substr(hash('sha256', $secret_iv), 0, 16); // sha256 is hash_hmac_algo
    if ($action == 'encrypt') {
        $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
        $output = base64_encode($output);
    } else if ($action == 'decrypt') {
        $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
    }
    return $output;
}
 
echo "Your Encrypted password is = ". $pwd = encrypt_decrypt('spaceo', 'encrypt');
echo "Your Decrypted password is = ". encrypt_decrypt($pwd, 'decrypt');
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.