Solved

How to encrypt and decrypt text (DES) with PHP?

Posted on 2004-03-23
5
569 Views
Last Modified: 2008-02-07
Hello everyone.
 
    I have this question: how to encrypt and decrypt text with PHP using DES, when text and the key are provided. Encrypting should be easy, that's what encrypt() function is for. Sadly, it's one way. How do I decrypt when I have a key?  Anyw help appreciated.
0
Comment
Question by:intoxicated
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
Michael701 earned 500 total points
ID: 10660011
here's a cut and paste i saved from a previous posting. I haven't used the code because I haven't gotten to that section of my project.

<?PHP
function encrypt($key,$data,$iv) {
// This function is for encrypting data. You must
// pass the key, data and iv in order to encrypt
    // Open the cipher
    $td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
     
    // Intialize encryption
    mcrypt_generic_init ($td, $key, $iv);

    // Encrypt data and return the results
    return mcrypt_generic ($td, $data);

    // Terminate encryption handler and close module
    mcrypt_generic_deinit ($td);
    mcrypt_module_close ($td);
}

function decrypt($key,$data,$iv) {
// This function will decrypt the data. You must
// pass the key, data and iv
    //Open the cipher
    $td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
     
    // Initialize encryption module for decryption
    mcrypt_generic_init ($td, $key, $iv);

    // Decrypt encrypted string and return results
    return mdecrypt_generic ($td, $data);

    // Terminate decryption handle and close module
    mcrypt_generic_deinit ($td);
    mcrypt_module_close ($td);
}

function encodekey($newkey) {
    // Open the cipher
    $td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
     
    // Detrmine key size
    $ks = mcrypt_enc_get_key_size ($td);

    // Create key in hash and return
    return $encodekey = substr (md5 ($newkey), 0, $ks);
     
    // Close module
    mcrypt_module_close ($td);
}

function getiv() {
    $td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
     
    // Create the IV and return results
    return $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
     
    // Close module
    mcrypt_module_close ($td);
}

--------------------------------------------------------------------------------



To use the above to encrypt this would work:


PHP:
--------------------------------------------------------------------------------
 
// We do need to make an iv and make an encrypted
    // Key here first
$mykey = "this is the long key";
    $iv = getiv();
    $myenkey = encodekey($mykey);
    // Lets do some encrypting
    $encrypted = encrypt($myenkey,$mydata,$iv);
     
    // Lets connect to the database
    $connect = mysql_connect($host,$username,$password) or die("Unable to connect");
    mysql_select_db($database);
    $query = "INSERT INTO $tbl(pass, data, iv) VALUES('$myenkey', '$encrypted', '$iv')";
     
    // Lets add the stuff to the database
    mysql_query($query) or die("Could not insert");

--------------------------------------------------------------------------------



Here is how you can decrypt the data:

PHP:
--------------------------------------------------------------------------------
 
// Lets encode the password to test it
        $passchk = encodekey($enkey);
     
        // Lets connect to the database
        $connect = mysql_connect($host,$username,$password) or die("Unable to connect");
        mysql_select_db($database);
        $query = "SELECT * FROM $tbl WHERE id = '$endata' and pass = '$passchk'";
     
        // Lets add the stuff to the database
        $result = mysql_query($query) or die("Could not insert");
        $getit = mysql_fetch_array($result);
        if(!$getit) {
            echo "You entered the wrong information please try again";
        }else{
            // Now lets decode this information
            $decoded =  decrypt($getit['pass'],$getit['data'],$getit['iv']
);
            echo $decoded;
        }

?>
0
 
LVL 12

Expert Comment

by:venkateshwarr
ID: 10660052

There is no need to decrypt. That is why there are called one way functions.
if you have the key, then encrypt the given text again with the key and compare both the encryptions.
If they match then the key and text are correct or else, one of them is incorrect.

for encryption the function is crypt()

http://www.php.net/manual/en/function.crypt.php

venkat.
0
 
LVL 12

Expert Comment

by:venkateshwarr
ID: 10660068

I did not see your post  Michael
Anyway, thanks for the code

venkat.
0
 
LVL 19

Expert Comment

by:Michael701
ID: 10660323
venkateshwarr the need to encrypt credit card data and then be able to decrypt it to process the transactions.

I agree that passwords should be a one way encryption.
0
 
LVL 12

Expert Comment

by:venkateshwarr
ID: 10663499
Michael, you are right.., I did not think in that direction.

venkat.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ability to create nested list on the UI using PHP, HTML, Javascript 7 57
PHP Mail error 3 43
MySQL limit and not so limited 13 34
php error 27 55
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question