?
Solved

Encrypting/decrypting passwords in plain-text files

Posted on 2007-03-18
4
Medium Priority
?
958 Views
Last Modified: 2008-02-01
Hello all,

I have a settings file for my website which contains an array with important settings, and I want to have several of the values encrypted from plain view and then decrypted when I need to use them (e.g. the passwords to access databases etc.). I've never used the Mcrypt functions in PHP, so I've been trying a small test where I encrypt a variable (entered into a form) which is then encrpyted and written to a file on my server, and then decrypt the variable written to the file. My problem is that when I decrypt the variable, it is not the same as I originally entered.

--encryption--

$fp = fopen('./file.php', 'w');

fwrite($fp, "<?php\n\n\$variable = '" . mcrypt_encrypt(MCRYPT_RIJNDAEL_256, mhash(MHASH_MD5, 'tirg412e1dw'), $_POST['variable'], MCRYPT_MODE_CBC, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND)) . "';\n\n?>");

fclose($fp);

--decryption--

require('./file.php');

echo '<p>$variable = ' . mcrypt_decrypt(MCRYPT_RIJNDAEL_256, mhash(MHASH_MD5, 'tirg412e1dw'), $variable, MCRYPT_MODE_CBC, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND)) . '.</p>';

--end--

I'm assuming that its a problem with the cipher, mode or IV, but I was also wondering if it was a problem that I'm writing it to a file and the character codes were somehow being lost.

Thanks for any help,  Adam.
0
Comment
Question by:madscientist
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Vel Eous
ID: 18744654
0
 
LVL 24

Accepted Solution

by:
slyong earned 500 total points
ID: 18744909
Try this:

//---- To Encrypt ---
<?php
$cipher = "rijndael-128";
$mode = "cbc";
$plain_text = "Hello World";
$secret_key = "01234567890abcde";
$iv = "fedcba9876543210";

$td = mcrypt_module_open($cipher, "", $mode, $iv);
mcrypt_generic_init($td, $secret_key, $iv);

$cyper_text = mcrypt_generic($td, $plain_text);
$hex_text = bin2hex($cyper_text);

$fp = fopen('./file.php', 'w');
fwrite($fp, "<?php\n\n\$variable='".$hex_text."';"."\n\n?>");
fclose($fp);

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>

//---- To Decrypt ---
<?php
function hex2bin($hexdata) {
  $bindata="";
 
  for ($i=0;$i<strlen($hexdata);$i+=2) {
   $bindata.=chr(hexdec(substr($hexdata,$i,2)));
  }

  return $bindata;
}

require('./file.php');

$cipher = "rijndael-128";
$mode = "cbc";
$secret_key = "01234567890abcde";
$iv = "fedcba9876543210";

$td = mcrypt_module_open($cipher, "", $mode, $iv);

mcrypt_generic_init($td, $secret_key, $iv);
$decrypted_text = mdecrypt_generic($td, hex2bin($variable));
echo '<p>$variable = ' . trim($decrypted_text). '</p>';
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>
0
 

Author Comment

by:madscientist
ID: 18744911
<sarcasm>I never thought of looking at the PHP manual...</sarcasm>
0
 
LVL 14

Expert Comment

by:Vel Eous
ID: 18745149
Obviously not well enough then.

Have a nice day.  :)
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question