Encrypting/Decrypting a group of number with PHP 5

hello folks,

  I am converting a page from asp to php. I am pretty new at PHP and have the need to encrypt and decrypt a group of numbers.
I am confused from reading so many how-to-do's and all that is associated with it.
I have inserted code that was used in the asp page and it worked very well.
I have tried to convert it for php and failed.  It a bit beyond me. I have examined a lot of examples and that certainly added to the confusion.
Can anyone help me?
Private Function EncryptString(strString)

Dim CharHexSet, intStringLen, strTemp, strRAW, i, intKey, intOffSet
Randomize Timer

intKey = Round((RND * 1000000) + 1000000)   '##### Key Bitsize
intOffSet = Round((RND * 1000000) + 1000000)   '##### KeyOffSet Bitsize

    If IsNull(strString) = False Then
         strRAW = strString
         intStringLen = Len(strRAW)
                   
                   For i = 0 to intStringLen - 1
                        strTemp = Left(strRAW, 1)
                        strRAW = Right(strRAW, Len(strRAW) - 1)
                        CharHexSet = CharHexSet & Hex(Asc(strTemp) * intKey) & Hex(intKey)
                   Next
         
         EncryptString = CharHexSet & "|" & Hex(intOffSet + intKey) & "|" & Hex(intOffSet)
    Else
         EncryptString = ""
    End If
End Function

Private Function get_hxno(ghx)
         If ghx = "A" Then
              ghx = 10
         ElseIf ghx = "B" Then
              ghx = 11
         ElseIf ghx = "C" Then
              ghx = 12
         ElseIf ghx = "D" Then
              ghx = 13
         ElseIf ghx = "E" Then
              ghx = 14
         ElseIf ghx = "F" Then
              ghx = 15
         End If
         get_hxno = ghx
End Function

Private Function DeCryptString(strCryptString)

Dim strRAW, arHexCharSet, i, intKey, intOffSet, strRawKey, strHexCrypData

    strRawKey = Right(strCryptString, Len(strCryptString) - InStr(strCryptString, "|"))
    intOffSet = Right(strRawKey, Len(strRawKey) - InStr(strRawKey,"|"))
    intKey = HexConv(Left(strRawKey, InStr(strRawKey, "|") - 1)) - HexConv(intOffSet)
    strHexCrypData = Left(strCryptString, Len(strCryptString) - (Len(strRawKey) + 1))
    
     arHexCharSet = Split(strHexCrypData, Hex(intKey))
         
         For i=0 to UBound(arHexCharSet)
              strRAW = strRAW & Chr(HexConv(arHexCharSet(i))/intKey)
         Next
         
    DeCryptString = strRAW
End Function

Private Function HexConv(hexVar)
Dim hxx, hxx_var, multiply          
         IF hexVar <> "" THEN
              hexVar = UCASE(hexVar)
              hexVar = StrReverse(hexVar)
              DIM hx()
              REDIM hx(LEN(hexVar))
              hxx = 0
              hxx_var = 0
              FOR hxx = 1 TO LEN(hexVar)
                   IF multiply = "" THEN multiply = 1
                   hx(hxx) = mid(hexVar,hxx,1)
                   hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
                   multiply = (multiply * 16)
              NEXT
              hexVar = hxx_var
              HexConv = hexVar
         END IF
End Function

Open in new window

OverthereAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gr8gonzoConsultantCommented:
So first off, what you're doing in that code example is encoding, not encrypting. If you are trying to keep the numbers secret, then you want encryption, NOT encoding. One of the primary rules of security is "never roll your own." Everybody tries to do it once in their lifetime, but it's just a bad idea. It's like trying to build your own car out of a couple of skateboards... and you have a fully-functional, working car right next to you the entire time.

Now, the next thing is to figure out the RIGHT way for data to get from point A to point B. There's a dozen ways to do this, and they all depend on the details. Encryption isn't hard at all and the PHP mcrypt extension is basically like one big tool that will do just about any type of encryption you want. However, before we go into that, it's best to fully understand the situation.

For example, is the original data on server A and you're trying to send it to server B, or are you trying to just pass data between two pages that are both on the same server, or some other scenario? Do you have control over the code of both the sending and receiving sides? Are both sides PHP and if so, are they the same version?
0
mankowitzCommented:
This should get you started:

function encrypt_string($str) {

            var $intKey = rand(1000000, 2000000)   //##### Key Bitsize
            var $intOffSet = rand(1000000, 2000000)    //##### KeyOffSet Bitsize
            var $charhexset;
            
            if (!empty($str)) {
            
            for (var $i=0; $i<strlen($str)-1, $i++) {
                  $charhexset .= dechex(ord($str[$i] * $intKey)) . dechex(intKey);
            }
                     return $charhexset . "|" . dechex($intOffSet + $intKey) . "|" . dechex($intOffSet)
      } else {
            return "";
      }
}
0
mankowitzCommented:
Incidentally, this is very weak encryption. you are much better off using a more established method to do this.  Try https://github.com/defuse/php-encryption/
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Peos JohnPHPCommented:
0
Ray PaseurCommented:
Here's an example showing how to encrypt and decrypt information, and provide for binary-safe transport over the internet.  It has a built-in test case.
http://iconoun.com/demo/encrypt_decrypt.php
<?php // demo/encrypt_decrypt.php

/**
 * Show how to encrypt and decrypt information
 * with binary-safe transport over the internet
 *
 * http://php.net/manual/en/ref.mcrypt.php
 * http://php.net/manual/en/mcrypt.ciphers.php
 *
 * Note parallel construction in the mcrypt_XXcrypt() functions
 */
error_reporting(E_ALL);


class Encryption
{
    protected $key;

    public function __construct($key='quay')
    {
        // THE KEY MUST BE KNOWN TO BOTH PARTS OF THE ALGORITHM
        $this->key = $key;
    }

    public function encrypt($text)
    {
        // ENCRYPT THE DATA
        $data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->key, $text, MCRYPT_MODE_ECB);

        // MAKE IT base64() STRING SAFE FOR STORAGE AND TRANSMISSION
        return base64_encode($data);
    }

    public function decrypt($text)
    {
        // DECODE THE DATA INTO THE BINARY ENCRYPTED STRING
        $text = base64_decode($text);

        // DECRYPT THE STRING
        $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->key, $text, MCRYPT_MODE_ECB);

        // DECLOP NUL-BYTES BEFORE THE RETURN
        return trim($data);
    }
}


// INSTANTIATE AN ENCRYPTION OBJECT FROM THE CLASS
$c = new Encryption();

// INITIALIZE VARS FOR LATER USE IN THE HTML FORM
$encoded = $decoded = NULL;

// IF ANYTHING WAS POSTED SHOW THE DATA
if (!empty($_POST["clearstring"]))
{
    $encoded = $c->encrypt($_POST["clearstring"]);
    echo "<br/>{$_POST["clearstring"]} YIELDS ENCODED ";
    var_dump($encoded);
}

if (!empty($_POST["cryptstring"]))
{
    $decoded = $c->decrypt($_POST["cryptstring"]);
    echo "<br/>{$_POST["cryptstring"]} YIELDS DECODED ";
    var_dump($decoded);
}

// CREATE THE FORM USING HEREDOC NOTATION
$form = <<<FORM
<form method="post">
<input name="clearstring" value="$decoded" />
<input type="submit" value="ENCRYPT" />
<br/>
<input name="cryptstring" value="$encoded" />
<input type="submit" value="DECRYPT" />
</form>
FORM;

echo $form;

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gr8gonzoConsultantCommented:
Before you jump into just using any of these pieces of code, please ensure you provide details about the scenario you're doing.

Definitely do NOT use the converted version that mankowitz provided. I intentionally did not provide you with the PHP version of your code because it is simply bad code.

I also intentionally did NOT provide you with the PHP code to use mcrypt because you might not even need it, but we first need to understand what you're doing. I'm trying to teach you to fish here, not just give you a fish for a day.
1
Ray PaseurCommented:
Agree with @gr8gonzo.  This sounds like a detailed question that may have some underlying assumptions.  If we knew a little more about the assumptions, we might be able to give more valuable help!

One thing useful might be to see one or two correct examples of the input to your function and the output you expect.
0
OverthereAuthor Commented:
Thank you all for responding - inherited the coding, no documentation and just felt it was useless to convert. All I had to go by wast input/outpu and coding...sigh. I am not that skilled in php yet..I am learning, but have a long way to go yet.
I have decided to split points and if this is not suitable, please let me know.
I thank you all for answering.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.