Hi all,

I'm looking at a way of encrypting AND decrypting a string (cc#) with a key.
I plan to store the key in a file outside the docroot, and have asked the
ISP for as much advice as possible to protect the key file.

Anyway, since it needs to be encrypted and decrypted with a key, I obviously
can't use the old faithfull md5(), and from my understanding of the manual,
crypt() is also one-way.

Then I found mcrypt_encrypt() and mcrypt_decrypt().

Paraphrasing the samples in the php manual, does the below code achieve what
I want, assuming that the key would usually be stored in a separate file
outside the docroot?


$iv = mcrypt_create_iv (mcrypt_get_iv_size (MCRYPT_RIJNDAEL_256,
$key = "This is a very secret key";
$text = "11112222333344445555";
echo "plain string: {$text}<BR>";

$crypttext = mcrypt_encrypt (MCRYPT_RIJNDAEL_256, $key, $text,
echo "encoded string: {$crypttext}<BR>";

$dectext = mcrypt_decrypt (MCRYPT_RIJNDAEL_256, $key, $crypttext,
echo "decoded string: {$dectext}<BR>";


I'm getting the following error using 4.1.1:
"Fatal error: Call to undefined function: mcrypt_create_iv() in
/usr/local/apache/htdocs/tests/enc.php on line 3"

Which is confusing, given that the manual says mcrypt_create_iv() is
available in PHP 4.

Any ideas / contributions / pointers?

Justin French

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to