subject:"\[PHP\] mcrypt and PHP to encrypt values to be passed to differend server"

[PHP] mcrypt and PHP to encrypt values to be passed to differend server

2003-12-28 Thread Mark Wouters

Hello!

I'm trying to use mcrypt to encrypt some values (login and password) I have
to pass from one website to another.
I thook this code from the php.net website as an example:

?php
/* Open the cipher */
$td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');

/* Create the IV and determine the keysize length */
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size ($td);

/* Create key */
$key = substr (md5 ('very secret key'), 0, $ks);

/* Intialize encryption */
mcrypt_generic_init ($td, $key, $iv);

/* Encrypt data */
$encrypted = mcrypt_generic ($td, 'This is very important data');

/* Terminate encryption handler */
mcrypt_generic_deinit ($td);

/* Initialize encryption module for decryption */
mcrypt_generic_init ($td, $key, $iv);

/* Decrypt encrypted string */
$decrypted = mdecrypt_generic ($td, $encrypted);

/* Terminate decryption handle and close module */
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);

/* Show string */
echo trim ($decrypted).\n;
?

I put this in the page starting from:

?php
$adminlogin = $row1[adminlogin];
$adminpw = $row1[adminpw];
// both are queried from a database

$td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size ($td);
$key = substr (md5 ('a key fsfqz'), 0, $ks);
mcrypt_generic_init ($td, $key, $iv);

/* Encrypt data */
$encryptedlogin = mcrypt_generic ($td, $adminlogin);
$encryptedpassw = mcrypt_generic ($td, $adminpw);

mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
?
a href=destinationpage.php?login=?php echo($encryptedlogin);
?password=?php echo($encryptedpassw); ? target=_blanklink/a


In the destination page (destinationpage.php, on a different server) I have
this:

  $td = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
  $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td),
MCRYPT_DEV_RANDOM);
  $ks = mcrypt_enc_get_key_size ($td);
  $key = substr (md5 ('a key fsfqz'), 0, $ks);
  mcrypt_generic_init ($td, $key, $iv);

  /* Decrypt encrypted string */
  $login = mdecrypt_generic ($td, $login);
  $login = trim ($login);
  $password = mdecrypt_generic ($td, $password);
  $password = trim ($password);

  mcrypt_generic_deinit ($td);
  mcrypt_module_close ($td);

  and then an echo($login - $passwordbr); to check if the values are
correct.

But they are not!!
What am I doing wrong?? Is it because both are on a different server?
I would very much appreciate your help. Or if someone has an other good way
of encrypting values, please let me know!

Thanks!!!

Mark.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mcrypt and PHP to encrypt values to be passed to differend server

2003-12-28 Thread Tom Rogers

Hi,

Monday, December 29, 2003, 9:30:11 AM, you wrote:
MW Hello!

MW I'm trying to use mcrypt to encrypt some values (login and password) I have
MW to pass from one website to another.


You will need to pass the $iv which kinda defeats the object of it, or
use a null one. Here is a class I use for this which also corrects the
string lengths as decryption will usually have a few /0 tacked on to
make it a block size:

class encrypt_class{
var $secret;
function encrypt_class(){
$this-secret = 'choose your own pass phrase here';
}
Function encode($id){
$eid = $iv = 0;
$len = strlen($id);
$id = $len.'-'.$id;
$td = mcrypt_module_open(MCRYPT_TripleDES, , MCRYPT_MODE_ECB, );
$key = substr($this-secret, 0, mcrypt_enc_get_key_size ($td));
$iv = pack(a.mcrypt_enc_get_iv_size($td),$iv);
mcrypt_generic_init ($td, $key, $iv);
$eid = base64_encode(mcrypt_generic ($td, $id));
mcrypt_generic_deinit($td);
  return $eid;
}
Function decode($eid){
$id = $iv = 0;
$td = mcrypt_module_open (MCRYPT_TripleDES, , MCRYPT_MODE_ECB, );
$key = substr($this-secret, 0, mcrypt_enc_get_key_size ($td));
$iv = pack(a.mcrypt_enc_get_iv_size($td),$iv);
mcrypt_generic_init ($td, $key, $iv);
$id = mdecrypt_generic ($td, base64_decode($eid));
$len = strtok($id,'-');
$id = substr($id,(strlen($len)+1),$len);
mcrypt_generic_deinit($td);
return $id;
}
}
 //usage
 $password = 'password';
 $name = 'me';
 
 $mesage[0] = $password;
 $message[1] = $name;

 $serial = serialize($message);
 
 $enc = new encrypt_class();
 $enc_message = $enc-encode($serial);
 //send message ?enc_message=$enc_message

 //next page
 $enc = new encrypt_class();
 $serial = $enc-decode($_GET['enc_message']);
 $message = unserialize($serial);
 print_r($message);

-- 
regards,
Tom

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] mcrypt and PHP to encrypt values to be passed to differend server

Re: [PHP] mcrypt and PHP to encrypt values to be passed to differend server

2 matches

Site Navigation

Mail list logo

Footer information