API tools faq
paste
Advertisement
DibDibsTH13TEEN

mcrypt Problem

DibDibsTH13TEEN
Jul 9th, 2016
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.41 KB | None | 0 0
raw download clone embed print report
  1. //NOTE: I am using POST requests to send the data to and from the server, that is why everything is in $_POST variables.
  2.  
  3. //ENCRYPTION
  4. if ($_POST['password'] == "password"){
  5.     if ($_POST['type'] == "test") $key = pack("H*", "myKey"); //The key is not actually myKey, it is a 256-bit key in hex.
  6.    
  7.     else if ($_POST['type'] == "name") $key = pack("H*", "myKey");
  8.    
  9.     else if ($_POST['type'] == "email") $key = pack("H*", "myKey");
  10.    
  11.     //Creates an ilitialization vector (basically a private key used when encrypting data).
  12.     //It does NOT need to be remembered: http://i.stack.imgur.com/LFHlH.png
  13.     $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
  14.     $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
  15.    
  16.     //Creates a cipher, which is basically encrypting the text.
  17.     $cipher = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $_POST['data'], MCRYPT_MODE_CBC, $iv);
  18.    
  19.     //Add the IV to the start of the string (prepend it) so it is available for decryption.
  20.     $ciphertext = base64_encode($iv) . ":" . base64_encode($cipher); //It's 256-bit so it will be the first 256 chars.
  21.    
  22.     $encoded = $ciphertext; //Encode the ciphertext so it can be represented as a string and used as such.
  23.    
  24.     echo($encoded);
  25.    
  26. }else{
  27.     echo("UNAUTHORISED.");
  28. }
  29.  
  30. //DECRYPTION (this is where the problem is)
  31. if ($_POST['password'] == "password"){
  32.     if ($_POST['type'] == "test") $key = pack("H*", "myKey");
  33.    
  34.     else if ($_POST['type'] == "name") $key = pack("H*", "myKey");
  35.    
  36.     else if ($_POST['type'] == "email") $key = pack("H*", "myKey");
  37.    
  38.     $ciphertext_dec = $_POST['data']; //Text was encoded into base64 after encryption, so it now must be decoded for decryption. This also has the initialization vector attached.
  39.    
  40.     $split = explode(":", $ciphertext_dec, 2); //Seperate the IV from the main cipher text.
  41.    
  42.     echo($split[1] . "<br><br>"); //Used for testing.
  43.    
  44.     $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); //Get the size of the IV used (256-bit).
  45.    
  46.     //$iv = base64_decode($split[0]); //Decode the IV.
  47.    
  48.     $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB));
  49.    
  50.     $data = base64_decode($split[1]); //Decode the cipher text.
  51.     print_r("DATA: " . $data . "<br><br>"); //Used for testing.
  52.    
  53.     $text = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv); //Decrypt the ciphertext.
  54.    
  55.     $val = rtrim($text, "\0");
  56.    
  57.     echo($val); //Return the decrypted text. No need for encoding.
  58. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!