Of course, one could always use other kinds of
encryption/encoding/obfuscation techniques such as XOR complement, but
this example provides an extremely secure version using methods like
Blowfish, MD5, DES, etc.
This took me about 4 hours to figure out and perfect, but the two
functions below will work with PHP on many versions of Linux. I have
RedHat 9, in this case. I designed this to use a pretty small
compression and encryption style, yet work just fine as far as storing
in a cookie.
I'm using Blowfish here, but you can switch the "-bf" to other
encryption types. For those of you with Linux, do a "man openssl" to
see the others that are available.
The routine isn't bad for a 15 user business app on a 2.4Ghz Pentium.
However, you'll find it's somewhat slow for larger-scale operations,
unfortunately, because you have to write 2 files for each function. If
someone knows how to use openssl without files, I'd be interested to
see your example.
function Encrypt($val, $pass) {
$val = str_replace("'" , "#%$", $val);
$file = tempnam('','php-encrypt-');
exec("echo -E '$val' > $file.dec");
exec("openssl enc -a -bf -in $file.dec -out $file.enc -e -pass
pass:$pass");
$myfile = file("$file.enc ");
exec("rm $file");
exec("rm $file.dec");
exec("rm $file.enc");
while (list($line_num , $line) = each($myfile)) {
$result .= $line;
}
$result = base64_encode($ result);
$result = urlencode($resu lt);
return $result;
}
function Decrypt($val, $pass) {
$val = urldecode($val) ;
$val = base64_decode($ val);
$file = tempnam('','php-decrypt-');
exec("echo -E '$val' > $file.enc");
exec("openssl enc -a -bf -in $file.enc -out $file.dec -d -pass
pass:$pass");
$myfile = file("$file.dec ");
exec("rm $file");
exec("rm $file.enc");
exec("rm $file.dec");
while (list($line_num , $line) = each($myfile)) {
$result .= $line;
}
$result = substr($result, 0, strlen($result)-1);
$result = str_replace("#% $", "'", $result);
return $result;
}
Here's a sample of how big the encrypted string can be when I used the
password "wow":
6 chars = 44 chars
20 chars = 76 chars
50 chars = 134 chars
100 chars = 224 chars
Here's a sample encrypted string:
VTJGc2RHVmtYMSt 4azRFdjN2QXlzVk JZRFBMMTdHNmNlQ WdGZFF0ZmlkNS9C QndPOGtIOGV3PT0 K
encryption/encoding/obfuscation techniques such as XOR complement, but
this example provides an extremely secure version using methods like
Blowfish, MD5, DES, etc.
This took me about 4 hours to figure out and perfect, but the two
functions below will work with PHP on many versions of Linux. I have
RedHat 9, in this case. I designed this to use a pretty small
compression and encryption style, yet work just fine as far as storing
in a cookie.
I'm using Blowfish here, but you can switch the "-bf" to other
encryption types. For those of you with Linux, do a "man openssl" to
see the others that are available.
The routine isn't bad for a 15 user business app on a 2.4Ghz Pentium.
However, you'll find it's somewhat slow for larger-scale operations,
unfortunately, because you have to write 2 files for each function. If
someone knows how to use openssl without files, I'd be interested to
see your example.
function Encrypt($val, $pass) {
$val = str_replace("'" , "#%$", $val);
$file = tempnam('','php-encrypt-');
exec("echo -E '$val' > $file.dec");
exec("openssl enc -a -bf -in $file.dec -out $file.enc -e -pass
pass:$pass");
$myfile = file("$file.enc ");
exec("rm $file");
exec("rm $file.dec");
exec("rm $file.enc");
while (list($line_num , $line) = each($myfile)) {
$result .= $line;
}
$result = base64_encode($ result);
$result = urlencode($resu lt);
return $result;
}
function Decrypt($val, $pass) {
$val = urldecode($val) ;
$val = base64_decode($ val);
$file = tempnam('','php-decrypt-');
exec("echo -E '$val' > $file.enc");
exec("openssl enc -a -bf -in $file.enc -out $file.dec -d -pass
pass:$pass");
$myfile = file("$file.dec ");
exec("rm $file");
exec("rm $file.enc");
exec("rm $file.dec");
while (list($line_num , $line) = each($myfile)) {
$result .= $line;
}
$result = substr($result, 0, strlen($result)-1);
$result = str_replace("#% $", "'", $result);
return $result;
}
Here's a sample of how big the encrypted string can be when I used the
password "wow":
6 chars = 44 chars
20 chars = 76 chars
50 chars = 134 chars
100 chars = 224 chars
Here's a sample encrypted string:
VTJGc2RHVmtYMSt 4azRFdjN2QXlzVk JZRFBMMTdHNmNlQ WdGZFF0ZmlkNS9C QndPOGtIOGV3PT0 K