I am sorry for my English.
The project migrates from Node to Laravel.
I'm the junior, maybe someone will tell me the right direction in the search)))
How to decrypt in Laravel what is encrypted in cryptojs?
In Node, they use CryptoJS and worked with passwords like this:
Encrypt
password: cryptojs.encrypt(JSON.stringify(req.body.password), secretKey).toString(),
Decrypt
cryptojs.decrypt(user.password.toString(), secretKey);
I'm trying to implement a password-checking mechanism in Laravel.
I have secretKey, old password, db stored data.
Tried this
$newEncrypter = new \Illuminate\Encryption\Encrypter(config('app.secret_key'), config('app.cipher'));
$decrypted = $newEncrypter->decrypt( $encrypted );
tinker output: Illuminate\Contracts\Encryption\DecryptException The payload is invalid.
Tried this and it return false
public function check($value, $hashedValue, array $options = [])
{
$hashedBytes = base64_decode($hashedValue);
$iv = substr($hashedBytes, 0, openssl_cipher_iv_length('aes-256-cbc'));
$encrypted = substr($hashedBytes, openssl_cipher_iv_length('aes-256-cbc'));
$decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', $this->key, OPENSSL_RAW_DATA, $iv);
return $value === $decrypted;
}
Related
the encryption in the front end works but the decryption in the backend does not work.
I am using crypto JS for the front end and PHP in the back end. And I want to use AES-256
<script>
function encrypt(){
passphrase= "123456";
encrypted = CryptoJS.AES.encrypt("decrypted soon", passphrase);
return encrypted;
}
</script>
in PHP
public function decrypt ($encrypted)
{
$passphrase= "123456";
$encrypted = base64_decode($encrypted);
$decrypted = openssl_decrypt($encrypted, 'AES-256-CBC', $key, OPENSSL_RAW_DATA);
return trim($decrypted);
}
Your help is much appreciated
Hi i have this PHP decryption and encryption code for login passwords and i need to check it with python directly from Mysql, so i need to decrypt passwords in python can anyone help me with? Here is php code:
function encryptIt($value) {
$encodeKey = 'MY FIXED KEY';
$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($encodeKey), $value, MCRYPT_MODE_CBC, md5(md5($encodeKey))));
return($encoded);
}
function decryptIt($value) {
$decodeKey = 'MY FIXED KEY';
$decoded = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($decodeKey), base64_decode($value), MCRYPT_MODE_CBC, md5(md5($decodeKey))), "\0");
return($decoded);
}
first function take password as ($value) and return me encoded one, that will save to Database, and second function take encoded password as ($value) and return me normal password. i need to code second function in python
I am developing a private messaging system for my website using Laravel 4, and I want to ensure that the messages remain private. So far, I have the following code written:
class PkeyEncryption {
public static function encrypt($input, $cipher = MCRYPT_RIJNDAEL_128) {
$key = sha1(microtime(true) . mt_rand(10000, 90000));
$iv_size = mcrypt_get_size($cipher, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
return mcrypt_encrypt($cipher, $key, $input, MCRYPT_MODE_CFB, $iv);
}
public static function decrypt($data, $key, $cipher = MCRYPT_RIJNDAEL_128) {
$iv = $data['iv'];
$data = $data['data'];
return mcrypt_decrypt($cipher, $key, $data, MCRYPT_MODE_CFB, $iv);
}
}
So, I know how to encrypt the messages, and I also know that I can store the IV alongside the message. But, I don't know where I am supposed to store the public key. I have already read a few other questions on the site, and I still haven't found an answer. Can somebody please point me in the right direction?
You have to store all users public keys on the server and only the users themselves should have their own private keys.
When user A wants to send message to user B, he will take user B public key and encrypt the message with it. This message can then be decrypted only with the user B private key.
I'm using PEAR::Mail to send a lot of e-mails to our customers. I want to be able to send those e-mails using different SMTP accounts (because of different mailing types). We have like 6-7 accounts, and in the future there might be more. Each of them has different password and we want to be able to store those passwords in database so it's not hardcoded and so you can add them more easily with administrator panel.
I know I want to use encryption for password storing, but imo hashing is not an option here. I want to be able to read those passwords, not only compare the hashes.
I would like to do it with storing encrypted passwords in database but encrypt them with some algorithm. And that's where I have problem - I don't know much about that. I'm attaching my test code for encryption, but I would like your opinion on how should I improve it:
if (!function_exists('hex2bin')) {
function hex2bin($data) {
$len = strlen($data);
return pack('H' . $len, $data);
}
}
$key = $_GET['key'];
$text = $_GET['text'];
$encr = $_GET['encr'];
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
if ($text != null) {
echo bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv));
}
if ($encr != null) {
echo mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, hex2bin($encr), MCRYPT_MODE_ECB);
}
ECB mode is insecure and the IV is ignored with this mode. You should really use CBC (MCRYPT_MODE_CBC) instead.
When using CBC an IV is required for encryption and the same IV is required for decryption, so you need to hang on to this value (but don't use the same IV for all encryption/decryption, generating a random one as in your code example is correct). The IV does not need to be stored securely (any more securely than the encrypted data), and it's standard proceedure to prepend the IV to the encrypted data.
bin2hex($iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv));
When decrypting you strip off the IV and pass it in to mcrypt_decrypt.
$cipherTextDecoded = hex2bin($encr);
$iv = substr($cipherTextDecoded, 0, $iv_size);
$cipherText = substr($cipherTextDecoded, $iv_size);
mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $cipherText, MCRYPT_MODE_CBC, $iv);
Also note that you should be using a binary key. $_GET['key'] is returning a string of text, and because you're not hex decoding it your keyspace is limited to all possible 256-bit strings rather than all 256-bit binary values.
Further, it's a bit misleading in PHP, but the 256 in MCRYPT_RIJNDAEL_256 refers to the block size, not the strength of the encryption. If you want to use 256 bit encryption, just pass a 256 bit key to the mcrypt functions. If that was your goal I'd consider using MCRYPT_RIJNDAEL_128 instead, this will make the encrypted text compatible with AES-128. If you ever need to decrypt the data in some other system (unlikely I know), it's much easier to find an AES-128 imeplementation than Rijindael 256.
I created a class which does everything what Syon mentioned. I'm attaching it here for future reference, if anyone would like to use it then feel free.
<?php
if (!function_exists('hex2bin')) {
function hex2bin($data) {
$len = strlen($data);
return pack('H' . $len, $data);
}
}
/**
* Encipherer - Class used for encoding and decoding
*
* #author kelu
* #version $Id$
*
*/
class Encipherer {
private $key;
private $iv_size;
private $mode = MCRYPT_MODE_CBC;
private $algorithm = MCRYPT_RIJNDAEL_256;
private $rand = MCRYPT_RAND;
/**
* returns singleton
*
* #return Encipherer
*/
public static function Instance()
{
static $inst = null;
if ($inst === null) {
$inst = new Encipherer;
}
return $inst;
}
private function __construct($key = '') {
$this->iv_size = mcrypt_get_iv_size($this->algorithm, $this->mode);
$this->key = $this->key = hex2bin($key);
}
private function __clone()
{
return Encipherer::Instance();
}
public function setKey($key) {
$this->key = $this->key = hex2bin($key);
}
public function encrypt($text) {
$iv = mcrypt_create_iv($this->iv_size, $this->rand);
return bin2hex($iv . mcrypt_encrypt($this->algorithm, $this->key, $text, $this->mode, $iv));
}
public function decrypt($text) {
$cipherTextDecoded = hex2bin($text);
$iv = substr($cipherTextDecoded, 0, $this->iv_size);
$cipherText = substr($cipherTextDecoded, $this->iv_size);
return mcrypt_decrypt($this->algorithm, $this->key, $cipherText, $this->mode, $iv);
}
}
?>
Example usage:
<?
$enc = Encipherer::Instance();
$enc->setKey('1234qwerty');
$encrypted = $enc->encrypt('secret message');
$decrypted = $enc->decrypt($encrypted);
?>
public static function decryptSessionByDES($str,$key_str){
$decoded =base64_decode($str);
$iv = substr($key_str, 0, mcrypt_get_iv_size(MCRYPT_3DES,MCRYPT_MODE_ECB));
return trim(mcrypt_ecb(MCRYPT_3DES, $key_str, $decoded, MCRYPT_DECRYPT, $iv));
}
How to covert this code in Ruby?
I was solved that:
here is a gem base in libmcrypt: https://github.com/kingpong/ruby-mcrypt
require "mcrypt"
class Crypt
def self.decrypt_session_by_des(str, key_str)
str_decoded = Base64.decode64(str)
mc = Mcrypt.new(:des,:ecb)
mc.padding = :pkcs
mc.key = key_str
mc.decrypt(str_decoded)
end
end
and the others decrypt or encrypt you can see the test cases in ruby-mcrypt:
https://github.com/kingpong/ruby-mcrypt/blob/master/test/test_reciprocity.rb