With the introduction of GDPR it is advisable to start encrypting sensitive data entered in your database. I intended to equip myself with a couple of experiences
The doubt is fast enough, changing servers or updating the php to a longer version, the algorithms are copied by php.net and well referenced by many users should they be obsolete and therefore no longer supported? I would find myself with a lot of data on a database without being able to do anything about it.
I'm currently using the next code.
When I use the secured_encrypt function several times, I get different results every time. How is it possible?
Thank you!
<?php
public function secured_encrypt($data){
$first_key = base64_decode($this -> FIRSTKEY);
$second_key = base64_decode($this -> SECONDKEY);
$method = "aes-256-cbc";
$iv_length = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($iv_length);
$first_encrypted = openssl_encrypt($data, $method,$first_key, OPENSSL_RAW_DATA ,$iv);
$second_encrypted = hash_hmac('sha3-512', $first_encrypted, $second_key, TRUE);
$output = base64_encode($iv.$second_encrypted.$first_encrypted);
return $output;
}
public function secured_decrypt($input){
$first_key = base64_decode($this -> FIRSTKEY);
$second_key = base64_decode($this -> SECONDKEY);
$mix = base64_decode($input);
$method = "aes-256-cbc";
$iv_length = openssl_cipher_iv_length($method);
$iv = substr($mix,0,$iv_length);
$second_encrypted = substr($mix,$iv_length,64);
$first_encrypted = substr($mix,$iv_length+64);
$data = openssl_decrypt($first_encrypted,$method, $first_key,OPENSSL_RAW_DATA, $iv);
$second_encrypted_new = hash_hmac('sha3-512', $first_encrypted, $second_key, TRUE);
if (hash_equals($second_encrypted,$second_encrypted_new))
return $data;
return false;
}
?>
You're setting the initialization vector with openssl_random_pseudo_bytes
Related
We migrated to PHPSecLib a while ago, but did not migrate our legacy data that was encrypted by the old PEAR\Crypt_RSA library. We've reached a point where we need to migrate that data into PHPSecLib's RSA format. While investigating this, I came across this old forum thread. I attempted to apply the suggestion in the response, but could not get it to successfully decrypt our data. It's not erroring out or anything, it just appears to still be encrypted or encoded. We're running PHPSecLib 2.0.6 currently, and I suspect the instructions were for 1.x.
Here's a roughed out version of my adapted decryption flow (based off the forum thread):
$rsaDecryptor = new RSA();
// The Private Key is encrypted based off a password
$mc = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($mc), MCRYPT_DEV_URANDOM);
$keySize = mcrypt_enc_get_key_size($mc);
$key = substr($rsaDecryptor->password, 0, $keySize);
mcrypt_generic_init($mc, $key, $iv);
$privateKey = mdecrypt_generic($mc, base64_decode($privateKey));
mcrypt_generic_deinit($mc);
mcrypt_module_close($mc);
list($privateKeyModulus, $privateKeyExponent) = unserialize(base64_decode($privateKey));
$privateKeyExponent = new BigInteger(strrev($privateKeyExponent), 256);
$privateKeyModulus = new BigInteger(strrev($privateKeyModulus), 256);
$rsaDecryptor->modulus = $privateKeyModulus;
$rsaDecryptor->exponent = $privateKeyExponent;
$rsaDecryptor->publicExponent = $privateKeyExponent;
$rsaDecryptor->k = strlen($this->decRSA->modulus->toBytes());
// ciphertext is the raw encrypted string created by PEAR\Crypt_RSA
$value = base64_decode($ciphertext);
$value = new BigInteger($value, 256);
$value = $rsaDecryptor->_exponentiate($value)->toBytes();
$value = substr($value, 1);
Bugs In PEAR's Crypt_RSA
So I was playing around with this. There's a bug in PEAR's Crypt_RSA (latest version) that might prevent this from working at all. The following code demonstrates:
$key_pair = new Crypt_RSA_KeyPair(1024);
$privkey = $key_pair->getPrivateKey();
$pubkey = $key_pair->getPublicKey();
$a = $privkey->toString();
$b = $pubkey->toString();
echo $a == $b ? 'same' : 'different';
You'd expect $a and $b to be different, wouldn't you? Well they're not. This is because RSA/KeyPair.php does this:
$this->_public_key = &$obj;
...
$this->_private_key = &$obj;
If you remove the ampersands it works correctly but they're in the code by default.
It looks like this is an unresolved issue as of https://pear.php.net/bugs/bug.php?id=15900
Maybe it behaves differently on PHP4 but I have no idea.
Decrypting Data
Assuming the above bug isn't an issue for you then the following worked for me (using phpseclib 2.0):
function loadKey($key) // for keys genereated with $key->toString() vs $key->toPEMString()
{
if (!($key = base64_decode($key))) {
return false;
}
if (!($key = unserialize($key))) {
return false;
}
list($modulus, $exponent) = $key;
$modulus = new BigInteger(strrev($modulus), 256);
$exponent = new BigInteger(strrev($exponent), 256);
$rsa = new RSA();
$rsa->loadKey(compact('modulus', 'exponent'));
return $rsa;
}
function decrypt($key, $ciphertext)
{
if (!($ciphertext = base64_decode($ciphertext))) {
return false;
}
$key->setEncryptionMode(RSA::ENCRYPTION_NONE);
$ciphertext = strrev($ciphertext);
$plaintext = $key->decrypt($ciphertext);
$plaintext = strrev($plaintext);
$plaintext = substr($plaintext, 0, strpos($plaintext, "\0"));
return $plaintext[strlen($plaintext) - 1] == "\1" ?
substr($plaintext, 0, -1) : false;
}
$key = loadKey($private_key);
$plaintext = decrypt($key, $ciphertext);
echo $plaintext;
Private Keys Generated with toPEMString()
With PEAR's Crypt_RSA you can generate private keys an alternative way:
$key_pair->toPEMString();
This method works without code changes. If you used this approach to generate your private keys the private key starts off with -----BEGIN RSA PRIVATE KEY-----. If this is the case then you don't need to use the loadKey function I wrote. You can do this instead:
$key = new RSA();
$key->loadKey('...');
$plaintext = decrypt($key, $ciphertext);
echo $plaintext;
I have functions in PHP (5.3) and I had to upgrade PHP to be able to use current SDKs. Now I get follwoing Error:
Deprecated: Function mcrypt_cbc() is deprecated
I looked into the new mcrypt_generic as http://php.net/manual/de/function.mcrypt-cbc.php tells me and I tried to convert it but I never get the same result as with the old functions. Can anyone help me with converting. It already took me a long time to create the first functions because I am not into that crypting things a lot and now I am having a hard time to get it right.
Thank you very much!!!
function decode ($string)
{
$skey = "testKey";
$siv = "testSIV";
$keyArray = utf8_encode($skey);
$toEncryptArray = base64_decode($string);
$iv = utf8_encode($siv);
$dec = mcrypt_cbc(MCRYPT_3DES, $keyArray, $toEncryptArray, MCRYPT_DECRYPT, $iv);
$dec = utf8_decode($dec);
return $dec;
}
function encode($string)
{
$skey = "testKey";
$siv = "testSIV";
$keyArray = utf8_encode($skey);
$toEncryptArray = utf8_encode($string);
$iv = utf8_encode($siv);
$enc = mcrypt_cbc(MCRYPT_3DES, $keyArray, $toEncryptArray, MCRYPT_ENCRYPT, $iv);
$enc = base64_encode($enc);
return $enc;
}
For security purpose I don't want that my users can read a url to access to a picture for example.
Actually I have
https://files.domain.com/TERFD/TES/photos/20150729-0961577ba8bc6c31e7339acf0c53969a170609038345c3a0602d646a48067c10-ANnKb.jpeg?uid=3&token=360d641dc692041cbea673a
But I prefer that the user can read the picture's path or the token
So that, I wrote the following functions :
public function encrypt($data) {
$key = "df456gfd";
$data = serialize($data);
$td = mcrypt_module_open(MCRYPT_DES,"",MCRYPT_MODE_ECB,"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key,$iv);
$data = base64_encode(mcrypt_generic($td, '!'.$data));
mcrypt_generic_deinit($td);
return $data;
}
public function decrypt($data) {
$key = "df456gfd";
$td = mcrypt_module_open(MCRYPT_DES,"",MCRYPT_MODE_ECB,"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key,$iv);
$data = mdecrypt_generic($td, base64_decode($data));
mcrypt_generic_deinit($td);
if (substr($data,0,1) != '!')
return false;
$data = substr($data,1,strlen($data)-1);
return unserialize($data);
}
My URL is now:
https://files.domain.com/NcGDHiMnmM3fYW2W03ulyJdlCp6FaXCYDlxzWe74zH63+YpfUSPuKnxWIG1C1WNNjw/jU7coduYchvf44Lh4yiVdcL7uyx4vA4oOj14keiohQ9geIYVxsa4n07E0TXbstSETbhqGejE03Ai5hGcJEa7U/aA7z1fRkQEAxepH9j6yu+tQZESp3dXg7JUvVffI9lbpPtbGLj8=
I can decrypt it from files.domain.com and return the requested file.
Is it a good practice ?
Thx
You're actually just slowing down your application with this practice. Honestly, you're making it too complex. Why not use something like base64_encode() and base64_decode(). These functions are actually faster than your decryption and encryption functions.
I want to pass some variable to the URL using PHP $_GET['']; for example:
I have a form on a landing page with five input fields: Name, Surname, Email, Confirm-Email, Phone I pick these variables up now I want to add these to a Base URL so that they can be picked up by another web page.
My question is how safe is this and what is the best method to protect these variables or perhaps make them invisible under the new url...?
I could use php curl() or sockets but the server where I want to send the data to does not allow me to so thats why I want to use $_GET['']'
You should not use $_GET if you want to make your data secure.
There is no option using which you can make $_GET secure or invisible.
You should use $_POST for sending data to other url if you do not want to make your data visible and secure.
Even your data is not stored by browser when you use post method and it is more difficult to hack.
It's unsafe, as URI parameters can be edited by anyone and anything. Best method to "protect" those is to encrypt them when sending (which means the recipient must be able to decrypt them) combined with a checksum to make sure none of the parameters were altered. Another type of protection is not using HTTP but using HTTPS instead, of course.
Both GET and POST is unsafe if you're not using HTTPS.
So if you have to use GET to submit your form, a verify token is suggeseted. Like OAuth, server will return the data through GET, but there's a access_token to protect data.
Encode your variables first, then decode it on the other server. this way no one can easily revert it. Make sure to change var $skey = "SecretKey0001"; to something else.
<?php
class Encryption {
var $skey = "SecretKey0001"; // you can change it
public function safe_b64encode($string) {
$data = base64_encode($string);
$data = str_replace(array('+','/','='),array('-','_',''),$data);
return $data;
}
public function safe_b64decode($string) {
$data = str_replace(array('-','_'),array('+','/'),$string);
$mod4 = strlen($data) % 4;
if ($mod4) {
$data .= substr('====', $mod4);
}
return base64_decode($data);
}
public function encode($value){
if(!$value){return false;}
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->skey, $text, MCRYPT_MODE_ECB, $iv);
return trim($this->safe_b64encode($crypttext));
}
public function decode($value){
if(!$value){return false;}
$crypttext = $this->safe_b64decode($value);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->skey, $crypttext, MCRYPT_MODE_ECB, $iv);
return trim($decrypttext);
}
}
$data_array['Name'] = 'Name';
$data_array['Surname'] = 'Surname';
$data_array['Email'] = 'Email';
$data_array['Confirm-Email'] = 'Confirm-Email';
$data_array['Phone'] = 'Phone';
$data_json = json_encode($data_array);
$encrypt = new Encryption;
$encoded_vars = $encrypt->encode($data_json);
$BASE_URL = 'http://example.com?data=' . $encoded_vars;
echo $BASE_URL;
echo "<br>";
// reverse
$decrypt = new Encryption;
echo $decoded_vars = $decrypt->decode($encoded_vars);
echo "<br>";
$data = json_decode(urldecode($decoded_vars), true);
echo "<br>";
print_r($data);
?>
DEMO: http://sandbox.onlinephpfunctions.com/code/ef1acdcad0272d5d99e21b07183a479f564ac64c
UPDATE
I found the issue that was holding up my script. Apparently it had nothing to do with decryption, but my redirect instead. When I removed this block of code, the script starting performing quickly. Still not sure why this was causing the issue?
// Make sure we have an Order ID
if( ! isset($_GET['id']) && ! isset($_POST['id']) ) {
header("Location: https://www.website.com/orders/");
exit;
}
ORIGINAL QUESTION:
I have been using the Encryption class found here: Encryption class. I am storing the data in a MySQL database, with a VARCHAR binary data type (formerly I tried BLOB and TINYBLOB).
The encrypting and decrypting both work, however it takes like 1 minute to decrypt. The encryption is fast.
I guess I should also say that this is happening over a https connection (in case that's relevant).
I don't remember it always taking this long to decrypt. Do you have any idea what could be causing this? When I comment out the decryption portion of the PHP code, and just echo back the encrypted string, it performs quickly.
CODE AS REQUESTED BELOW IN THE COMMENTS
class Encryption
{
const CYPHER = 'blowfish';
const MODE = 'cfb';
const KEY = 'MyPersonalKey';
public function encrypt($plaintext)
{
$td = mcrypt_module_open(self::CYPHER, '', self::MODE, '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, self::KEY, $iv);
$crypttext = mcrypt_generic($td, $plaintext);
mcrypt_generic_deinit($td);
return $iv.$crypttext;
}
public function decrypt($crypttext)
{
$plaintext = '';
$td = mcrypt_module_open(self::CYPHER, '', self::MODE, '');
$ivsize = mcrypt_enc_get_iv_size($td);
$iv = substr($crypttext, 0, $ivsize);
$crypttext = substr($crypttext, $ivsize);
if ($iv)
{
mcrypt_generic_init($td, self::KEY, $iv);
$plaintext = mdecrypt_generic($td, $crypttext);
}
return $plaintext;
}
}
Here is the code from the webpage, where I set the variables from the MySQL row. I am using WordPress' $wpdb object.
$order = $wpdb->get_row("SELECT * FROM orders WHERE id = ".$order_id." LIMIT 0,1");
$addons_price = $order->addons_price;
$hooked_package = (isset($_GET['hooked_package'])) ? $_GET['hooked_package'] : $order->hooked_package;
$arrival_date_unix = $order->arrival_date_unix;
$order_data = unserialize($order->order_data);
$preview_total = $order_data['preview_price'] + $addons_price + $order_data['travel_insurance'];
$normal_total = $order_data['normal_price'] + $addons_price + $order_data['travel_insurance'];
$package_price = $order->package_price;
$total_price = $order->total_price;
$billing_cc = Encryption::decrypt($order->billing_cc);
Also, here is the MySQL type...
`billing_cc` varbinary(255) DEFAULT NULL
The code you indicate as being your problem is a simple conditional redirect. So it shouldn't have anything to do with the decryption. The only reason I can see for the redirect being slow is that the web server is under heavy load, on a slow connection or has some other performance issue.