What is the decrypt function for crypt function in PHP
Thanks
Bharanikumar
From the PHP Manual
There is no decrypt function, since crypt() uses a one-way algorithm.
5 seconds of searching stackoverflow:
how do I encrypt and then decrypt the text of username and password used in database class file
How can I decrypt password string in PHP which was encrypted with crypt?
php mcrypt - decrypting and encrypting files?
Encrypt and Decrypt String With Key PHP
php encrypt and decrypt
I'm sure google has more. Please do a bit of research before you ask a question, it's not fair to just expect everyone else to do all the thinking for you.
You cannot decrypt the crypt function but if you need original string back, use mcrypt_encrypt and mcrypt_decrypt, and choose key based encryption like MCRYPT_RIJNDAEL_256
Related
I want to encrypt some data uisng SHA256 hashing algorithm
<?php
$encryption_key = "aldskfje49345rgaefa";
echo hash('sha256', "hello world");
?>
Try Using hash_hmac() Like this hash_hmac('sha256',);
Read the Manual Here
Just a suggestion...
When you do this
echo hash('sha256', "hello world");
You are not encrypting your data but you are hashing them.
The difference between both ?
Hashing is one way. You generate an unique and irreversible hash.
Encrypting is two way. You can encrypt your data with a key and decrypt with the same key.
So in your situation, you should avoid using SHA256 algorithm. Instead, I recommand you to use Crypt facade provided by Laravel. The key used for encrypting your data is your APP_KEY environnement variable (which is generated when you install your project).
If you have not this, you can simply generate it by execute this command :
php artisan key:generate
So, you will need to share the key with your friend, and use the same algorithm. I let you read the documentation about Crypt Facade.
I used the bcrypt to hash my password. The problem is that when the password was hashed from PHP (example: $2y$10$qLubKu5BTO7eFk8oXjk3xOZDxxQI/F0GgdgjKkL3kzF/8M565hJpq) VB.NET cannot recognize it. But if the password was hashed using VB.NET (example: $2a$10$XwkBsps2z3tlLU2qwumC6OjTPhg/zvudNS5g5hant9xFKxUeNupca) PHP recognizes it. Is this some kind of version error? There is an exception: 'Invalid Salt Revision'
Thanks!
Tried different packages from nuget still at no luck :(
Dim check As String = BCrypt.Net.BCrypt.HashPassword(txtbox_pword.Text)
If BCrypt.Net.BCrypt.Verify(txtbox_pword.Text, pword) = True Then
'in
End If
https://i.stack.imgur.com/fvXzU.png
Problem solve! Used some function to make the hash from PHP to start with $2a$ then viola! :D Thanks!
Since mcrypt was deprecated in PHP 7.1 and I have a lot of data encrypted/decrypted with mcrypt in existing project, how to migrate my PHP code from mcrypt to OpenSSL? I have the following code to encrypt:
$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, 'salt', 'source string', MCRYPT_MODE_ECB));
And decryption code is:
$source = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, 'salt', base64_decode('encoded string'), MCRYPT_MODE_ECB);
What openssl_ functions should I use in the above examples to get the same results without encoded data conversion?
Or the only way is to run a script which will decrypt all my stored encrypted data with mcrypt and encode with openssl?
Thanks
OpenSSL doesn't have the Rijndael-256 cipher; there's no equivalent - you'll have to decrypt and re-encrypt everything.
But also:
You're missing padding and authentication.
Don't use ECB mode.
"salt" is not a proper encryption key, nor is any regular string. Use random_bytes() to generate your keys, with the proper key length for the chosen algorithm.
All of the above can be summed up like this: don't do it on your own, use a well-vetted library like defuse/php-encryption.
Cryptography is no simple thing and you can't do it properly with just 5 lines of code.
I was trying to decrypt values from the database that have been encrypted with VB6 using AES256 Rijndael - the vb6 algorithm was written by Phil Fresle.
The problem is, that some things have changed since vb6 and php. In vb6, I just used the function by passing the value I wanted to encrypt and the key for it. In addition, the key was not so long as the algorithm itself padded it up with zeros. In PHP, I now don't know how to decrypt the values that have been encrypted with the vb6 aes implementation by Phil Fresle. I tried the following without success:
function decodeAES256($password)
{
// $password here: 20D2E48C0A262B95852ABF5269488736504F728DF50A4D4BF72A5DFB8FB09925
return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, 'ThisIsSomeSecretKeySecretKey\0\0\0\0', password, MCRYPT_MODE_ECB);
}
The passwords have been encrypted in vb6 by using the key "ThisIsSomeSecretKeySecretKey\0\0\0\0" - running the code above will not decrypt to the correct password..?
Maybe, I clarify the question a bit:
Currently, the key that has been used in VB6 Encryption has 28 characters (I cannot post the real key here, but the key has the same length as "ThisIsSomeSecretKeySecretKey"), so for making the key to work and for enabling AES256 in Rijaendel128, I expand him by concatenating 4x "/0" -> "ThisIsSomeSecretKeySecretKey\0\0\0\0" to 32 characters / bit.
The VB6 function receives as input parameter only the key and the encrypted value for decryption.No $iv is being used. So I won't need it here as well?
When I try to decrypt a string, I receive very strange letters with the aboce code: "ãW┤ä▬→☻ûI¤═¦.ÌËS" is the result of "decrypting" an encrypted value.
Do I need to configure other parameters, or is the vb6 algorithm using different defaults or encoding?
Could I call the vb6 method by using COM-class when including the vb6 rijndael as a dll? If this would work in theory, where can I find the vb6 class as DLL?
I am working in a PHP app we have a particular string that we need to encrypt before storing in a database. I can do this in PHP with not problem using mcrypt with a key and a iv. Currently I'm trying to use blowfish because I thought it would be the most flexible as far as decrypting it in ColdFusion. The issue I ran into is it seems ColdFusion doesn't want to use the key or iv I encrypted with. ColdFusion wants you to generateSecretKey() and use some other way to create the iv.
What I can't seem to do is get the two to communicate. I tried first encrypting in coldFusion and using the key it generated and iv it used in PHP but the result was not what it should be. I know I must be missing something but I can't quite pinpoint what it might be.
<?php
$securedString = mcrypt_encrypt ('MCRYPT_BLOWFISH' , 'THISISMYKEYTHATISVERYLONG32CHARS' , "This is the string I need encrypted' , MCRYPT_MODE_CBC , '12345678');
echo base64_encode($securedString);
?>
So what would an equivalent ColdFusion Decryption call look like?
BTW: if Blowfish is not the ideal algorithm to use please feel free to suggest another as long as both ColdFusion and PHP can use it and it is secure.
Thanks,
Bruce
Something like this should work. You just need to share a common key between each.
In PHP:
base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $plain_string, MCRYPT_MODE_ECB));
In Coldfusion:
<cfscript>
decrypted_string = decrypt(enc_string, key, "DESEDE", "Base64");
</cfscript>