ioncube / php-openssl-cryptor Goto Github PK
View Code? Open in Web Editor NEWExample
License: MIT License
Example
License: MIT License
Why not submitting this library on packagist in order to retrieve it via composer?
Why the key hashed with php::openssl_digest()
? As far as I understand, real strong encryption relies on the initial vector, the key's hash doesn't matter here.. I read the manual about php::openssl_encrypt()
, explored examples and comments there, read openssl enc
wiki. I saw the comment about password/key subtitution, but I think, yours intention was in something else. So, what the point?
Before storing in a database I dump the values of encrypted and then decrypted:
string(32) "6ZoQPJRUhhPM6mKOaOaLQ3Kq0/Jrjw=="
string(6) "qwerty"
Then on retrieving from the database I get:
string(32) "6ZoQPJRUhhPM6mKOaOaLQ3Kq0/Jrjw=="
string(6) "�@ ��>"
The encrypted string looks the same. Why does it not decrypt properly after getting from the database?
I've tried using VARCHAR, VARBINARY and BINARY fields to store the encrypted data.
According to the documentation, $iv
(A non-null initialization vector) in openssl_encrypt
as well in openssl_decrypt
should be random in every environment. However, currently, it is static for the PHP package. For AES-256-CTR it should be 16 bytes.
php-openssl-cryptor/src/Cryptor.php
Line 61 in f62397b
Hi,
I use this simple class on one of my projects.
I use it only with custom key:
Cryptor::Encrypt('[email protected]', $kkey);
on this server, all works ok.
But I need to go to a new one .. after code transfer and get data from DB I can't decrypt encrypted data..
I get some utf string like - ί�]�͇�a���Mٗ�����6����
If I re-encrypt string and decrypt it all is working fine again .. what I miss?
How to use it to be able to future data transfer to a new server?
P.S. I use the same PHP version on same ubuntu servers
PHP Version 7.2.24-0ubuntu0.18.04.4
I made a pull request to remove the call to mcrypt that's still in the file. It can be replaced with an openSSL call, your code will still work.
// Build an initialisation vector
// Replacing all mcrypt calls
// $iv = mcrypt_create_iv($this->iv_num_bytes, MCRYPT_DEV_URANDOM);
// Build an initialisation vector
$iv = openssl_random_pseudo_bytes($this->iv_num_bytes, $isStrongCrypto);
if (!$isStrongCrypto) {
throw new \Exception("Not a strong key");
}
An FYI that as of PHP 7.1 mycrypt is deprecated and removed entirely from version 7.2.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.