2

I am trying to encrypt data using php and insert into mysql. Encryption and insert actions working properly but decryption does not return actual string. Please see my code below for encryption

public function encryptText($text,$customer_id)
    {
        $key = $customer_id;
        $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB);
        return $crypttext;
    }

For decryption

public function decryptText($ctext,$customer_id)
    {
            $key = $customer_id;
            $text = mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$ctext,MCRYPT_MODE_ECB);
            return $text;
    }

Please help me to solve this issue

Improve this question
6
  • 1
    "working properly but decryption does not return actual string" -- Sooo, it's not working properly then? ;P Commented Sep 6, 2012 at 10:38
  • 1
    generally little point encrypting data in db, if the bad guys have access to the db they probably have access to the code used to encrypt the data. Commented Sep 6, 2012 at 10:40
  • could you post your "test" code, please? because your code works as it should. I suppose that there is some problem with string padding or $customer_id (key) parameter casting. Commented Sep 6, 2012 at 10:45
  • @Dagon: That's totally unfounded. Commented Sep 6, 2012 at 10:46
  • @Jon founded in much of what i have read. Commented Sep 6, 2012 at 10:53

2 Answers 2

Reset to default
1

The most likely problem is that you are not using the correct key to decrypt the encrypted data. Your code shows a number of issues really look into:

  • The key should ideally be a binary string. What are the exact contents of $customer_id? Even if that is a string, it should be exactly either 128, 192, or 256 bits long. It doesn't look like it is.
  • Even if the key were technically acceptable, using a customer id as a key does not really offer any security at all.
  • The 256 in MCRYPT_RIJNDAEL_256 does not specify the encryption strength but the block size. In almost all cases you should use MCRYPT_RIJNDAEL_128 instead -- in fact doing this is the same as AES. MCRYPT_RIJNDAEL_256 is not AES.
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I have used customer_id (integer) as key.
@Vinay: That will not work. Please take some time to familiarize yourself with basic crypto literature, this mistake is so fundamental that I cannot give better advice than that. Even if it did work, your system would not be any more secure than before. Crypto is something that you have to do correctly, otherwise it doesn't work.
0

These functions will take any PHP object and encrypt/decrypt them:

Encrypt JSON object Rijndael ECB base 64 encode

function ejor2eb($object, $key) {
    // Encode the object
    $object = json_encode($object, JSON_FORCE_OBJECT);

    // Add length onto the encoded object so we can remove the excess padding added by AES
    $object = strlen($object) . ':' . $object;

    // Encrypt the string
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $result = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $object, MCRYPT_MODE_ECB, $iv);

    // Return the URL encoded string, with the encryption type attached
    return 'jor2eu:' . base64_encode($result);
}

Decrypt JSON object Rijndael ECB base 64 decode

function djor2eb($string, $key, $default = false) {
    // Remove the encryption type, and decode the string
    $binary = base64_decode(substr($string, 7));
    if (!$binary) {
        return $default;
    }

    // Decrypt the string
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $result = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $binary, MCRYPT_MODE_ECB, $iv);

    // Remove encrption padding
    $tokens = null;
    preg_match('/^([0-9]+):/i', $result, $tokens);
    if (sizeof($tokens) !== 2) {
        return $default;
    }
    $result = substr($result, strlen($tokens[1]) + 1, $tokens[1]);

    // Decode the ecoded object
    $object = json_decode($result);

    return $object;
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.