digitallabs Posted October 12, 2015 Share Posted October 12, 2015 (edited) Hi there I normally code PHP, but I'm no encryption expert. My friend has asked me to encrypt a string using PHP so that: Encryption keystring : BinHex Encoder for Data UTF8 Encoder for KeyString KeyArrayLength : 16 - KeyString is converted to byteArray using UTF8 encoder and then the result byteArray is trimmed upto 16 length (i.e KeyArrayLength) SaltString = Encryption keystring SaltString Length = 16 KeySaltTextEncoder = UTF8 Initialization Vector = Salt (Salt is obtained by converting Saltstring to byteArray using UTF8 encoder and then the result byteArray is trimmed upto 16 length i.e. SaltString length) Uses the RijndaelManaged implementation KeySize : 256 BlockSize : 128 Mode : Cipher Block Chaining (CBC) Padding : PaddingMode.PKCS7 I don't understand the English part, so how to do it in PHP? Ideally I need a function where I can feed my string and the key that he supplied which has 44 characters in length. So far I have this:mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $the_raw_key, $str, MCRYPT_MODE_CBC, $the_raw_key); (it doesn't work, but even if it did work doesn't mean I'm doing the right thing) My friend will decrypt the information and the decryption needs to work without too many code changes on the encryption side. Hope someone can help me! Many thanks in advance! Edited October 12, 2015 by digitallabs Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted October 12, 2015 Share Posted October 12, 2015 (edited) So this project is just for fun, right? The data isn't really important, is it? Because if the data is important, stop it. You do in fact have to be an expert to protect critical data. Broken cryptography isn't worth anything; it's actually worse than nothing, because people will assume that their data is safe when it's not. But even if this is a fun project, a lot of this doesn't even make sense. What does the key have to do with UTF-8 encoding? The key is not a password! It must be a sequence of exactly 32 bytes (for AES-256) or 16 bytes (for AES-128) obtained from a cryptographically secure random number generator (e. g. /dev/random on Unix machines). Edited October 12, 2015 by Jacques1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.