How to safely encrypt and decrypt data in PHP? [closed]

2

I need to write sensitive data in the database, but can be read later (decrypt).

    
asked by anonymous 26.10.2015 / 18:29

1 answer

0

You can implement two functions in php one to encrypt and one to decrypt and you would save in the database appending these strings (be careful that they can get very large), an example of the functions:

    <?php
    public static function getMacAlgoBlockSize($algorithm = 'sha1')
    {
        switch($algorithm)
        {
            case 'sha1':
            {
                return 160;
            }
            default:
            {
                return false;
                break;
            }
        }
    }

/**
* O metodo responsavel por descriptograr uma mensagem
* @param string $message Mensagem criptografada
* @param string $key Chave para realizar a descriptografia precisa ser a mesma usada na criptografia Exemplo: "skjj400ndkdçg00"
* @param string $mac_algorithm Tipo da descriptografia que sera usada Exemplo: md5 e sha1
*/
    public static function decrypt($message, $key, $mac_algorithm = 'sha1',
                                       $enc_algorithm = MCRYPT_RIJNDAEL_256, $enc_mode = MCRYPT_MODE_CBC)
    {
        $message= base64_decode($message);
        $iv_size = mcrypt_get_iv_size($enc_algorithm, $enc_mode);
        $iv_dec = substr($message, 0, $iv_size);
        $message= substr($message, $iv_size);
        $message= mcrypt_decrypt($enc_algorithm, $key, $message, $enc_mode, $iv_dec);
        $mac_block_size = ceil(static::getMacAlgoBlockSize($mac_algorithm)/8);
        $mac_dec = substr($message, 0, $mac_block_size);
        $message= substr($message, $mac_block_size);

        $mac = hash_hmac($mac_algorithm, $message, $key, true);

        if($mac_dec == $mac)
        {
            return $password;
        }
        else
        {
            return false;
        }
    }

/**
* O metodo responsavel por criptofrafar uma mensagem
* @param string $message Mensagem a ser criptograda
* @param string $key Chave para realizar a criptografia Exemplo: "skjj400ndkdçg00"
* @param string $mac_algorithm Tipo da criptograda que sera usada Exemplo: md5 e sha1
*/
    public static function encrypt($message, $key, $mac_algorithm = 'sha1',
                                       $enc_algorithm = MCRYPT_RIJNDAEL_256, $enc_mode = MCRYPT_MODE_CBC)
    {
        $mac = hash_hmac($mac_algorithm, $message, $key, true);
        $mac = substr($mac, 0, ceil(static::getMacAlgoBlockSize($mac_algorithm)/8));
        $message= $mac . $message;
        $iv_size = mcrypt_get_iv_size($enc_algorithm, $enc_mode);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $ciphertext = mcrypt_encrypt($enc_algorithm, $key,
                                     $message, $enc_mode, $iv);
        return base64_encode($iv . $ciphertext);
    }

I added some comments to make it easier, but all three methods were done by: Methods Described

    
28.10.2015 / 23:39