Posted by Dirk Kredler on 10/17/04 11:05

Am Mittwoch, 12. Januar 2005 11:13 schrieb Shaun:
> Hi,
>
> I have site that allows users to upload private information to our server.
> We would like to encrypt the data for security reasons and only allow
> certain users to be able to un-encrypt the data and view it. I have looked
> at the PHP encryption functions and they appear to be one way algorithms -
> I am guessing this is the whole point of encrption ;)
>
> Does anyone have any suggestions regarding this?
>
> Many thanks

hey :)

you should use the mcrypt_* functions. Look at the manual pages,
you will find there many examples.

Here are some functions i use for encryption of private data,
may they help you:

/**
* mcrypt iv generieren
*/
if(!isset($_SESSION['MCRYPT_IV'])) {

$_SESSION['MCRYPT_IV']=
mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC),
MCRYPT_DEV_URANDOM);

}

/**
* Encryption
*
* @param String input - unencrypted string
* @return String encrypted string
*/
function encrypt($input) {

$encrypted= mcrypt_encrypt(MCRYPT_BLOWFISH, SECRET, $input,
MCRYPT_MODE_CBC, $_SESSION['MCRYPT_IV']);
$encoded= base64_encode($encrypted);

return
$encoded;
}

/**
* Decryption
*
* @param String input - encrypted string
* @return String - decrypted string
*/
function decrypt($input) {

$decoded= base64_decode($input);
$decrypted= mcrypt_decrypt(MCRYPT_BLOWFISH, SECRET, $decoded,
MCRYPT_MODE_CBC, $_SESSION['MCRYPT_IV']);

return
rtrim($decrypted);
}

[Back to original message]