Hudzilla.org - the homepage of Paul Hudson
Contents > Security concerns > Protecting your data Wish List | Report Bug | About Me ]

17.3.6     Symmetric decryption: mdecrypt_generic()

This is NOT the latest copy of this book; click here for the latest version.

string mdecrypt_generic ( resource td, string data)

As you have seen, it takes around ten lines of code just to encrypt data, however the end result is that you get encrypted text that is exceptionally hard to decrypt without knowledge of the key and IV. Once you have mastered encryption, decryption is fairly easy as it shares most of the same concepts. Here is the same script again, this time it encrypts then decrypts the information:

<?php
    srand((double)microtime()*1000000 );
    $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CFB, '');
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
    $ks = mcrypt_enc_get_key_size($td);
    $key = substr(sha1('Your Secret Key Here'), 0, $ks);

    mcrypt_generic_init($td, $key, $iv);
    $ciphertext = mcrypt_generic($td, 'This is very important data');
    mcrypt_generic_deinit($td);

    mcrypt_generic_init($td, $key, $iv);
    $plaintext = mdecrypt_generic($td, $ciphertext);
    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);

    print $iv . "\n";
    print trim($ciphertext) . "\n";
    print trim($plaintext) . "\n";
 ?>

Note that we actually call mcrypt_generic_deinit() then mcrypt_generic_init() immediately afterwards - this is important for the encryption to work properly, and you must not forget to do this.

Author's Note: it is crucial that you do not forget to deinit() after you encrypt, then call init() again when you want to decrypt - if you do not believe me, try commenting these lines out and see what happens!

The output of that script is too crazy to print here because encrypted data uses a much wider range of characters than just A-Z - try the script for yourself and see what your ciphertext looks like.





<< 17.3.5 Advanced symmetric encryption   17.3.7 Changing encryption algorithm >>
Table of Contents
 Want to see this stuff in print? PHP in a Nutshell takes the core topics covered here, adds in thousands of edits from the editorial team and myself, and combines them to make an unbeatable reference for PHP programmers at all levels.



My latest book has hundreds more tips on how to use PHP, Apache, and MySQL, plus Perl, Python, shell scripts, performance tuning, and more!
Top-right shadow
 
Bottom-left shadow Bottom shadow

Comments from other readers
Be the first to add a comment to this chapter!



Add comment
Please note that by posting a comment here you are committing it to the public domain. This is important so that others can make use of your code themselves, and also so that I can incorporate helpful notes directly into the main text. Comments are limited to 2000 characters in length.

If you are reporting an error in the content, please tell me directly.

Your name/email address:
Your comment:
 
Now, in order to verify that you're a real person, please answer this simple question: what is six plus two?
The answer is:
(please write in
numbers, eg 19)


Top-right shadow
 
Bottom-left shadow Bottom shadow

This website and its content is copyright © Paul Hudson 2005, all rights reserved.