WEBINAR:
On-Demand
Application Security Testing: An Integral Part of DevOps
Building Hashes with MHash
MHash is a
free library that lets developers choose from a large number of hash algorithms. These algorithms can be used to compute checksums, message digests, and create other signatures.
Installing Libmhash
- Download libmhash.dll.
- Copy the libmhash.dll file to {php_home}/ext and to {Windows_home}/System32.
- In php.ini, activate the extension=php_mhash.dll line by deleting the comment mark (";").
- Save the updated php.ini file.
Supported Hashes
The hashes currently supported by MHash are:
- MHASH_ADLER32
- MHASH_CRC32
- MHASH_CRC32B
- MHASH_GOST
- MHASH_HAVAL128
- MHASH_HAVAL160
- MHASH_HAVAL192
- MHASH_HAVAL256
- MHASH_MD4
- MHASH_MD5
- MHASH_RIPEMD160
- MHASH_SHA1
- MHASH_SHA256
- MHASH_TIGER
- MHASH_TIGER128
- MHASH_TIGER160
The following example uses MHash to encrypt the contents of
texfile.txt and write the encrypted result to
encrypted.txt:
<?php
$file = 'textfile.txt';
$initial_contents = file_get_contents($file);
if($initial_contents){
//mhash() applies a hash function specified by MHASH_MD5
//to the $initial_contents
$encrypted = mhash(MHASH_MD5, $initial_contents);
// get current Unix timestamp
$current = time();
$salt = $current;
$password = "Octavia";
//mhash_keygen_s2k generates a key according to the hash function
//given and the password provided by the user.
$hash = mhash_keygen_s2k(MHASH_GOST, $password, $salt, 20);
//concatenate the $salt with the $hash
$key = $salt . "|" . bin2hex($hash);
$encrypted_file = @fopen('encrypted.txt','w');
$ok_encrypt = @fwrite($encrypted_file,
'mhash: '.bin2hex($encrypted).' mhash_keygen_s2k:
'.$key);
if($ok_encrypt){
echo 'The encrypted code was succesfully created '.
'in encrypted_file.txt !!!'.'<br />';
}
else{
echo ("The write of this file failed!");
}
@fclose($encrypted_file);
}
?>
Secret Keys and Crypt_Blowfish
Secret-key cryptography uses a single key for both encryption and decryption—also called a symmetric key. For example, the commonly-used DES algorithm is a secret key algorithm. The Crypt_Blowfish PEAR package is based on the Blowfish block cipher and supports two-way encryption, either with or without a secret key. The package doesn't require MCrypt, but Crypt_Blowfish can use MCrypt if it's installed. The
latest released version is 1.0.1 (stable), and you install it like any other PEAR package:
> pear install pear_package_name
This package uses two classes defined in the
Blowfish.php file, which you must include in all scripts that use the Crypt_Blowfish package:
require_once 'Crypt/Blowfish.php';
Here's the code for the by-now-familiar encryption example program using Crypt_Blowfish:
<?php
require_once 'Crypt/Blowfish.php';
$file = 'textfile.txt';
$initial_contents = file_get_contents($file);
if($initial_contents){
$bf = new Crypt_Blowfish('some secret key!');
// Encrypts a string
$encrypted = $bf->encrypt($initial_contents);
$encrypted_file = @fopen('encrypted.txt','w');
$ok_encrypt = @fwrite($encrypted_file,$encrypted);
if($ok_encrypt){
echo 'The encrypted code was succesfully created '.
'in encrypted_file.txt!!!'.'<br />';
}
else{
echo ("The write of this file failed!");
}
@fclose($encrypted_file);
// Decrypts an encrypted string
$plaintext = $bf->decrypt($encrypted);
$newfile = @fopen('newfile.txt','w');
$ok_decrypt = @fwrite($newfile,$plaintext);
if($ok_decrypt){
echo 'The decrypted code was succesfully created '.
'in newfile.txt!!!'.'<br />';
}
else{
echo ("The write of this file failed!");
}
@fclose($newfile);
}
?>
Previous Page
Digg
del.icio.us
Newvine
furl
BlinkList
Newsvine
Magnolia
Tailrank
Slashdot
Technorati
Google Bookmarks
Yahoo Favorites
Windows Live
Ask
