dcsimg
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

A Guide to Cryptography in PHP : Page 3

This comprehensive guide discusses where to get, how to install, and how to use the various cryptography packages available to enhance the security of your PHP applications.


advertisement

WEBINAR:

On-Demand

Building the Right Environment to Support AI, Machine Learning and Deep Learning


Building Hashes with MHash
MHash is a free library that lets developers choose from a large number of hash algorithms. These algorithms can be used to compute checksums, message digests, and create other signatures.

Installing Libmhash
  1. Download libmhash.dll.
  2. Copy the libmhash.dll file to {php_home}/ext and to {Windows_home}/System32.
  3. In php.ini, activate the extension=php_mhash.dll line by deleting the comment mark (";").
  4. Save the updated php.ini file.
Supported Hashes
The hashes currently supported by MHash are:

  • MHASH_ADLER32
  • MHASH_CRC32
  • MHASH_CRC32B
  • MHASH_GOST
  • MHASH_HAVAL128
  • MHASH_HAVAL160
  • MHASH_HAVAL192
  • MHASH_HAVAL256
  • MHASH_MD4
  • MHASH_MD5
  • MHASH_RIPEMD160
  • MHASH_SHA1
  • MHASH_SHA256
  • MHASH_TIGER
  • MHASH_TIGER128
  • MHASH_TIGER160


The following example uses MHash to encrypt the contents of texfile.txt and write the encrypted result to encrypted.txt:

<?php $file = 'textfile.txt'; $initial_contents = file_get_contents($file); if($initial_contents){ //mhash() applies a hash function specified by MHASH_MD5 //to the $initial_contents $encrypted = mhash(MHASH_MD5, $initial_contents); // get current Unix timestamp $current = time(); $salt = $current; $password = "Octavia"; //mhash_keygen_s2k generates a key according to the hash function //given and the password provided by the user. $hash = mhash_keygen_s2k(MHASH_GOST, $password, $salt, 20); //concatenate the $salt with the $hash $key = $salt . "|" . bin2hex($hash); $encrypted_file = @fopen('encrypted.txt','w'); $ok_encrypt = @fwrite($encrypted_file, 'mhash: '.bin2hex($encrypted).' mhash_keygen_s2k: '.$key); if($ok_encrypt){ echo 'The encrypted code was succesfully created '. 'in encrypted_file.txt !!!'.'<br />'; } else{ echo ("The write of this file failed!"); } @fclose($encrypted_file); } ?>

Secret Keys and Crypt_Blowfish
Secret-key cryptography uses a single key for both encryption and decryption—also called a symmetric key. For example, the commonly-used DES algorithm is a secret key algorithm. The Crypt_Blowfish PEAR package is based on the Blowfish block cipher and supports two-way encryption, either with or without a secret key. The package doesn't require MCrypt, but Crypt_Blowfish can use MCrypt if it's installed. The latest released version is 1.0.1 (stable), and you install it like any other PEAR package:

> pear install pear_package_name

This package uses two classes defined in the Blowfish.php file, which you must include in all scripts that use the Crypt_Blowfish package:



require_once 'Crypt/Blowfish.php';

Here's the code for the by-now-familiar encryption example program using Crypt_Blowfish:

<?php require_once 'Crypt/Blowfish.php'; $file = 'textfile.txt'; $initial_contents = file_get_contents($file); if($initial_contents){ $bf = new Crypt_Blowfish('some secret key!'); // Encrypts a string $encrypted = $bf->encrypt($initial_contents); $encrypted_file = @fopen('encrypted.txt','w'); $ok_encrypt = @fwrite($encrypted_file,$encrypted); if($ok_encrypt){ echo 'The encrypted code was succesfully created '. 'in encrypted_file.txt!!!'.'<br />'; } else{ echo ("The write of this file failed!"); } @fclose($encrypted_file); // Decrypts an encrypted string $plaintext = $bf->decrypt($encrypted); $newfile = @fopen('newfile.txt','w'); $ok_decrypt = @fwrite($newfile,$plaintext); if($ok_decrypt){ echo 'The decrypted code was succesfully created '. 'in newfile.txt!!!'.'<br />'; } else{ echo ("The write of this file failed!"); } @fclose($newfile); } ?>



Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date