Online PHP editor | refs for QQ5Z1

<?php /** * Class EncDec * @package App\Http */ class EncDec { private $key; protected $iv_size; protected $iv; protected $project_id; protected $user_id; protected $type; protected $extra_param; public function __construct() { # --- ENCRYPTION --- # the key should be random binary, use scrypt, bcrypt or PBKDF2 to # convert a string into a key # key is specified using hexadecimal $this->key = hash('sha256',"prelaunch",TRUE); # create a random IV to use with CBC encoding $this->iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND); } /** * @param $project_id * @param $user_id * @param $type * @param array $extra_param * @return string */ public function encryptData($project_id, $user_id, $type = "user", array $extra_param = array()) { $this->project_id = $project_id; $this->user_id = $user_id; $this->type = $type; $this->extra_param = $extra_param; $encrypting_array = [ "p" => $this->project_id, "i" => $this->user_id, "t" => $this->type, "e" => $this->extra_param ]; $encrypting_text = http_build_query($encrypting_array); $output = $this->encrypt($encrypting_text); return $output; } public function encrypt_data($data) { $output = $this->encrypt($data); return $output; } public function decrypt_data($encrypted_text) { $encrypted_text = base64_decode(str_replace(["-", "_"], ["+", "/"], $encrypted_text)); return rtrim($this->decrypt($encrypted_text)); } public function decryptData($encrypted_text) { // try { $encrypted_text = base64_decode(str_replace(["-", "_"], ["+", "/"], $encrypted_text)); $decrypted_text = $this->decrypt($encrypted_text); parse_str($decrypted_text, $return_decrypted_array); return $return_decrypted_array; // } catch (DecryptException $e) { // throw new Exception("You tried to change the delicate internal behavior of my system"); // } } public function decrypt($string) { # retrieves the IV, iv_size should be created using mcrypt_get_iv_size() $iv_dec = substr($string, 0, $this->iv_size); # retrieves the cipher text (everything except the $iv_size in the front) $string = substr($string, $this->iv_size); # may remove 00h valued characters from end of plain text $output = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->key, $string, MCRYPT_MODE_CBC, $iv_dec); return $output; } public function encrypt($string) { # creates a cipher text compatible with AES (Rijndael block size = 128) # to keep the text confidential # only suitable for encoded input that never ends with value 00h # (because of default zero padding) $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->key, $string, MCRYPT_MODE_CBC, $this->iv); # prepend the IV for it to be available for decryption $output = $this->iv . $output; # encode the resulting cipher text so it can be represented by a string $output = base64_encode($output); # === WARNING === # Resulting cipher text has no integrity or authenticity added # and is not protected against padding oracle attacks. $encrypted_text = str_replace(["+", "/", "="], ["-", "_", ""], $output); return $encrypted_text; } } $enc_dec = new EncDec(); echo $enc_dec->encrypt("Narendra"); echo $enc_dec->decrypt(1);