Created
January 26, 2015 03:48
-
-
Save hanafiah/0d6408674840daefb2ad to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * simple encrypt & decrypt for POC | |
| * @param type $string | |
| * @param type $key | |
| * @return type | |
| */ | |
| function encrypt($string, $key) | |
| { | |
| return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)))); | |
| } | |
| function decrypt($encrypted, $key) | |
| { | |
| return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0"); | |
| } | |
| /** | |
| * sample data. | |
| */ | |
| $current_app_password = 'MYPASS'; | |
| $remote_app_password = 'REMOTE_PASS'; | |
| /** | |
| * this is user unique key. the salt must differ from user login | |
| * don't store this in db. use it on the fly when user login. | |
| */ | |
| $salt = '1234'; | |
| $user_remote_hash_key = crypt($current_app_password, $salt); | |
| /** | |
| * store encrypted remote password in db | |
| */ | |
| $encrypted = encrypt($remote_app_password, $user_remote_hash_key); | |
| echo $encrypted . PHP_EOL; | |
| /** | |
| * user must login to get back $user_remote_hash_key | |
| */ | |
| echo decrypt($encrypted, $user_remote_hash_key) . PHP_EOL; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment