PHP Encryption and decrypted

Hi,
I am very new to PHP and have now come across encryption with PHP. I have created the PHP file to generate a key using AES and got it working but now very stuck on what to do this is my assignment.

Scenario

You have been given the task of ensuring that data is encrypted when travelling over a network. This will involve creating working encryption and decryption functions, and testing them. Your strategy is to use AES encryption for any transfer of sensitive data.

To do

Using the AES encryption example on the Encryption with PHP training page to complete the following tasks:

  1. Create a PHP file that will generate a key. Copy the resulting key for use.

  2. Create a working PHP file that will do the following:

  • Store a generated key
  • Encrypt the following plaintext data: *Fido!hcteF^
  • Decrypt the encrypted data
  • Output all the following to the webpage:
    • the key
    • the plaintext data
    • the encrypted data
    • the decrypted data

I Know I need to add the follow code

The encryption function

function encryptData($data, $key) {
// remove the base64 encoding from our key so we again have the 256 bit key
$encryption_key = base64_decode($key);

// generate an IV
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));

// encrypt the data using CBC mode AES 256 encryption, also using the encryption key and IV.
$encrypted = openssl_encrypt($data, 'aes-256-cbc', $encryption_key, 0, $iv);

// The $iv is need along with the key for decrypting, so keep it with our encrypted data using a unique separator (::)
return base64_encode($encrypted . '::' . $iv);
}

and

The decryption function

function decryptData($data, $key) {
    
// remove the base64 encoding from our key so we again have the 256 bit key
$encryption_key = base64_decode($key);

// split the encrypted data from our IV - our unique separator used was "::"
list($encrypted_data, $iv) = explode('::', base64_decode($data), 2);

// use the encrypted data, the key and the IV to return the plaintext data
return openssl_decrypt($encrypted_data, 'aes-256-cbc', $encryption_key, 0, $iv);
}

Thank you so much for any help

I take this is for a class and if this is an introductory class to PHP or something like that then this instructor is an idiot. Web Security is the last thing you want to teach people who are just learning to program. If you don’t meet the prerequisites to this course then I would suggest you drop this course and take those course(s).

Hi thank you yeah it is my last assingment I have learnt a little bit of php. I just cant seem to work out what I should echo to the website.

Sponsor our Newsletter | Privacy Policy | Terms of Service