I tried to DES encryption a Query String but it give this error.
<?php
class DES
{
var $key;
var $iv;
function DES( $key, $iv=0 ) {
$this->key = $key;
if( $iv == 0 ) {
$this->iv = $key;
} else {
$this->iv = $iv;
}
}
function encrypt($str) {
return base64_encode( openssl_encrypt($str, 'DES-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv ) );
}
}
?>
$str="method=GetUserStatusDV&Key=01234567789ABCDEF0123456789ABCDE&Time=20150101012345&Username=abd12345"; // for example
$key = 'ZyXw4321'; // for example
$crypt = new DES($key);
$mstr = $crypt->encrypt($str);
$urlemstr = urlencode($mstr);
echo "[ $str ] Encrypted: [ $mstr ] UrlEncoded encrypted string: [ $urlemstr ]";
openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
CodePudding user response:
Even though you are using a deprecated way to instantiate your class (using same name instead of __construct method) the sample code you provided is working.
You can improve your class like this.
class DES
{
private $key;
private $iv;
public function __construct(string $key, string $iv = '') {
$this->key = $key;
if(strlen($iv) != 8) {
$this->iv = \Illuminate\Support\Str::random(8);
} else {
$this->iv = $iv;
}
}
public function encrypt($str) {
return base64_encode( openssl_encrypt($str, 'DES-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv ) );
}
}