Basic file encryption with PHP mcrypt using cryptastic class

Mihai Ionescu Web Development, PHP

Share

This post is about encrypting / drecrypting data, files more exactly.
After google-ing for a while i found this to be very usefull for what i needed.
This class uses RIJNDAEL-256 block cipher, which is based on a symetric key algorithm, this means that it’s using the same key for encryption and decryption.

My task was to encrypt some user uploaded files on the server using a unique key for each user, and also to make it possible to send those files to other users and allow them to see the encrypted content. The files need to be encrypted on the server all the time.

To achive that i used cryptastic class. I encrypted the file on upload with the uploading user’s key. When the user sends the file to other user, he makes a copy of that file encrypted with the receiver’s key.

The key is generated using 2 other variables, $password and $salt

Here is the implementation of file encryption on user upload.

$salt 		= 'some random string';
$pass 		= 'password';
$cryptastic = new cryptastic;
$key  		= $cryptastic->pbkdf2($pass, $salt, 1000, 32) or
				die("Failed to generate secret key.");
$encryptPath = 'uploads/some_user_folder/';
/**
* this is the real name of the file, stored for a nice download name
* better than a md5 hash
*/			
$resumeFilename = $filename_tmp = $_FILES['filename']['name'];
$ext = explode(".", $filename_tmp);
$name_rand = md5(uniqid(rand(), TRUE));
$filename = $name_rand . "." . $ext[1]; // Create Random Resume Name

if (move_uploaded_file($_FILES['filename']['tmp_name'], FILE_UPLOAD_DIR . $filename)) {

	$msg 			= file_get_contents(FILE_UPLOAD_DIR.$filename);
	$encrypted		= $cryptastic->encrypt($msg, $key) or
					  die("Failed to complete encryption.");
	$ext 			= substr($filename, 33, 3);
	$fileName 		= md5($filename.time()) . '-'.$ext;
	$encryptedFile 	= $encryptPath.$fileName;
	
	$fHandle		= fopen($encryptedFile, 'w+');
	fwrite($fHandle, $encrypted);
	fclose($fHandle);
	unlink(FILE_UPLOAD_DIR . $filename);
}

A save in the database along with the hashed name, the real name of the file so it will have a “normal” name at download.
Notice that i had to concatenate the extension of the file, so when the user downloads the file it will be in the right format, in this case .doc or .pdf.

The next snippet is responsible for the file “transfer” between the users.

	/**
         * $attachment is the name of the encrypted file, 
	 * this is stored in database
         */
	$resumePath = 'uploads/some_user_folder/';
	$newPath	= 'uploads/some_other_user_path/';
	$ext 		= explode('-', $attachment);
	$content 	= file_get_contents($resumePath.$attachment);

	$cryptastic = new cryptastic;

	$decryptionKey = $key = $cryptastic->pbkdf2($userKey, SALT, 1000, 32);
	$encryptionKey = $cryptastic->pbkdf2($receiverKey, SALT, 1000, 32);

	$decrypted = $cryptastic->decrypt($content, $decryptionKey) or
				die("Failed to complete decryption");
	$encrypted = $cryptastic->encrypt($decrypted, $encryptionKey) or
				die("Failed to complete encryption.");

	$companyAttachment = $newFilename = md5($attachment) . '-'.$ext[1];
	$handle = fopen($newPath.$newFilename, 'w+');
	fwrite($handle, $encrypted);
	fclose($handle);

On download the process is similiar with the “transfer” only thing diffrent is that the content is written to the file unencrypted and after the download is finished the file is deleted.

References:

PHP Encryption / Decryption Using the MCrypt Library

Finally, there’s another very important peculiarity of what does Cialis that brings it so high above its alternatives. It is the only med that is available in two versions – one intended for use on as-needed basis and one intended for daily use. As you might know, Viagra and Levitra only come in the latter of these two forms and should be consumed shortly before expected sexual activity to ensure best effect. Daily Cialis, in its turn, contains low doses of Tadalafil, which allows to build its concentration up in your system gradually over time and maintain it on acceptable levels, which, consequently, makes it possible for you to enjoy sex at any moment without having to time it.

Tags:
4 thoughts on “Basic file encryption with PHP mcrypt using cryptastic class”
  • sha1 hash says:

    Very helful tutorial. Thank you. Nice touching saving the extension. I hate files that download with 32 character names and no extension.

    November 12, 2010 at 1:34 am
  • Yulia says:

    Thanks for the tutorial! Just what i needed! I can upload encrypted files now, but cant get pass “Failed to complete decryption” in the second snippet…What could be the reasons?

    Thanks,
    Yulia.

    June 30, 2011 at 6:55 pm
  • Furqon says:

    please give me the example of using this code, or can I download it?

    September 13, 2012 at 3:39 pm
    • Mihai Ionescu says:

      I’ve updated the links in the post with the new location to the in depth tutorial from the author of the Cryptastic class. You can check that out for more info. I used it just like it’s seen in the post.

      September 14, 2012 at 7:50 am

Comments are closed.

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close