CODEWITHSUNDEEP
phpencryption
JoeNguyen
JoeNguyen

Reputation: 1109

Encrypt/decrypt with XOR in PHP

I am studying encryption. And I got a problem like this:

After I XOR plaintext with a key, I get a crypt, "010e010c15061b4117030f54060e54040e0642181b17", as hex type. If I want to get plaintext from this crypt, what should I do in PHP?

I tried convert it to string/int and after that take them to XOR with the key (three letters). But it doesn't work.

This is the code:

function xor_this($string) {

    // Let's define our key here
    $key = 'fpt';

    // Our plaintext/ciphertext
    $text = $string;

    // Our output text
    $outText = '';

    // Iterate through each character
    for($i=0; $i<strlen($text); )
    {
        for($j=0; $j<strlen($key); $j++,$i++)
        {
            $outText .= ($text[$i] ^ $key[$j]);
            //echo 'i=' . $i . ', ' . 'j=' . $j . ', ' . $outText{$i} . '<br />'; // For debugging
        }
    }
    return $outText;
}

function strToHex($string)
{
    $hex = '';
    for ($i=0; $i < strlen($string); $i++)
    {
        $hex .= dechex(ord($string[$i]));
    }
    return $hex;
}

function hexToStr($hex)
{
    $string = '';
    for ($i=0; $i < strlen($hex)-1; $i+=2)
    {
        $string .= chr(hexdec($hex[$i].$hex[$i+1]));
    }
    return $string;
}

$a = "This is the test";
$b = xor_this($a);
echo xor_this($b), '-------------';
//
$c = strToHex($b);
$e = xor_this($c);
echo $e, '++++++++';
//
$d = hexToStr($c);
$f = xor_this($d);
echo $f, '=================';

And this is the result:

This is the test-------------

PHP Notice: Uninitialized string offset: 29 in C:\ Users\Administrator\Desktop\test.php on line 210 PHP Stack trace: PHP 1. {main}() C:\Users\Administrator\Desktop\test.php:0 PHP 2. xor_this() C:\Users\Administrator\Desktop\test.php:239

Notice: Uninitialized string offset: 29 in C:\Users\Administrator\Desktop\test.p hp on line 210

Call Stack: 0.0005 674280 1. {main}() C:\Users\Administrator\Desktop\test.php:0 0.0022 674848 2. xor_this() C:\Users\Administrator\Desktop\test.php:23 9

UBE^A►WEAVA►WEAV@◄WEARAFWECWB++++++++

This is zs$fs☺=================

Why? The "UBE^A►WEAVA►WEAV@◄WEARAFWECWB++++++++" is the result, which I got trouble in my real work.

Upvotes: 15

Views: 47365

Answers (3)

Stalingrad
Stalingrad

Reputation: 159

Based on the code above i created 2 functions to xor encode a JSON string using javascript and then decode it on server side using PHP.

!!! Important: If you will have characters different from ASCII(like Chinese, Cyrillic, Symbols...) in your JSON string, you must either write some code in PHP or JS to fix how these characters are encoded/decoded (ord/chr in PHP produce different results in comparison with JS charCodeAt/String.fromCharCode) or just base64_encode the JSON string and after that xor encode it.

Personally i use xor_string(base64_encode(JSON.stringify(object)), 'xor_key') in JS and on PHP side:

$json = json_decode(base64_decode(
                        xor_string(file_get_contents("php://input"), 'xor_key')
                    ),
        true);

PHP:

function xor_string($string, $key) {
    $str_len = strlen($string);
    $key_len = strlen($key);

    for($i = 0; $i < $str_len; $i++) {
        $string[$i] = $string[$i] ^ $key[$i % $key_len];
    }

    return $string;
}

Javascript:

function xor_string(string, key) {
    string = string.split('');
    key = key.split('');
    var str_len = string.length;
    var key_len = key.length;
    var String_fromCharCode = String.fromCharCode;

    for(var i = 0; i < str_len; i++) {
        string[i] = String_fromCharCode(string[i].charCodeAt(0) ^ key[i % key_len].charCodeAt(0));
    }

    return string.join('');
}

Upvotes: 2

One Man Crew
One Man Crew

Reputation: 9578

Try this:

function xor_this($string) {

    // Let's define our key here
    $key = ('magic_key');

    // Our plaintext/ciphertext
    $text = $string;

    // Our output text
    $outText = '';

    // Iterate through each character
    for($i=0; $i<strlen($text); )
    {
        for($j=0; ($j<strlen($key) && $i<strlen($text)); $j++,$i++)
        {
            $outText .= $text{$i} ^ $key{$j};
            //echo 'i=' . $i . ', ' . 'j=' . $j . ', ' . $outText{$i} . '<br />'; // For debugging
        }
    }
    return $outText;
}

Basically to revert text back (even numbers are in) you can use the same function:

$textToObfuscate = "Some Text 12345";
$obfuscatedText = xor_this($textToObfuscate);
$restoredText = xor_this($obfuscatedText);

Upvotes: 27

onetiger
onetiger

Reputation: 311

Even easier:

function xor_string($string, $key) {
    for($i = 0; $i < strlen($string); $i++) 
        $string[$i] = ($string[$i] ^ $key[$i % strlen($key)]);
    return $string;
}

Upvotes: 20

Related Questions