TRIPLE DES encryption/decryption using php

Question

I have this TRIPLE DES ENCRYPTION CODE IN PHP

    $encryption_key = "CE51E06875F7D964";
    $data='tokenNo=test&securityCode=111' ;
    echo $desEncryptedData = encryptText_3des($data, $encryption_key);//outputs 3des encrypted data

function encryptText_3des($plainText, $key) {
    $key = hash("md5", $key, TRUE); 
    for ($x=0;$x<8;$x++) {
        $key = $key.substr($key, $x, 1);
    }
    $padded = pkcs5_pad($plainText,
        mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC));
    $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC));
    return $encrypted;
}
 function pkcs5_pad ($text, $blocksize)   
{
    $pad = $blocksize - (strlen($text) % $blocksize);
    return $text . str_repeat(chr($pad), $pad);
}

Im able to encrypt the data as xcFEvIdLXc2fjhG1i4iPOQu5L6ahxwZVucDOPqeMM2E=

Now I have the key,will I able to decrypt this data to plain text format?

I tried it this way

            $encryption_key = "CE51E06875F7D964";
        $data='xcFEvIdLXc2fjhG1i4iPOQu5L6ahxwZVucDOPqeMM2E=' ; //encrypted data
        echo $desEncryptedData = encryptText_3des($data, $encryption_key);//outputs 3des encrypted data

    function encryptText_3des($plainText, $key) {
        $key = hash("md5", $key, TRUE); 
        for ($x=0;$x<8;$x++) {
            $key = $key.substr($key, $x, 1);
        }
        $padded = pkcs5_unpad($plainText,
            mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC));
        $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC));
        return $encrypted;
    }

    function pkcs5_unpad($text)   

    {
        $pad = ord($text{strlen($text)-1});
        if ($pad > strlen($text)) return false;
        if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
        return substr($text, 0, -1 * $pad);
    }

But I couldnt do it.IS what I am doing is wrong?Please suggest me a way to decrypt this?Is the encryption key itself is used to decrypt the data in triple DES?Please help

Answer 1

For PHP 7.1 and above, mcrypt function is deprecated. Here is the alternative using openssl_encrypt

$ciphertext = openssl_encrypt('string to be encrypted', 'DES-EDE3', 'key', OPENSSL_RAW_DATA);
$ciphertext = base64_encode($ciphertext);

You can use this online Triple DES encryption tool to cross check.

For other available cipher, you can invoke PHP method openssl_get_cipher_methods()

Answer 2

This is the solution:

public function encrypt($data, $secret)
{
    //Generate a key from a hash
    $key = md5(utf8_encode($secret), true);

    //Take first 8 bytes of $key and append them to the end of $key.
    $key .= substr($key, 0, 8);

    //Pad for PKCS7
    $blockSize = mcrypt_get_block_size('tripledes', 'ecb');
    $len = strlen($data);
    $pad = $blockSize - ($len % $blockSize);
    $data .= str_repeat(chr($pad), $pad);

    //Encrypt data
    $encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');

    return base64_encode($encData);
}

public function decrypt($data, $secret)
{
    //Generate a key from a hash
    $key = md5(utf8_encode($secret), true);

    //Take first 8 bytes of $key and append them to the end of $key.
    $key .= substr($key, 0, 8);

    $data = base64_decode($data);

    $data = mcrypt_decrypt('tripledes', $key, $data, 'ecb');

    $block = mcrypt_get_block_size('tripledes', 'ecb');
    $len = strlen($data);
    $pad = ord($data[$len-1]);

    return substr($data, 0, strlen($data) - $pad);
}

Regards.