Simple Javascript encrypt, PHP decrypt with shared secret key

Question

This is not about security. It is also not to make it hard to break. I\'m looking for a simple algorithm to change a string (a url) in a way it does not resemble the origina

Answer 1

Well I found this page and found Redcully's program not work for me so I thought It happens with all others. finally I got reason and fixed it. Here new code is... Thanks to Redcully :)

JS function:

function encode(str) {
  var encoded = "";
  for (i=0; i<str.length;i++) {
    var a = str.charCodeAt(i);
    var b = a ^ 51;    // bitwise XOR with any number, e.g. 123
    encoded = encoded+String.fromCharCode(b);
  }
  return encoded;
}

PHP function:

function decode($encoded) {
  $decoded = "";
  for( $i = 0; $i < strlen($encoded); $i++ ) {
    $b = ord($encoded[$i]);
    $a = $b ^ 51;  // <-- must be same number used to encode the character
    $decoded .= chr($a);
  }
  return $decoded;
}

Answer 2

How are you planning to implement (hide) the secret in Javascript? IMHO it's not possible.

Edit: OK - not about security.. then just use any baseXX or rot encoding mechanism. But you can't really say one of these algorythms would not be well known...

Answer 3

If that's what you want, you can Base64 encode and decode that.

[EDIT]: After OP clarification:

As you do not want widely used methods, here is one rarely used method and that can do it for you by giving output only in LOWERCASE letters and NUMBERS. It is Base32 Encode/Decode. Use the following libraries:

• Javascript Base32 Encoder: http://www.tumuski.com/2010/04/nibbler/
• PHP Base32 Decoder: https://www.phpclasses.org/package/3484-PHP-Encode-and-decode-data-with-MIME-base-32-encoding.html

Answer 4

You can use bitwise XOR in javascript to encode the string and again in PHP to decode it again. I wrote a little Javascript example for you. It works the same in PHP. If you call enc() a second time with the already encoded string, you'll get the original string again.

<html>
<head><title></title></head>
<body>
<script type="text/javascript">
function enc(str) {
    var encoded = "";
    for (i=0; i<str.length;i++) {
        var a = str.charCodeAt(i);
        var b = a ^ 123;    // bitwise XOR with any number, e.g. 123
        encoded = encoded+String.fromCharCode(b);
    }
    return encoded;
}
var str = "hello world";
var encoded = enc(str);
alert(encoded);           // shows encoded string
alert(enc(encoded));      // shows the original string again
</script>
</body>
</html>

In PHP do something like this (caution, this is not tested and it's been a long while since I did PHP):

$encoded = "...";   // <-- encoded string from the request
$decoded = "";
for( $i = 0; $i < strlen($encoded); $i++ ) {
    $b = ord($encoded[$i]);
    $a = $b ^ 123;  // <-- must be same number used to encode the character
    $decoded .= chr($a)
}
echo $decoded;

Answer 5

If it's not about security, and not about making it hard to break, then how about ROT-13?

//+ Jonas Raoni Soares Silva
//@ http://jsfromhell.com/string/rot13 [rev. #1]

String.prototype.rot13 = function(){
    return this.replace(/[a-zA-Z]/g, function(c){
        return String.fromCharCode((c <= "Z" ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26);
    });
};

...

var s = "My String";

var enc = s.rot13();  // encrypted value in enc

PHP has a native function, str_rot13: http://php.net/manual/en/function.str-rot13.php

$decrypted = str_rot13($_GET['whatever']);