JavaScript and PHP Encryption
What!?
JaPCrypt is a PHP class which purpose is to give encrypted communications over HTTP by using server and client side scriptng like PHP and Javascript. It should be used mostly on administrative sessions, to avoid the stealing of sensitive data. It uses a symmetric encryption algorithm, XTEA, so a pre shared key is required. As it's thought to be used in CMS's administrative sessions, the administrator password could be used as pre-shared key. In order to avoid that the password will be sniffed during the authentication process, done of course via HTTP, JaPCrypt comes with a sample secure login system.
Download
You can download the JaPCrypt class, with the documentation and examples on how to use the class, by clicking
here.
Oh, remember it's for PHP5. Minor changes are required to be used with PHP4.
Documentation
A documentation of the class generated by
phpDocumentor can be found
here.
Demo
A demo on how the application works can be found
here.
Contributions
To contribute to the project by submitting patches, documentation, features request, bugs, whatever, just drop me a mail to gerardo linux.it (put the right symbol in the right place, it's not hard ;).
Thanks
To vecna (vecna delirandom.net) for suggesting me some cool tricks and implementation hints.