Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
Hi there,
I'm currently devloping something to do with mailing. I'm using a smtp and i want to store the smtp 's information including host, password etc. I need to pull this data out of the database and use it to send emails. I would like to encrypt some of the information in the database but, I've only worked with sha1 etc, which wont work in this situation as if I encrypt it in sha1 I cannot reverse it. Anyone have a good idea to make this data more safe?
using php & mysql.
Thanks :)
AzaraT
6 replies to this topic
Back to top|
|
|
#2
Posted 30 June 2010 - 03:19 PM
WingedPanther
-
- Moderators
-
- 16,831 posts
A spammer's worst nightmare
#3
Posted 01 July 2010 - 04:28 AM
AzaraT
-
- Members
-
- 13 posts
Newbie
Hi,
Thanks for your response. I've looked at the php command mcrypt, but I have a hard time figuring it out with all the modes, IV, etc, maybe you can help me out?
Thanks for your response. I've looked at the php command mcrypt, but I have a hard time figuring it out with all the modes, IV, etc, maybe you can help me out?
#4
Posted 01 July 2010 - 03:05 PM
Chessur
-
- Members
-
- 29 posts
Newbie
When using 3DES between PHP and C#, it is to be noted that there are subtle differences that if not strictly observed, will result in annoying problem encrypt/decrypt data.
1), When using a 16 bytes key, php and c# generates total different outcome string. it seems that a 24 bytes key is required for php and c# to work alike.
2), php doesnt have a "padding" option, while c# has 3 (?). My work around is to add nulls i.e. chr(0) to the end of the source string to make its size times of 8, while in c#, PaddingMode.Zeros is required.
3) the key size has to be times of 8, in php, to make it work for c#.
1), When using a 16 bytes key, php and c# generates total different outcome string. it seems that a 24 bytes key is required for php and c# to work alike.
2), php doesnt have a "padding" option, while c# has 3 (?). My work around is to add nulls i.e. chr(0) to the end of the source string to make its size times of 8, while in c#, PaddingMode.Zeros is required.
3) the key size has to be times of 8, in php, to make it work for c#.
#5
Posted 01 July 2010 - 03:10 PM
WingedPanther
-
- Moderators
-
- 16,831 posts
A spammer's worst nightmare
Search for "3DES" here: PHP: mcrypt_encrypt - Manual
#6
Posted 02 July 2010 - 08:20 AM
AzaraT
-
- Members
-
- 13 posts
Newbie
Chessur said:
When using 3DES between PHP and C#, it is to be noted that there are subtle differences that if not strictly observed, will result in annoying problem encrypt/decrypt data.
What? I'm not using C#, pure php and mysql.
#7
Posted 03 July 2010 - 10:22 AM
AzaraT
-
- Members
-
- 13 posts
Newbie
I found these two functions which I think will do the job fine. Any bad things about this compared to other solutions?
<?php
function encryptData($value){
$key = "top secret key";
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return $crypttext;
}
function decryptData($value){
$key = "top secret key";
$crypttext = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv);
return trim($decrypttext);
}
?>
