Hello again, folks. I have a bit of a dilemma here.
The dilemma involves encrypting sensitive data like credit card
account numbers, to be saved in an online database. The real problem
is that I need to be able to decrypt them without having to enter
a passphrase of any sort from the server's keyboard. (For example,
I may need to pull up the CC number via a cgi script on a secure web
page.)
Now, I have a small program that I created that takes a string
and encrypts it using RC4, and then decrypts it again. Source code
follows:
-------------------------------------------------------------------
#include <openssl/rc4.h>
#include <string.h>
#include "base64.h"
int main()
{
RC4_KEY key;
unsigned char data[16],buf[1024],*out,*out2;
int outlen;
memset(buf,'\0',sizeof(buf));
strcpy(data,"abcdefghhgfedcba\0");
strcpy(buf,"This is a test of RC4 encryption in libcrypto.\0");
printf("\n\n");
printf("Unencrypted:\n------------\n%s\n\n",buf);
// The key length is only 128 bits. I actually use this code in
// production I will use a 512-bit or 1024-bit key, or perhaps
// even a 2048-bit key.
RC4_set_key(&key,16,data);
RC4(&key, strlen(buf),buf,buf);
out= _php3_base64_encode(buf,strlen(buf),&outlen);
printf("Encrypted:\n----------\n%s\n\n",out);
// and just for demonstration purposes, we decrypt the string
// again. this will be taken out of the production code.
memset(buf,'\0',sizeof(buf));
out2= _php3_base64_decode(out,strlen(out),&outlen);
strcpy(buf,out2);
RC4_set_key(&key,16,data);
RC4(&key, strlen(buf),buf,buf);
printf("Unencrypted again:\n------------------\n%s\n\n",buf);
}
-------------------------------------------------------------------
("base64.h" consists of a base64 encoding functino and a base64
decoding function which I yanked from the source code for PHP)
The problem: If this program is installed on the server, it will
obviously be very easy for someone to decrypt the data I encrypt
using this program. They won't be asked for a password.
I can make the executable file accessible to root only -- this
is a Linux box we're talking about -- but then, since the web
server doesn't run as root, I can't use a CGI script to decrypt the
information.
I am trying to balance convenience and security, and I don't
believe there is any good way to do this securely, but thought
maybe some other people might have ideas.
I also need to create a CGI script that will allow my customers
to change their shell/mail/dialup passwords. I know other ISPs
have done this, but I can't think of a good way to do it that won't
compromise system security.
Help... :(
--
North Shore Technologies, Cleveland, OH
http://NorthShoreTechnologies.net
Steve Sobol, BOFH - President, Chief Website Architect and Janitor
Spammers and Net-abusers: Don't bother asking me for service. See
http://NorthShoreTechnologies.net/go/policy/ for more information.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
