RE: [PHP] Encryption failing

Tue, 15 Jan 2008 22:30:14 -0800 

> -----Original Message-----
> From: mike [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 16, 2008 1:49 AM
> To: Ken Kixmoeller -- reply to [EMAIL PROTECTED]
> Cc: [email protected]
> Subject: Re: [PHP] Encryption failing
> 
> > ------------------------------------
> > if ($EorD == "D") {
> >        $text_out = mdecrypt_generic($cypher,$text);
> >        $text = base64_decode($text);
> 
> shouldn't this be base64_decode($text_out) ? :)
> 
> > } else {
> >        $text= base64_encode($text);
> >        $text_out = mcrypt_generic($cypher,$text);
> 
> reverse these... make sure $text is setup right
> 
> > } // endif ($EorD == "D")
> 
> if you want to use this via cookies, GET, POST, etc. i would
> 
> encrypt
> base64 encode
> 
> to decrypt:
> 
> string replace " " to "+"
> base64 decode
> then decrypt

Hi Ken,

Just my 3 cents:

1 - Mike is right about first encrypting and then doing a base64_encode (then 
saving results to DB, cookies, etc). I don't know why replacing " " to "+" for 
decrypting, though.
2 - Mike is also right about $text = base64_decode($text) which should be $text 
= base64_decode($text_out) I think.
3 - You are trimming the results on return, according to one post in the manual 
notes this will remove null padding on the decrypted string. This is desired, 
most of the time, but if the original (cleartext message) string ended in nulls 
you will get a difference and that may be the cause of the errors you are 
getting.

if ($EorD == "D") {
   // Get the original encrypted string
   $text = base64_decode($text);
   // Decrypt, you will get null padding
   $text = mdecrypt_generic($cypher, $text);
   // Restore the original text, you must keep the original text length stored 
somewhere
   $text_out = substr($text, 0, $text_length);
} else {
   $text_length = strlen($text);
   // base64 encode encrypted string, to avoid headaches with strange 
characters in db, variables, etc
   $text_out = base64_encode(mcrypt_generic($cypher, $text));
}
// Do not trim results if the clear text message ends with nulls

I'll have to work on something similar very soon, so I might have my own 
headaches later. If you have success (or even more trouble) any feedback would 
be much appreciated.

Regards,

Rob

Andrés Robinet | Lead Developer | BESTPLACE CORPORATION
5100 Bayview Drive 206, Royal Lauderdale Landings, Fort Lauderdale, FL 33308 | 
TEL 954-607-4207 | FAX 954-337-2695
Email: [EMAIL PROTECTED]  | MSN Chat: [EMAIL PROTECTED]  |  SKYPE: bestplace |  
Web: http://www.bestplace.biz | Web: http://www.seo-diy.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to