Thanks for the tip. I'm not storing it in the database (you see, it's
"asdfasdf" and the key string is "secret key"), I'm just studying mcrypt's
With best regards from Ukraine,
My blog: http://oire.org/menelion (mostly in Russian)
------------ Original message ------------
From: Alex Nikitin <niks...@gmail.com>
To: Andre Polykanine
Date created: , 9:27:42 PM
Subject: [PHP] Studying mcrypt
Yes, since it's trying to represent in characters some purely binary data,
it is not unlikely that you will get VERY weird characters (and you do).
Also you shouldn't actually encrypt passwords, the proper way to store them
is hashed, so that if someone grabs your database, they dont have your
passwords, even if they have the "key".
Best way to check is to decrypt it and verify...
The trouble with programmers is that you can never tell what a programmer is
doing until it’s too late. ~Seymour Cray
On Wed, Aug 3, 2011 at 12:40 PM, Andre Polykanine <an...@oire.org> wrote:
> Hello Php,
> It's my first time I use mcrypt.
> I've done everything like it's written in the php manuals, here is the
> $d=mcrypt_module_open("rijndael-256", "", "ofb", "");
> $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($d), MCRYPT_DEV_RANDOM);
> $key=substr(md5("Secret key"), 0, $ks);
> mcrypt_generic_init($d, $key, $iv);
> $cpass=mcrypt_generic($d, $_POST['opass']);
> And here's what I get:
> Original password: asdfasdfasdf
> Encrypted password: Q� j�����*
> Question: Is it normal to have such strange characters in the encrypted
> I'm hosted at http://godaddy.com/, shared hosting, if it does matter.
> With best regards from Ukraine,
> Skype: Francophile
> Twitter: http://twitter.com/m_elensule
> Facebook: http://facebook.com/menelion
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php