"J Smith" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Try using a different block cipher mode. When encrypting with ECB, as you
> said, your plaintext must have a length that is a multiple of the
blocksize
Are you sure? I read the manual the other way...that the *result* is a
multiple of blocksize:
"This function encrypts data. The data is padded with "\0" to make sure the
length of the data is n * blocksize. This function returns the encrypted
data. Note that the length of the returned string can in fact be longer then
the input, due to the padding of the data."
I am storing the encrypted, padded string.
> If it's anything less, you're going to get some garbage at
> the end of the decrypted ciphertext.
This would imply that any non-blocksize-length strings would be
corrupted which is not the case. 99% are fine.
> require that you store the IV for each encryption along with the
> ciphertext, but that's fine, as storing the IV along with the ciphertext
is
> not a security problem.
However changing now will mean handling some historical data differently
somehow. :( And storing an IV for each record would of course increase the
data size.
- Steve Yates
- #include <mandatory_cute_tagline>
~ Taglines by Taglinator - www.srtware.com ~
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
