Login
Join
Tour
Articles
People
More
Newly Published
All new articles have been archived or deleted.
Popular Articles
AuthorIntroduction to JSON and PHP
AuthorCross Browser CSS Opacity and the JavaScript Fade / Fading Effect
AuthorPHP Encryption / Decryption Using the MCrypt Library (libmcrypt)
AuthorOptimize Your Web Site by Using CSS Image Sprites
AuthorCreating the Smooth Scroll Effect with JavaScript
View
Discuss
Stats
Archive
New
Popular
Tags
Login or create a free accountShare your thoughts!
NewestOldest
1234  Next
Andrew Photo
Andrew Johnson (ITNewb Guru) wrote 7 weeks ago
@rhgiles

Sorry for the delayed response, I was out playing tennis.

PHP is the "client" to your database server, which is often a separate machine entirely. When storing raw ciphertext (ie- not using base64_encode) we have to use a MySQL column data type capable of storing raw binary data, such as a BLOB. Since you're using base64_encode, a VARCHAR column should be sufficient.

However, you do have to ensure that the same character set is used from point A to point Z and back again (as you mentioned). In other words, PHP needs to be setup correctly and MySQL needs to be setup correctly to use the same character set at each stage of a transaction.

So, the first thing you'll want to do is verify your character sets. Please see UTF-8 Enabled: Apache, MySQL, PHP, Markup and JavaScript, as UTF-8 is the recommended character set to use on the Net/Web.

Cheers!
rhgiles Photo
rhgiles (Site Newb) wrote 7 weeks ago
Andrew, I've been using your functions successfully and happily for several months now. Something strange occurred a couple of days ago. I opened a file that contains a call to the encryption function, made no changes, and now I can't decrypt the data. The data is being stored in MySQL btw.

I've narrowed it down to the following facts.

1. The data can be encrypted and decrypted on the server prior to storing in MySQL.
2. Decryption fails when the data is retrieved from MySQL.
3. I'm using base64_encode prior to storing in the DB.
4. I'm using base64_decode when retrieving from the DB.
5. Data stored in the DB prior to opening the file is still decryptable using the pre-existing code.
6. Only new data is being affected.
7. I can successfully base64_encode, store, retrieve, and base64_decode data. The issue occurs only when I'm trying to encrypt the data prior to the base64_encode.

The issue seems to be that something is happening upon storing or retrieving the data. I've been trying to figure it out for about 2 days now. What could be happening? I've found some things pointing to character encoding that may be interfering, but I can't seem to figure out exactly how that may ( or may not ) be working against me. I'm hoping that you've seen this and it's a "Known Issue". Any help is appreciated.
usmile Photo
usmile (Site Newb) wrote 9 weeks ago
Hi Andrew, the class you created for encrypting/decrypting, is the best solution on the web I found, so far. Thank you!
jmshinn Photo
jmshinn (Site Newb) wrote Apr 14, 2010
This is a fantastically written and referenced article. I've been spending the past couple of days in my downtime just figuring out where to get started with mcrypt, in one fell swoop you gave me a beautiful starting point and the resources to understand it.

Just wanted to say, job well done :)
Andrew Photo
Andrew Johnson (ITNewb Guru) wrote Feb 25, 2010
The raw ciphertext can have any sequence of data in it including null values. It's possible they were being discarded during download. My statement about writing mode/eol is not an issue in your case.

Lesson of the day: use base64 encode if you plan on downloading encrypted files.
Andrew Photo
Andrew Johnson (ITNewb Guru) wrote Feb 25, 2010
Glad to hear you sorted it out. Running it through base64 encode provides a nice representation of the raw binary ciphertext that can easily be passed around and stored. I'll wager to say you weren't writing the data to the file in binary mode and an EOL translation occurred.
ajenkins Photo
ajenkins (Site Newb) wrote Feb 25, 2010
Update #3:

Problem solved, but I'd like to have some insight into why this works. Everything works fine when I turn on base64 encoding. No need to change any lines in the script and files that have been saved to the server or downloaded and then uploaded all decrypt fine.

Thanks for your assistance and I'd love to understand why this is the case.....
ajenkins Photo
ajenkins (Site Newb) wrote Feb 25, 2010
Update #2:

Just as an aside, it is definitely the download process that is killing the ability to decrypt. I tried downloading a file and then simply moving it manually back to the server (not through an HTTP upload form) and it still died. At least we're narrowing down the problem.
ajenkins Photo
ajenkins (Site Newb) wrote Feb 25, 2010
Update:

changing the content-type: octet-stream didn't help. I even tried removing the content-length in the download header in case the file size was somehow getting very slightly altered but that didn't do anything either. All this happened while decryption of files that had never been downloaded still work.
ajenkins Photo
ajenkins (Site Newb) wrote Feb 25, 2010
@Andrew,

Thanks for the wicked fast reply. Here's how it goes:

User creates an encrypted file -> an sql dump is performed, that sql file is gzipped, and that gzipped file is encrypted using the following method:
  1.                         $theFile = file_get_contents($filepath.$filename);
  2.                         $fh = fopen($filepath.$filename,'w');
  3.                             fwrite($fh,$encryption->encrypt($theFile,$key));
  4.                         fclose($fh);


The file is then downloaded using Content-Type: application/force-download and transfer encoding as binary. I'm thinking the problem occurs here because if the exact same sequence is performed but the file isn't downloaded, then decryption works perfect with the class as is. The decryption is performed the exact same way as the encryption (as shown in the code above) except using the decrypt method, obviously. If I try to decrypt a file that was initially downloaded and subsequently uploaded to the server, then it fails at the line where the mac needs to be authenticated (boy did it take me a long time to find that out!).

Any insight you can provide is fantastic. Do you think the problem really lies in application/octet-stream vs application/force-download?

Everything else regarding the encryption method is exactly as it was posted in the cryptastic class function, including no base64 encoding (as shown by my use of the encrypt method above).

Thanks again! I'm going to give the application/octet-stream a shot while I'm waiting to hear back from you.
NewestOldest
1234  Next

Hot Spots

Information

Powered By

Requirements

Copyright / Usage

The techniques, effects and code demonstrated in ITNewb articles may be used for any purpose without attribution (although we recommend it). The text, images and articles themselves are copyright © their respective authors and may not be reproduced.

You cannot copy whole articles in any language to other sites, or services, unless permission is given to you by the author.

ITNewb itself is copyright ITNewbie, Inc. The copying of entire web pages, for any reason, is therefore strictly prohibited.

Terms of Use | Privacy Policy | Netiquette Policy | Publishing Policy
Copyright © 2007-2010 ITNewbie, Inc - All Rights Reserved.
Login  (Not a member yet?)
Nickname
Password
Forgot your password?
  Remember me.
Login
Close