[nycphp-talk] Encrypting/Decrypting data w/php
csnyder
chsnyder at gmail.com
Mon Dec 10 11:35:11 EST 2007
On Dec 10, 2007 11:06 AM, Ben Sgro <ben at projectskyline.com> wrote:
> Hello All,
>
> I'm going to be storing some simple data in an xml file.
>
> The data will have information for session, including username/passwords.
>
> I want to encrypt the username & password associated w/the session.
>
> What's the easiest method/functions to do this? I've only done md5 and
> matched
> the input against the stored string.
>
> The program would:
> 1) Prompt the user for the password when starting. This is the password
> used to decrypt all sessions,
> and has nothing to do w/the stored/encrypted password.
> 2) Decrypt the session data in the xml files
> 3) Store the decrypted session data in memory.
> 4) Only if the user changes the session username/password would I write
> to the file (the encrypted) version.
>
>
> Thanks,
>
> - Ben
Hi Ben,
So the password in 1) is the decryption key, right? PHP's mcrypt
functions will allow you to encrypt and decrypt using AES or Blowfish
in CBC mode, which is most likely what you want.
I give this advice with a _huge_ grain of salt, do not proceed unless
you feel fully informed about the practical application of
cryptography.
--
Chris Snyder
http://chxo.com/
More information about the talk
mailing list