Laxidasical

I have a script that encrypts data via mcrypt/AES. For some reason I can't seem to store & retrieve that data correctly in MySQL. When I try to retrieve the information and decrypt it I get garbage. I changed my script to base64_encode() the encrypted data, store it in the database, then base64_decode() it before decrypting it, which works great. Everything I've read though says that I should be able to store it in MySQL directly with no problems as long as I'm using a binary datatype (such as BLOB). Any suggestions???

I'm working on Windows (Vista) as well for development, and MCRYPT_RAND is working. I'm using IIS 7 though, and PHP 5.2.4. I've read that quite a few people are having the same problem as you on Windows machines. If what I suggested in my last post didn't work, I was going to suggest creating your own iv. It doesn't have to be created by mcrypt_create_iv(), it just has to be random (and in your case 8 characters long). Keep in mind, when you move it to the UNIX machine, it may expect an iv longer or shorter than 8 characters. Something like this... function iv ($size = '8') { $iv = ''; for($i = 0; $i < $size; $i++) { $iv .= chr(rand(0,255)); } return $iv; } Also, one slight thing... $Key = substr(md5('very secret key'), 0, mcrypt_enc_get_iv_size($td)); should be... $Key = substr(md5('very secret key'), 0, mcrypt_enc_get_key_size($td)); mcrypt_enc_get_iv_size() should only be used on: $initializationVector = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);

Hmmm...that's very odd! echo $initializationVector and see if it is different every time. If not, that is the issue. Also, did you remove this line: $initializationVector = "CyJ^54%!"; Yes, you will have to store both the encryption result and iv somewhere (session, database, etc), then return them both to your mcrypt function in order to decrypt properly. UPDATE: Also, did you change the mode to cbc, or leave it as it was??? I don't know which, but some modes don't return different results. I know cbc will though...

Try this... $sidebars = array( array( 'section' => 'overview', 'showVideo' => true, 'showContact' => true, 'showTestimonial' => true ), array( 'section' => 'solutions', 'showVideo' => true, 'showContact' => true, 'showTestimonial' => false ) ); foreach ($sidebars as $sidebar) { if ($sidebar['section'] == $section) {// do what you want it to do here} } NOTE: I made your original $sidebar variable plural: $sidebars. Don't forget to make that change!

Oh yeah, as far as the last part of your post... You have to use the same iv that you encrypted with. When you get the random iv part working (which hopefully my above post will fix), you will need to pass that random iv back with your encrypted data in order to decrypt it correctly. This has to be done every time! What I did was pass an array of variables to my mcrypt script, looped through each, encrypted it and added it to second array, added the iv as an element of the second array, then passed back that array using the same array keys with corresponding encrypted strings. This prevents me from having to store x different ivs if I have x different variables. Let me know if that makes sense the way I typed it. If not, I'll explain in detail...

You need to get the iv size when calling mcrypt_create_iv(), not the key size. Thy this... $initializationVector = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); You won't need the $keySize variable any more unless you use it some place else as well. If you want to pull the mcrypt_enc_get_iv_size() function out, you can do something like... $ivSize = mcrypt_enc_get_iv_size($td); $initializationVector = mcrypt_create_iv($ivSize, MCRYPT_RAND); <b>UPDATE:</b> I see you do use $keySize other places, so DON'T get rid of it!!!

That is because you are using the same iv every time. If the key and iv are always the same, you'll always get the same result. The first issue to solve is why mcrypt_create_iv() isn't working. What version of PHP are you running??? If it's lower that 4.2, then this applies:

Not sure why, but when I stopped the MySQL service and restarted it the broken month variable problem went away. Very weird...but I'm not about to complain! :-X

Try changing your mode to cbc: $td = mcrypt_module_open('tripledes', '', 'cbc', ''); instead of... $td = mcrypt_module_open('tripledes', '', 'cfb', '');

I was always storing it as either a TEXT or a BLOB, I learned varchar strips spaces at the end of a string the hard way about a year ago. I tried UTF-8 as you suggested, no such luck. I also tried several others just for good measure, still wasn't working. Then I decided to have my mcrypt script base64_encode the final output (and of course base64_decode encrypted data that comes in). Bingo! Well, almost... Everything encrypts/decrypts correctly within my script (local variables only). The "month" ALWAYS messes up when storing data in MySQL though. The only thing different about month from the other data is that it is less than three characters. I thought maybe there is a minimum string length limitation when using mcrypt on the data at first, but it works fine when I'm not storing it in MySQL. Off to do some more testing...

Hey Syphon, The key is encrypted via md5, which will ALWAYS output the same result when given the same date string. This is a good thing! Otherwise your script would try to encode/decode your data with a different key every time and you'd get garbage back. Even though your key is encrypted, it is still "super secret"!!! To keep it a secret, a lot of people save their mcrypt script above the route directory and include it from there. Personally, if your script resides on a server that is not your own, someone somewhere at your host has access. I prefer to encode files that contain sensitive information like this. Now the output data is a different story. You should be getting a different encrypted string every time, even if you are encrypting the same exact data! That is why you need to pass the initiation value (iv) every time, it's sort of like a primer for that data's encryption. I'm dealing with an mcrypt issue myself right now. I've been going crazy trying to figure it out. Hopefully passing along a little of what I've learned along the way will help you!

Thanks, I hadn't thought of that! You have any idea what charset I should use? The script has to bill users monthly. I'm order to do so it needs the unencrypted credit card info.

I'm storing the string values separately. I hadn't thought of storing the entire array in the database (like session data), but I'm going to try that now! In case anyone is wondering...when the array is encrypted, the iv is also included in the array containing the encrypted data. I forgot that in my original post: $cc['iv'] = 'lúí²/Ó—5ùï¨Òè±'óKø@ ȤãÖ^';

I created a function that both encrypts and decrypts an array holding credit card data using mcrypt, depending on what I pass. For example: // SET CREDIT CARD ARRAY $cc['type'] = 'Visa'; $cc['name'] = 'John Doe'; $cc['number'] = '1111111111111111'; $cc['month'] = '03'; $cc['year'] = '2008'; // RETURN AN ARRAY CONTAINING THE SAME KEYS WITH ENCRYPTED VALUES $ecc = cc_crypt($cc, 'e'); /* $cc['type'] = 'lúí²/Ó—5ùï¨Òè±'óKø@ ȤãÖ^'; $cc['name'] = 'K5È8ø:3~óY"«FU¯s7ÏÀèjrE%½á'; $cc['number'] = 'ô­mOQM—³Ýld³Ì‰ŸÊÀ´­ïv5g$c'; $cc['month'] = '-®åF[9•ÐRBÓá²ðãì˜È^èGJJ”B:'; $cc['year'] = '_RaWª£¶Îc€ åss)Y«¹jŒ§ érþj8Ó'; */ // RETURN AN ARRAY CONTAINING THE SAME KEYS WITH DECRYPTED VALUES $dcc = cc_crypt($ecc, 'd'); /* $cc['type'] = 'Visa'; $cc['name'] = 'John Doe'; $cc['number'] = '1111111111111111'; $cc['month'] = '03'; $cc['year'] = '2008'; */ It works great within PHP, but when I store/retrieve the data using a my MySQL database it breaks! I know it has something to do with how the data is being stored. I've tried storing it in MySQL field types TEXT and BLOB with no luck. Every so often I noticed I'd get a MySQL error when inserting. I tried addslashes/stripslashes. This solved my insertion problem, but breaks encryption/decryption (both within a script and with the database). Has anyone here successfully stored mcrypt variables in their database? If so, how? ???

Mine is the combination of two words... reLAX and LackIDASICAL  :D