Destramic Posted February 4, 2016 Share Posted February 4, 2016 hey guys i had some really good help off jacques1 a while back about encrypting/decrypting rows in my database via php...now as i've gone further down the line in my project i have stumbled across a problem i didnt forsee. i'm using nodejs which connects to my database for one of my pages...but the data is encryted...i need to also encrypt and decrypt the database rows server side via javascript this is how it's done via php: <?php const ENCRYPTION_ALGORITHM = 'AES-128-CBC'; class AES { private $_master_key; public function __construct() { $this->_master_key = "5e2a0626516f3108e55e25e4bb6a62835c2f5d2b2b8d194c9acca63ef8beff6bfb947233bd83cfda9021e5a80bc183bcd835180c9955b733fd1a6d9d"; } public function generate_master_key($length = 60) { if (!is_numeric($length)) { return null; } $max_attempts = 10; $attempts = 0; do { $bytes = openssl_random_pseudo_bytes($length, $cryptographically_strong); $attempts++; } while (!$cryptographically_strong && $attempts < $max_attempts); if (!$cryptographically_strong) { return false; } $hex = bin2hex($bytes); return $hex; } public function encrypt($value, $master_key) { $init_vector = openssl_random_pseudo_bytes(openssl_cipher_iv_length(ENCRYPTION_ALGORITHM)); $ciphertext = openssl_encrypt($value, ENCRYPTION_ALGORITHM, $master_key, false, $init_vector); return array( 'init_vector' => $init_vector, 'ciphertext' => $ciphertext ); } public function decrypt($ciphertext, $init_vector, $master_key) { $plaintext = openssl_decrypt($ciphertext, ENCRYPTION_ALGORITHM, $master_key, false, $init_vector); return $plaintext; } public function encrypt_array($array) { $encrypted_array = array(); $master_key = $this->_master_key; foreach ($array as $key => $data) { foreach ($data as $column => $value) { $encryption = $this->encrypt($value, $master_key); $init_vector_column = $column . '_init_vector'; $encrypted_array[$key][$column] = $encryption['ciphertext']; $encrypted_array[$key][$init_vector_column] = $encryption['init_vector']; } } return $encrypted_array; } public function decrypt_array($array) { $decrypted_array = array(); $master_key = $this->_master_key; foreach ($array as $key => $data) { foreach ($data as $column => $value) { $init_vector = $column . '_init_vector'; if (array_key_exists($init_vector, $data)) { $init_vector = $data[$init_vector]; $decrypted_value = $this->decrypt($value, $init_vector, $master_key); $decrypted_array[$key][$column] = $decrypted_value; } } } return $decrypted_array; } } $aes = new AES; $data = array( array('name' => 'destramic', 'age' => '28'), array('name' => 'alan', 'age' => '99') ); $encryption = $aes->encrypt_array($data); print_r($encryption); $decryption = $aes->decrypt_array($encryption); print_r($decryption); can anyone please point me in the right direction on how i can achieve this please? (if even possible) thank you! Quote Link to comment Share on other sites More sharing options...
Solution Jacques1 Posted February 4, 2016 Solution Share Posted February 4, 2016 First off: I hope this is not your actual master key? If it is, you now need a new key. Node.js is perfectly capable of performing cryptographic operations. In fact, it's a lot better than the half-assed PHP/OpenSSL extension we're stuck with. Just make sure to use crypto.createCipheriv() so that you can pass the stored initialization vector and master key to the function. The master key should be placed in a separate configuration file outside of the document root (this is also a lot safer than embedding it in the application code). 1 Quote Link to comment Share on other sites More sharing options...
Destramic Posted February 5, 2016 Author Share Posted February 5, 2016 no that's just the example i did when you first tought me i'll install the module over the weeked and have a good go at it...thank you for your help! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.