[nycphp-talk] Encrypt and decrypt to store in DB
David Mintz
dmintz at davidmintz.org
Thu Aug 3 12:24:55 EDT 2006
On Thu, 3 Aug 2006, Daniel Convissor wrote:
> On Thu, Aug 03, 2006 at 10:00:20AM -0400, Aaron Fischer wrote:
> >
> > Are there any other functions/classes that folks would recommend that
> > would allow me to encrypt and decrypt a string?
>
> GNUPG, aka GPG.
More specifically, something like:
$output = shell_exec('echo "credit card number
2000-1234-9876-4321"|/usr/bin/gpg --no-secmem-warning --homedir
/usr/home/username/.gnupg -ear them at example.org');
will assign to $output something like:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.2 (FreeBSD)
hQIOA8HABYWAnLgQEAgAp15bNTMHbve8kNpa7AW8NCpQbiX36gEu+/7FeEc6FtXs
Yon86E+6Lb76yUtCzgKR/LmsXYPjJNnyCcM4szNsR3EzZuTp0ghf9kjUcBFHz1od
OVj50RvkxyLWu+VcncJpKSuXfckRqI923ymiwmHDrCenBJ+E26WUdxp6CVmAZz4f
XXppnrLo9ge2+ZsG15mKTmvJIoPa9X2czs7tA1J/fDjPUlyjmrzSaHElnHLuQ4cA
AAqdNZfcy+b6Gt6c44JaCU7RwB/4A7w6Mewoq7mDtInZEDUX4q0C9mDv05FbAVFs
Ml5n6XgXCne0HRQSLfgoB5KZ3frVvsxz7Jy7oZkFcQgAuOvH0JZG4L1W9+b40nXZ
tnX0t2fKdiBUTCPW8ZWGW0EBHU2UjxsTXGXWTZaHWfM8nALG07aBixBkaQU7F7gv
RSzmUaZSHBrCHaZVxrozW0IUEQPTeAGx1pOCzS799jGXXatGrvcAOge/xKwAhS18
XiQ8aMecYv5fcwNgglsVbnwUxBoxEVv8PlopEMAlJv0fqC+ojWuRkR82AM/1ejBX
mdYwYdtToWcF47kgEPN5fF811LMC5H8cSWFEa82vRSi9tZR8+6n6rEVmsQpxhyRY
GmcdLctSMdsy5OMxQcajQg07WAurNYqJR3G1CwbHL0StDZ5Zta/Oq14NqMNuOcdW
3dJiARSpV3oLPhlj7StP/9DRWpnBFzMnjUjEju2FA0r6+WCkTlC1KqF0s8mPQiIv
epkP1Yo9QfctIQB4dUAP2W1shQeeN6d1BLJSMbiOr91ESzV2lYudLYIeXJEtwinQ
gSgzXgo=
=8Uhz
-----END PGP MESSAGE-----
... but it bears pointing out that *decrypting* securely through a web
interface is a little trickier, is it not?
I think there's a recipe that's on point in the venerable (but alas, now
rather dated) "PHP Cookbook" (Sklar & Trachtenberg).
---
David Mintz
http://davidmintz.org/
Amendment IV
The right of the people to be secure in their
persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation,
and particularly describing the place to be
searched, and the persons or things to be seized.
More information about the talk
mailing list