NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP and keystores

CED consult at covenantedesign.com
Thu Nov 29 17:32:33 EST 2012 

I'm pulling in a file, encrypting and then sending...

Psuedo code:

    function dencrypt($str, $key){
        $str = mcrypt_decrypt(MCRYPT_DES, $key, $str, MCRYPT_MODE_ECB);
        $block = mcrypt_get_block_size('des', 'ecb');
        $pad = ord($str[($len = strlen($str))-1]);
        return substr($str, 0, strlen($str) - $pad);       
    }

    //Read in creds file
    $file = "this.txt" // UN=USERNAMEPW=PASSWORD
    //Decrypt password
    $unEncryptedPass = decrypt("PASSWORDFROMFILE", "HARDCODEDSEEDKEY");
   
    //Send username and password to LDAP service directly

What I'm wondering, is, if there is a better way to store the username
and password? So I was thinking of maybe a cert that is
encrypting/unencrypting the file with the un/pw contents...

Hope I've been more clear. :)

Thanks.

On 11/29/2012 9:14 AM, Anthony Ferrara wrote:
> When you say "encryption and decryption of credentials", what are you
> talking about? User credentials? If so, why aren't you hashing them
> one-way instead of encrypting them (and therefore making them FAR
> easier for an attacker to steal)?
>
> Anthony
>
>
> On Thu, Nov 29, 2012 at 11:13 AM, CED <consult at covenantedesign.com
> <mailto:consult at covenantedesign.com>> wrote:
>
>     Just encryption and decryption of credentials.
>
>
>     On 11/28/2012 6:25 PM, Rob Marscher wrote:
>     > On Nov 28, 2012, at 7:23 PM, CED <consult at covenantedesign.com
>     <mailto:consult at covenantedesign.com>> wrote:
>     >
>     >> I have a need to use a private key within PHP... does anyone
>     have any
>     >> recommendations on this?
>     >> I looked at http://phpkeystore.com/ but I'm not sure... any
>     thoughts?
>     > Can you give a little more context on what you need to do with
>     the private key?
>     >
>     > Is it for securely connecting to a remote site via ssh/sftp?
>     >
>     > Or is it to sign or encrypt some data!
>     >
>     > Or some other use?
>     > _______________________________________________
>     > New York PHP User Group Community Talk Mailing List
>     > http://lists.nyphp.org/mailman/listinfo/talk
>     >
>     > http://www.nyphp.org/show-participation
>     >
>     >
>     >
>
>
>     --
>     <img src="http://covenantedesign.com/logo.jpg" border ="0">
>     995 Maple Hill Road
>     Castleton, New York 12033
>     518-331-5061 <tel:518-331-5061>
>     Consult at CovenanteDesign.com
>
>     _______________________________________________
>     New York PHP User Group Community Talk Mailing List
>     http://lists.nyphp.org/mailman/listinfo/talk
>
>     http://www.nyphp.org/show-participation
>
>
>
>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show-participation


-- 
<img src="http://covenantedesign.com/logo.jpg" border ="0">
995 Maple Hill Road
Castleton, New York 12033
518-331-5061
Consult at CovenanteDesign.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20121129/439e8d54/attachment.html>

More information about the talk mailing list