On Tue, January 15, 2008 10:48 pm, Casey wrote:
> On Jan 15, 2008 8:40 PM, Ken Kixmoeller -- reply to ken@xxxxxxxxxxxxxx
> <Kixjaguar@xxxxxxxxxxx> wrote:
>>
>> On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote:
>>
>>
>> > I second that, you should base64 encode values before encrypting
>> > and base64
>> > decode them after decrypting to be safe.
>> >
>>
>> Thanks for the idea.
>>
>> Like this? Fails 500/500 times on my test.
>>
>> ------------------------------------
>> if ($EorD == "D") {
>> $text_out = mdecrypt_generic($cypher,$text);
You are base64-ing it, but...
>> $text = base64_decode($text);
You are not decoding the base64, but the original.
>> } else {
>> $text= base64_encode($text);
>> $text_out = mcrypt_generic($cypher,$text);
>> } // endif ($EorD == "D")
>> ------------------------------------
>>
>> A quick test looks like this:
>>
>> 1: String: 9334133814260182
>> -|- Enc: X5Þ(c)·?a`p#È]#c¦±3 ÔýCõÒiÏ~r ¢Tª"
>> -|- Dec:OTMzNDEzMzgxNDI2MDE4Mg== -|- Nope
>>
>> 2: String: 3027022406512648
>> -|- Enc: j£n,h\"m ê´ uKP%¥? ¼D }H?'f ¢??
>> -|- Dec:MzAyNzAyMjQwNjUxMjY0OA== -|- Nope
>>
>> 3: String: 5042504153020331
>> -|- Enc: 9ÿ? ý?ݧ¤6Wi+?×?éáo>n ñº*J 6}Ø+?
>> -|- Dec:NTA0MjUwNDE1MzAyMDMzMQ== -|- Nope
>>
>> 4: String: 6741156238850410
>> -|- Enc: · :´[Úq\?ë? 4\Q«Í?5±{º?µØtþðtN?b
>> -|- Dec:Njc0MTE1NjIzODg1MDQxMA== -|- Nope
>>
>> 5: String: 0003100244041329
>> -|- Enc: D¾¤ úV:!Mû 4?Ü?à???òÐÐ^ï Hñ-? %z
>> -|- Dec:MDAwMzEwMDI0NDA0MTMyOQ== -|- Nope
>>
>> Wrong: 5/5
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
> It returns the correct value. If you look at the last example, and run
> base64_decode on "MDAwMzEwMDI0NDA0MTMyOQ==", you will get
> "0003100244041329".
> -Casey
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
