On Thu, 2010-04-01 at 16:04 -0400, Paul M Foster wrote: > On Thu, Apr 01, 2010 at 08:45:53PM +0100, Ashley Sheridan wrote: > > > On Thu, 2010-04-01 at 15:47 -0400, Paul M Foster wrote: > > > > Folks: > > > > If I wanted to encrypt a file in PHP and then write it out to disk > > (one-way encryption, requiring a password), what PHP built-ins might you > > recommend to encrypt the contents of the file before writing it out to > > disk? > > > > Paul > > > > -- > > Paul M. Foster > > > > > > > > I don't think you want one-way encryption, that would mean you can't unencrypt > > it! > > Then "one-way encryption" would be something no one would do. I must be > using the wrong term. What I mean is that it needs a password, which is > used to encrypt and decrypt the file. > > > > > What about the usual functions for encrypting strings in PHP? Couldn't you > > encrypt the file as a string and output that? Or did you want the file to > > request a password when it was opened? What about a password-protected > > compressed archive file? > > Well, when you say, "usual functions for encrypting strings in PHP", > what are my options there? And which are the best (most secure) methods? > It looks like mcrypt_*() will do the job, but there are 20-30 > algorithms, and I have no idea which are the most secure. Or would > something else be better (than mcrypt_*())? > > Paul > > -- > Paul M. Foster > There's a good reason for one-way encryption. The crypt function in PHP is one-way, and the use case is to compare an entered password without the encrypted password ever being unencryptable. Thanks, Ash http://www.ashleysheridan.co.uk
