On Fri, 11 Feb 2011 14:42:18 -0800, Brian Dunning wrote: > Hey all - > > I'm using mcrypt to store credit cards into MySQL. About 90% > of them decrypt fine, but about 10% decrypt as nonsense > ("b1ï\ïJEÃUïAïïï" is a good example). Maybe there is a > character that appears in about 10% of my encryptions that's > not being encoded properly??? Can you come up with a phony CC number that fails the decryption? If so, please post: $cc_number binhex($iv) binhex($cc_encrypt) binhex($row['encrypt_iv'])) binhex($row['cc_encrypt'])) More below... > // Encryption is set up at the top of the script: > $crypto = mcrypt_module_open('rijndael-256', '', 'ofb', ''); > $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($crypto), MCRYPT_DEV_RANDOM); > $ks = mcrypt_enc_get_key_size($crypto); > $key = substr(md5('my_funky_term'), 0, $ks); > > // When the card number is collected by the form, it's encrypted: > $cc_number = addslashes($_POST['cc_number']); > mcrypt_generic_init($crypto, $key, $iv); > $cc_encrypt = mcrypt_generic($crypto, $cc_number); > mcrypt_generic_deinit($crypto); > > // This is written to the database: > $query = "update accounts set cc_encrypt='$cc_encrypt', encrypt_iv='$iv', other_fields='$other_stuff' where id='$account_id' limit 1"; > $result = mysql_query($query) or die(mysql_error()); No mysql_real_escape_string()? > Both the cc_encrypt and encrypt_iv fields are tinytext, latin1_swedish_ci, MyISAM, MySQL 5.0.91 Why are you using text fields for storing binary data? Sounds like this could go horribly wrong for a number or reasons. > In another script, when I retrieve, I first set it up at the top of the script exactly like step #1 above, then retrieve it like this: > > mcrypt_generic_init($crypto, $key, $row['encrypt_iv']); > $cc_number = trim(mdecrypt_generic($crypto, $row['cc_encrypt'])); > mcrypt_generic_deinit($crypto); /Nisse -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php