Re: Studying mcrypt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes, since it's trying to represent in characters some purely binary data,
it is not unlikely that you will get VERY weird characters (and you do).

Also you shouldn't actually encrypt passwords, the proper way to store them
is hashed, so that if someone grabs your database, they dont have your
passwords, even if they have the "key".

Best way to check is to decrypt it and verify...

--
The trouble with programmers is that you can never tell what a programmer is
doing until it’s too late.  ~Seymour Cray



On Wed, Aug 3, 2011 at 12:40 PM, Andre Polykanine <andre@xxxxxxxx> wrote:

> Hello Php,
>
>  It's my first time I use mcrypt.
> I've done everything like it's written in the php manuals, here is the
> code:
>
> <?php
> $d=mcrypt_module_open("rijndael-256", "", "ofb", "");
> $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($d), MCRYPT_DEV_RANDOM);
> $ks=mcrypt_enc_get_key_size($d);
> $key=substr(md5("Secret key"), 0, $ks);
> mcrypt_generic_init($d, $key, $iv);
> $cpass=mcrypt_generic($d, $_POST['opass']);
> mcrypt_generic_deinit($d);
> mcrypt_module_close($d);
> ?>
>
> And here's what I get:
> Original password: asdfasdfasdf
> Encrypted password: Q�  j�����*
>
> Question: Is it normal to have such strange characters in the encrypted
> string?
> I'm hosted at http://godaddy.com/, shared hosting, if it does matter.
> Thanks!
>
> --
> With best regards from Ukraine,
> Andre
> Skype: Francophile
> Twitter: http://twitter.com/m_elensule
> Facebook: http://facebook.com/menelion
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux