On Tue, 2002-03-26 at 14:35, Christopher Thompson wrote: > On Tuesday 26 March 2002 3:26 pm, Steven Hajducko wrote: > > > > I'm trying to take a string ( In this case, a password ), and encrypt it > > with RSA encryption via the perl module, Crypt::RSA. Later on, I want > > to be able to pull the encrypted string back out and decrypt it. > > Note that if you do this, you must hard-code the key somewhere (unless you > are prompting the user for it) which means you are simply obfuscating the > data, not actually encrypting it.
The user has to specify this. There are 2 ( sets of ) keys. One goes to each department. The scripts require the specification of the key or the location of the key. > > > One of three things happens when I do this however. > > > > 1) Everything works fine. > > 2) I cannot insert the encrypted string. > > 3) The encrypted string is inserted, but incorrectly and will not > > decrypt. > > > > I tried using a blob or medium blob for the datatype, but neither will > > work 100% of the time. Has anyone done this before with a Mysql db and > > if so, how? What sort of datatype do you use for the field that will > > contain the encrypted string? Did you use a different type of > > encryption method? ( Keep in mind that I cannot use a one way encryption > > scheme for this. ) > > You need a blob. Are you sure you are storing the data as binary? > Alternatively, it is probably of fixed size and so you could just store the > resulting chunk of data as a series of 8 bit values. That's what I figured. I'm probably trying to store the data incorrectly. I guess this is where I'll start looking. > > Note that if you do not need to be able to recover the password, just verify > whether the password a user typed is correct, you CAN and, in fact, SHOULD > use a one-way hash instead of an encryption. As I said, I can't use one way :) The passwords need to be recovered, not verified. --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php