Well, I screwed around with it. This is what I got ( just in case
anybody cares.. )
( this is in perl, using the Crypt::RSA module.. )
$password = "screwyou!";
# encrypts the 'password'...
$cyphertext = $rsa->encrypt(Message=>$password, Key=>$pub);
# now convert the RSA encrypted key to binary.
$bin_str = unpack("B*", pack("u*", $cyphertext));
# now reconvert it back to uuencode..
$recypher = unpack("u*",pack("B*", $bin_str));
# then decrypt it.
$plaintext = $rsa->decrypt(Cyphertext=>$recypher, Key=>$priv);
# prints "screwyou!"
print "$plaintext\n";
Mysql has no trouble keeping the binary version.
Thanks for the help guys,
Steve
On Tue, 2002-03-26 at 14:35, Christopher Thompson wrote:
> On Tuesday 26 March 2002 3:26 pm, Steven Hajducko wrote:
> >
> > I'm trying to take a string ( In this case, a password ), and encrypt it
> > with RSA encryption via the perl module, Crypt::RSA. Later on, I want
> > to be able to pull the encrypted string back out and decrypt it.
>
> Note that if you do this, you must hard-code the key somewhere (unless you
> are prompting the user for it) which means you are simply obfuscating the
> data, not actually encrypting it.
>
> > One of three things happens when I do this however.
> >
> > 1) Everything works fine.
> > 2) I cannot insert the encrypted string.
> > 3) The encrypted string is inserted, but incorrectly and will not
> > decrypt.
> >
> > I tried using a blob or medium blob for the datatype, but neither will
> > work 100% of the time. Has anyone done this before with a Mysql db and
> > if so, how? What sort of datatype do you use for the field that will
> > contain the encrypted string? Did you use a different type of
> > encryption method? ( Keep in mind that I cannot use a one way encryption
> > scheme for this. )
>
> You need a blob. Are you sure you are storing the data as binary?
> Alternatively, it is probably of fixed size and so you could just store the
> resulting chunk of data as a series of 8 bit values.
>
> Note that if you do not need to be able to recover the password, just verify
> whether the password a user typed is correct, you CAN and, in fact, SHOULD
> use a one-way hash instead of an encryption.
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <[EMAIL PROTECTED]>
> To unsubscribe, e-mail <[EMAIL PROTECTED]>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
>
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
