Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Mar 2007
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question ow to use Asymmetric Encryption (Public/Private Keys) for Storing Data in MySQL

    I've been searching for days and I'm unable to get a good handle on this problem. I've found a treasure trove of "theoretical" articles on the subject - its seems possble - but almost no implementation examples. Any advise and practical examples would be much appreciated.

    Here's what I'm trying to do... I'm collecting data from users and want to store it encrypted within MySQL. I want to use Asymmetric Encryption so that script uses a public key to encrypt, and a "secret" private key is used to decrypt. Obviously, the private key is NEVER stored on the server in any way. The decrypt script/function would only be accessible to the admin, and the private key must be entered manually by the admin via a SSL connection whenever they want to view any data in the database.

  • #2
    Regular Coder
    Join Date
    Oct 2005
    Location
    Right Here
    Posts
    654
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I did research on this a while ago. It looked really good:

    http://blog.sc.tri-bit.com/archives/101

    You can also just search for Stone php safecrypt, and it will return some results for you.

  • #3
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,122
    Thanks
    2
    Thanked 327 Times in 319 Posts
    Someone correct me if I am wrong, but the Mcrypt functions (used by the code at the link iLLin gave) are symmetric (using the same key to encrypt and decrypt).

    To use asymmetric public/private encryption/decryption, you would need to use the openssl functions (openssl_seal() and openssl_open()) with a self generated and self signed public/private certificate pair. I did this a while ago to send sensitive information within the body of an email, but it would apply to encoding information going into a database and decoding it later.

    If the information in question in this case are credit card numbers, your merchant account agreement will specify under what conditions and with what encryption methods you are allowed to store these to remain within the terms of that agreement.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #4
    Regular Coder
    Join Date
    Oct 2005
    Location
    Right Here
    Posts
    654
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I thought there was a way to do both? Been a while since I looked at it and I could have read that somewhere else when I was doing a lot of research on this. But I'm almost positive you can set both.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •