This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.

For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

eggdrop -> crypt -> mysql -> decrypt -> php

Old posts that have not been replied to for several years.
Locked
r
rudenstam
Voice
Posts: 5
Joined: Fri May 21, 2004 11:24 am

eggdrop -> crypt -> mysql -> decrypt -> php

Post by rudenstam »

I got a (for me) huge problem....

what I want is for eggdrop and php to be able to communicate with the same encrypted mysql database..

just using eggdrop to encrypt and decrypt with blowfish (or other) and store/get it to/from a database is okey..

same with php.. it also works good...

but I can't figure out how to set up to identical encryption systems so I can store it with eggdrop and get it with php.. or get it with php and store it with eggdrop..

Anyone who know a way to do this ?
or if you don't.. if you got a encryption module for eggdrop.. please leave a link to it..

Thnx
Top
p
pnp

Post by pnp »

You may find it easier to use the MySQL encryption functions and not rely on the particular scripting languages as support for a particular algorithm may be inconsistant. SSL support needs to have been included in MySQL for this to work though.

If you decide to keep the encryption to the scripting language your best bet would be to use DES encryption, PHP supports it with mcrypt and tcl supports it with tcllib.

As for an encryption scheme, use the same public key for encryption and the same private key for decryption.

tcl:encrypt = data + public key
tcl:decrypt = digest + private key

php:encrypt = data + public key
php:decrypt = digest + private key
* digest is the encrypted data

Alternatively if you are using the encrypted data for comparisons, one-way hashing(no way to get the original text back) would be more feesible. MD5 and SHA have more support with tcl and PHP. As an example: hashing would be appropriate if you were comparing passwords, take the password input from the user, create a hash, compare that hash with the hash stored in the database.

Hope this helped.
Top
r
rudenstam
Voice
Posts: 5
Joined: Fri May 21, 2004 11:24 am

Post by rudenstam »

ahh... nice.. didn't know mysql had internal encrytion.. thnx
Top
p
ppslim
Revered One
Posts: 3914
Joined: Sun Sep 23, 2001 8:00 pm
Location: Liverpool, England

Post by ppslim »

The only problem is, you are transmitting the data in plaintext still.

All the MySQL functions will do, is see that remote disk storage is encrypted. It doesn't help with a data interception.
Top
r
rudenstam
Voice
Posts: 5
Joined: Fri May 21, 2004 11:24 am

Post by rudenstam »

true true... will have to think about this
Top
Locked

Return to “Archive”