MySQL AES Encryption

Forum Moderators: coopster

Message Too Old, No Replies

MySQL AES Encryption

FiRe

4:58 pm on Jan 19, 2008 (gmt 0)

<?php
include("config.php");
$password = "randomstring12345";
$name = "fred";
$email = "fred@example.com";
mysql_query("INSERT INTO test (name, email) VALUES (AES_ENCRYPT('$name', '$password'), AES_ENCRYPT('$email', '$password'))");
$query = mysql_query("SELECT id, AES_DECRYPT('name', '$password') as name, AES_DECRYPT('email', '$password') as email FROM test");
while($r = mysql_fetch_array($query)) {
echo $r['id'] . "-" . $r['name'] . "-" . $r['email'] . "<br>";
}
?>

This is inserting fine, but giving me NULL values for the encrypted records in the loop. What am I doing wrong?

*edit: both name and email are blob type in mysql

[edited by: FiRe at 4:59 pm (utc) on Jan. 19, 2008]

[edited by: dreamcatcher at 8:13 pm (utc) on Jan. 19, 2008]
[edit reason] Use example.com, thanks. [/edit]

lammert

12:30 pm on Jan 20, 2008 (gmt 0)

AES_DECRYPT('name', '$password') as name, AES_DECRYPT('email', '$password')

name and email are columns in your database and should therefore be named with backquotes, i.e. `name` and `email`. You are now passing the literal strings 'name' and 'email' to the decription function.

FiRe

2:46 pm on Jan 20, 2008 (gmt 0)

Thanks a lot lammert. What would you say is a reasonable size key (how many chars?) and can it contain special chars or just A-Z,0-9? Also its storing in a blob column because its encrypted and returned in binary, whats the maximum length of plain text I can use to encrypt so that it will fit into a blob?

[edited by: FiRe at 2:47 pm (utc) on Jan. 20, 2008]