[christomurr]

This is what is returned from the first command. Not sure I can do anything about that.

Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended in Command line code on line 1

[Da:Sourcerer]

That message seems to pop up regardless of the cryptomethod. Try this:

$method = 'aes-128-ecb';
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($method));
openssl_encrypt('abc', $method, 'def', true, $iv);

[christomurr]

Actually ... it does work ... I got 481669422b4fe6acb546d80fb22ad0c4 when I put it in a file ...

[christomurr]

I get something like this with the second method:

HiB+O欵F??*?:?3d/D?L??#?I

[Antonio Ramirez]

Hi,

I think there is something missing on the encryption and decryption and it is the utf8_encode/decode. Please, use the following behavior and follow the instructions Da:Sourcerer told you to be AES (Rijndael-128) -.

Here is my behavior:

class CryptBehavior extends CActiveRecordBehavior {

	public $attributes = array();
	/**
	 * Encrypts the value of specified attributes before saving to database
	 * @param CEvent $event
	 * @return parent::beforeSave
	 */
	public function beforeSave($event)
	{

		foreach ($this->getOwner()->getAttributes() as $key => $value)
		{
			if (in_array($key, $this->attributes) && !empty($value))
                                // saving utf8_encoded result... we could also use other type of bin conversion
				$this->getOwner()->{$key} = utf8_encode(Yii::app()->securityManager->encrypt($value));
		}
		return parent::beforeSave($event);
	}
	/**
	 * Decripts the values of specified attributes after finding from database
	 * @param CEvent $event
	 * @return parent::afterFind
	 */
	public function afterFind($event)
	{
		foreach ($this->getOwner()->getAttributes() as $key => $value)
		{
			if (in_array($key, $this->attributes) && !empty($value))
                                // database value is utf8_decode before decryption
				$this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));
		}
		return parent::afterFind($event);
	}

}

See if it works for you...

PS: Another good resource to look at

Cheers

[Da:Sourcerer]

christomurr, on 06 December 2011 - 01:58 PM, said:

I get something like this with the second method:

HiB+O欵F??*?:?3d/D?L??#?I

That's the raw binary output. Nothing to worry about. I wrapped my output in HEX()/bin2hex() for readability.

[christomurr]

Thank you for stepping in, Antonio. Everyone here has been more than kind and patient with my newbness. I've written tons of PHP/PERL but always as procedural, so the curve for me is both OO and Yii at once.

I plugged in what you provided and now get this error:

Property "CryptBehavior.key" is not defined.

[Da:Sourcerer]

Antonio's behaviour doesn't have that property. You need to set CSecurityManager's encryptionKey instead.

[Antonio Ramirez]

christomurr, on 06 December 2011 - 03:15 PM, said:

Thank you for stepping in, Antonio. Everyone here has been more than kind and patient with my newbness. I've written tons of PHP/PERL but always as procedural, so the curve for me is both OO and Yii at once.

I plugged in what you provided and now get this error:

Property "CryptBehavior.key" is not defined.

?

$key is part of the loop... how did you use the behavior? You know that they have to be set on your model right -is the easiest way? Here is an example:

// on the model
	public function behaviors()
	{
		return array(
			'crypt'=>array(
// this assumes that the behavior is in the folder: protected/behaviors/
				'class'=>'application.behaviors.CryptBehavior',
// this sets that the attributes to be encrypted/decrypted are encryptedfieldname of the model
				'attributes'=>array('encryptedfieldname'),
			)
		);
	}

Remove the comments inside the behavior (they shouldn't affect but I included them to explain you what they do.

[christomurr]

I have this in my Clients.php model:

public function behaviors()
        {
        return array(
        'crypt'=>array(
        'class'=>'application.behaviors.CryptBehavior',
        'attributes'=>array('clientSocialSecurity'),
        )
        );
        }

And then this is my CryptBehavior.php (in protected/behaviors):

class CryptBehavior extends CActiveRecordBehavior {

        public $attributes = array();
        /**
         * Encrypts the value of specified attributes before saving to database
         * @param CEvent $event
         * @return parent::beforeSave
         */
        public function beforeSave($event)
        {

                foreach ($this->getOwner()->getAttributes() as $key => $value)
                {
                        if (in_array($key, $this->attributes) && !empty($value))
                                // saving utf8_encoded result... we could also use other type of bin conversion
                                $this->getOwner()->{$key} = utf8_encode(Yii::app()->securityManager->encrypt($value));
                }
                return parent::beforeSave($event);
        }
        /**
         * Decripts the values of specified attributes after finding from database
         * @param CEvent $event
         * @return parent::afterFind
         */
        public function afterFind($event)
        {
                foreach ($this->getOwner()->getAttributes() as $key => $value)
                {
                        if (in_array($key, $this->attributes) && !empty($value))
                                // database value is utf8_decode before decryption
                                $this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));
                }
                return parent::afterFind($event);
        }

}

In my CSecurityManager I have this:

public $cryptAlgorithm='rijndael-128-ecb';

I currently get this error:

mcrypt_module_open() [<a href='function.mcrypt-module-open'>function.mcrypt-module-open</a>]: Could not open encryption module

[Antonio Ramirez]

christomurr, on 06 December 2011 - 03:58 PM, said:

In my CSecurityManager I have this:

public $cryptAlgorithm='rijndael-128-ecb';

That is wrong, please follow Da:Sourcerer configuration settings on YOUR MAIN.PHP config file, located on protected/config subfolder. In the COMPONENTS section of the file. You do not change the CSecurityManager like that directly and, the $cryptAlgorithm is an array not a direct variable... Please, follow instructions and links of Da:sourcerer.

The rest is fine

[Da:Sourcerer]

cryptAlgorithm needs to be this:

array(
  'rijndael-128',
  '',
  'ecb',
  '',
)

Just rijndael-128-ecb won't work because mcrypt's module isn't called that way

[Antonio Ramirez]

And this is for posts:

Please, wrap your code with "[ code ][ / code ] " tags

[christomurr]

I hate to ask again but I'm still getting an error:

mdecrypt_generic() [<a href='function.mdecrypt-generic'>function.mdecrypt-generic</a>]: An empty string was passed

I'm also wondering where my secret key gets included. I have it in main.php as :

	'params'=>array(
		// this is used in contact page
		'adminEmail'=>'webmaster@example.com',
		'secretKey'=>'mySecretKey',
	),

I also have this in the main.php components:

		'securityManager'=>array(
  		'cryptAlgorithm'=>array(
    	'rijndael-128',
    	'',
   	 	'ecb',
    	''
  		),

Thanks/

[Da:Sourcerer]

Sounds like an empty string has been passed to Yii::app()->securityManager->decrypt()

[christomurr]

I think it is not getting the encryption key because I probably have not set it properly (from what I'm reading) ...

[Antonio Ramirez]

Why you set your key in params? Shouldn't be set on your security manager configuration?

http://www.yiiframew...ptionKey-detail

'securityManager'=>array(
                'cryptAlgorithm'=>array(
        'rijndael-128',
        '',
                'ecb',
        ''
          ),
       'encryptionKey'=>'mysecretkeytoencryptdecrypt'

[christomurr]

Hi Antonio,

What you just posted is what I have ...

I'm still seeing this:

mdecrypt_generic() [<a href='function.mdecrypt-generic'>function.mdecrypt-generic</a>]: An empty string was passed 

And these below:

$decrypted=mdecrypt_generic($module,substr($data,$ivSize));

$this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));

Thanks again for your patience.

[Antonio Ramirez]

Make sure your models do have the attributes to be decrypted with encrypted text... Make sure the models that you are about to save do have the attributes that you wish to encrypt with text...

$value supposed to have the attribute that has something... I do not really understand why you have that error as the behavior DOES CHECK against empty values...

   if (in_array($key, $this->attributes) && !empty($value))

[christomurr]

I've already moved it around, but does it matter where in the model that code goes?

I'm running out of ideas. Is it the value it is not getting or the encrypt key?