Yii Framework Forum: AES Encryption - Yii Framework Forum

Jump to content

  • (5 Pages)
  • +
  • 1
  • 2
  • 3
  • 4
  • 5
  • You cannot start a new topic
  • You cannot reply to this topic

AES Encryption AES Encryption Porting from PHP to Yii Rate Topic: -----

#41 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 01:41 PM

This is what is returned from the first command. Not sure I can do anything about that.

Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended in Command line code on line 1
0

#42 User is offline   Da:Sourcerer 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,222
  • Joined: 30-March 11
  • Location:Berlin, Germany

Posted 06 December 2011 - 01:46 PM

That message seems to pop up regardless of the cryptomethod. Try this:
$method = 'aes-128-ecb';
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($method));
openssl_encrypt('abc', $method, 'def', true, $iv);

programmer /ˈprəʊgramə/, noun: a device that converts ►coffee into ►code
0

#43 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 01:56 PM

Actually ... it does work ... I got 481669422b4fe6acb546d80fb22ad0c4 when I put it in a file ...
0

#44 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 01:58 PM

I get something like this with the second method:

HiB+O欵F??*????:?3d/D?L??#?I
0

#45 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 06 December 2011 - 02:43 PM

Hi,

I think there is something missing on the encryption and decryption and it is the utf8_encode/decode. Please, use the following behavior and follow the instructions Da:Sourcerer told you to be AES (Rijndael-128) -.

Here is my behavior:

class CryptBehavior extends CActiveRecordBehavior {

	public $attributes = array();
	/**
	 * Encrypts the value of specified attributes before saving to database
	 * @param CEvent $event
	 * @return parent::beforeSave
	 */
	public function beforeSave($event)
	{

		foreach ($this->getOwner()->getAttributes() as $key => $value)
		{
			if (in_array($key, $this->attributes) && !empty($value))
                                // saving utf8_encoded result... we could also use other type of bin conversion
				$this->getOwner()->{$key} = utf8_encode(Yii::app()->securityManager->encrypt($value));
		}
		return parent::beforeSave($event);
	}
	/**
	 * Decripts the values of specified attributes after finding from database
	 * @param CEvent $event
	 * @return parent::afterFind
	 */
	public function afterFind($event)
	{
		foreach ($this->getOwner()->getAttributes() as $key => $value)
		{
			if (in_array($key, $this->attributes) && !empty($value))
                                // database value is utf8_decode before decryption
				$this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));
		}
		return parent::afterFind($event);
	}

}


See if it works for you...

PS: Another good resource to look at

Cheers
¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#46 User is offline   Da:Sourcerer 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,222
  • Joined: 30-March 11
  • Location:Berlin, Germany

Posted 06 December 2011 - 02:52 PM

View Postchristomurr, on 06 December 2011 - 01:58 PM, said:

I get something like this with the second method:

HiB+O欵F??*????:?3d/D?L??#?I

That's the raw binary output. Nothing to worry about. I wrapped my output in HEX()/bin2hex() for readability.
programmer /ˈprəʊgramə/, noun: a device that converts ►coffee into ►code
0

#47 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 03:15 PM

Thank you for stepping in, Antonio. Everyone here has been more than kind and patient with my newbness. I've written tons of PHP/PERL but always as procedural, so the curve for me is both OO and Yii at once.

I plugged in what you provided and now get this error:

Property "CryptBehavior.key" is not defined.
0

#48 User is offline   Da:Sourcerer 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,222
  • Joined: 30-March 11
  • Location:Berlin, Germany

Posted 06 December 2011 - 03:36 PM

Antonio's behaviour doesn't have that property. You need to set CSecurityManager's encryptionKey instead.
programmer /ˈprəʊgramə/, noun: a device that converts ►coffee into ►code
0

#49 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 06 December 2011 - 03:38 PM

View Postchristomurr, on 06 December 2011 - 03:15 PM, said:

Thank you for stepping in, Antonio. Everyone here has been more than kind and patient with my newbness. I've written tons of PHP/PERL but always as procedural, so the curve for me is both OO and Yii at once.

I plugged in what you provided and now get this error:

Property "CryptBehavior.key" is not defined.

?

$key is part of the loop... how did you use the behavior? You know that they have to be set on your model right -is the easiest way? Here is an example:

// on the model
	public function behaviors()
	{
		return array(
			'crypt'=>array(
// this assumes that the behavior is in the folder: protected/behaviors/
				'class'=>'application.behaviors.CryptBehavior',
// this sets that the attributes to be encrypted/decrypted are encryptedfieldname of the model
				'attributes'=>array('encryptedfieldname'),
			)
		);
	}


Remove the comments inside the behavior (they shouldn't affect but I included them to explain you what they do.
¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#50 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 03:58 PM

I have this in my Clients.php model:
public function behaviors()
        {
        return array(
        'crypt'=>array(
        'class'=>'application.behaviors.CryptBehavior',
        'attributes'=>array('clientSocialSecurity'),
        )
        );
        }

And then this is my CryptBehavior.php (in protected/behaviors):
class CryptBehavior extends CActiveRecordBehavior {

        public $attributes = array();
        /**
         * Encrypts the value of specified attributes before saving to database
         * @param CEvent $event
         * @return parent::beforeSave
         */
        public function beforeSave($event)
        {

                foreach ($this->getOwner()->getAttributes() as $key => $value)
                {
                        if (in_array($key, $this->attributes) && !empty($value))
                                // saving utf8_encoded result... we could also use other type of bin conversion
                                $this->getOwner()->{$key} = utf8_encode(Yii::app()->securityManager->encrypt($value));
                }
                return parent::beforeSave($event);
        }
        /**
         * Decripts the values of specified attributes after finding from database
         * @param CEvent $event
         * @return parent::afterFind
         */
        public function afterFind($event)
        {
                foreach ($this->getOwner()->getAttributes() as $key => $value)
                {
                        if (in_array($key, $this->attributes) && !empty($value))
                                // database value is utf8_decode before decryption
                                $this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));
                }
                return parent::afterFind($event);
        }

}


In my CSecurityManager I have this:

public $cryptAlgorithm='rijndael-128-ecb';

I currently get this error:

mcrypt_module_open() [<a href='function.mcrypt-module-open'>function.mcrypt-module-open</a>]: Could not open encryption module
0

#51 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 06 December 2011 - 04:07 PM

View Postchristomurr, on 06 December 2011 - 03:58 PM, said:


In my CSecurityManager I have this:

public $cryptAlgorithm='rijndael-128-ecb';



That is wrong, please follow Da:Sourcerer configuration settings on YOUR MAIN.PHP config file, located on protected/config subfolder. In the COMPONENTS section of the file. You do not change the CSecurityManager like that directly and, the $cryptAlgorithm is an array not a direct variable... Please, follow instructions and links of Da:sourcerer.

The rest is fine
¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#52 User is offline   Da:Sourcerer 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,222
  • Joined: 30-March 11
  • Location:Berlin, Germany

Posted 06 December 2011 - 04:08 PM

cryptAlgorithm needs to be this:
array(
  'rijndael-128',
  '',
  'ecb',
  '',
)

Just rijndael-128-ecb won't work because mcrypt's module isn't called that way ;)
programmer /ˈprəʊgramə/, noun: a device that converts ►coffee into ►code
0

#53 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 06 December 2011 - 04:11 PM

And this is for posts:

Please, wrap your code with "[ code ][ / code ] " tags
¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#54 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 05:56 PM

I hate to ask again but I'm still getting an error:

mdecrypt_generic() [<a href='function.mdecrypt-generic'>function.mdecrypt-generic</a>]: An empty string was passed

I'm also wondering where my secret key gets included. I have it in main.php as :
	'params'=>array(
		// this is used in contact page
		'adminEmail'=>'webmaster@example.com',
		'secretKey'=>'mySecretKey',
	),


I also have this in the main.php components:

		'securityManager'=>array(
  		'cryptAlgorithm'=>array(
    	'rijndael-128',
    	'',
   	 	'ecb',
    	''
  		),



Thanks/
0

#55 User is offline   Da:Sourcerer 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,222
  • Joined: 30-March 11
  • Location:Berlin, Germany

Posted 06 December 2011 - 06:19 PM

Sounds like an empty string has been passed to Yii::app()->securityManager->decrypt()
programmer /ˈprəʊgramə/, noun: a device that converts ►coffee into ►code
0

#56 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 06:30 PM

I think it is not getting the encryption key because I probably have not set it properly (from what I'm reading) ...
0

#57 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 06 December 2011 - 07:04 PM

Why you set your key in params? Shouldn't be set on your security manager configuration?

http://www.yiiframew...ptionKey-detail

'securityManager'=>array(
                'cryptAlgorithm'=>array(
        'rijndael-128',
        '',
                'ecb',
        ''
          ),
       'encryptionKey'=>'mysecretkeytoencryptdecrypt'


¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#58 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 06 December 2011 - 07:41 PM

Hi Antonio,

What you just posted is what I have ...

I'm still seeing this:

mdecrypt_generic() [<a href='function.mdecrypt-generic'>function.mdecrypt-generic</a>]: An empty string was passed 


And these below:

$decrypted=mdecrypt_generic($module,substr($data,$ivSize));

$this->getOwner()->{$key} = Yii::app()->securityManager->decrypt(utf8_decode($value));


Thanks again for your patience.
0

#59 User is offline   Antonio Ramirez 

  • Elite Member
  • Yii
  • Group: Yii Dev Team
  • Posts: 1,450
  • Joined: 04-October 10

Posted 07 December 2011 - 03:35 AM

Make sure your models do have the attributes to be decrypted with encrypted text... Make sure the models that you are about to save do have the attributes that you wish to encrypt with text...

$value supposed to have the attribute that has something... I do not really understand why you have that error as the behavior DOES CHECK against empty values...

   if (in_array($key, $this->attributes) && !empty($value))

¿How long would it take for you to understand that you own nothing in this world?

www.ramirezcobos.com
www.2amigos.us
www.github.com/tonydspaniard
www.github.com/2amigos


Posted Image
0

#60 User is offline   christomurr 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 40
  • Joined: 03-December 11
  • Location:Boston, MA

Posted 07 December 2011 - 05:35 AM

I've already moved it around, but does it matter where in the model that code goes?

I'm running out of ideas. Is it the value it is not getting or the encrypt key?
0

Share this topic:


  • (5 Pages)
  • +
  • 1
  • 2
  • 3
  • 4
  • 5
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users