Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Data Model Questions /

Storing encryption details


Reply


4 Posts   326 Views

Avatar
cumquat

Community Member, 198 Posts

29 January 2014 at 8:22am

Hi there,

I have managed to get my dataobject to store its data encrypted and i can then decrypt it [url]http://www.silverstripe.org/general-questions/show/15158?start=8#post333985[/url]

My question is how and where should i store the encryption keys, please note my knowledge is limited here. The basic requirement is to encrypt some information about people, and i need a way of securing that info on the mysql server and then for it to be able to be decrypted and edited by any user that logs into the system.

Any help or pointers much appreciated.

Regards

Mick

Avatar
Willr

Forum Moderator, 5513 Posts

29 January 2014 at 8:28pm

It depends on the level of security you want but storing them as constants in your environment file would be alright if you have a single key you use for every record. You probably want to keep this in the code rather than MySQL for a start. If security is #1 you could store the value in a file away from the web root and file_get_contents() the path of the key on the server. That keeps it out of version control as well.

Avatar
cumquat

Community Member, 198 Posts

29 January 2014 at 11:08pm

Cheers for responding Will,

I'm having trouble getting either option to work. Never used the _ss_environment.php file, i like the idea of the file_get_contents() but even though i put the file in the same directory (just for testing) and it can see the file i don't get any data, also would i then declare this as a global variable/function?

public function please() {
         $thekey = file_get_contents("../mysite/conf.txt");
         return $thekey;
   }

sorry if im being a plum.

mick

Avatar
Willr

Forum Moderator, 5513 Posts

30 January 2014 at 8:00pm

Try to avoid relative paths in SilverStripe as it's ambiguous. You also want to store the file outside of the web root. So something like

file_get_contents(dirname(BASE_PATH) . "/conf.txt");

will load conf.txt in the folder above the webroot.