Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Encrypting Data using OnBeforeWrite


Go to End
Reply

18 Posts   2741 Views

Avatar
zenmonkey

14 December 2010 at 5:02am Community Member, 528 Posts

I'm working on an application that may need to store sensitive medical information and I was wondering can fields be encrypted/decrypted using AES_ENCRYPT() and AES_DECRYPT() or others using standard DataObject Write and Get methods? Or would I need to use an onBeforeWrite() and create functions to Manually Decrypt later?

Cheers

Avatar
zenmonkey

20 December 2010 at 2:10pm Community Member, 528 Posts

I've decided to try using onBeforeWrite. here is my code:

function onBeforeWrite(){
   $modes = mcrypt_list_modes();
   
   /* Open the cipher */
   $td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
   
   /* Create the IV and determine the keysize length, use MCRYPT_RAND
       * on Windows instead */
      $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
      $ks = mcrypt_enc_get_key_size($td);
      
      /* Create key */
      $key = substr(md5('very secret key'), 0, $ks);
   
   /* Intialize encryption */
    mcrypt_generic_init($td, $key, $iv);
   
    $toEncrypt = $this->FirstName;
   
    $encrypted = mcrypt_generic($td, $toEncrypt);
   
    $this->setField("FirstName", $encrypted);
   
    /* Terminate encryption handler */
      mcrypt_generic_deinit($td);
      mcrypt_module_close($td);

   
   parent::onBeforeWrite();
}

The data encrypts but won't write to the DB. is this because SilverStripe is escaping any non standard alphanumeric characters? If so how do I override

Thanks

Avatar
cumquat

8 December 2011 at 7:50pm Community Member, 198 Posts

Hi ya,

this is something i may also need to do, did you find a suitable solution?

Regards

Mick

Avatar
zenmonkey

9 December 2011 at 3:03am Community Member, 528 Posts

Yes, I found a solution. It turns out AES_ENCRYPT() converts the data into a binary blob, so you need to use base64_encode on the value before you can write it to the Database and base64_decode on the other end.

A word of warning on host choices though, the client used GoDaddy VPS against my advice and their default PHP install doesn't include the MCRYPT module so when I installed it on the server everything failed until I manually patched the MCRYPT module onto the server.

Avatar
cumquat

10 December 2011 at 12:00am Community Member, 198 Posts

Cheers for that,

I'm just looking at the code now to see if it's something I can do easily enough.

Regards

Mick

Avatar
cumquat

3 May 2012 at 2:59am Community Member, 198 Posts

Hi ya,

I'm having a play finally with the code and like you it won't write to the database, I know you mentioned that it needed to be base64 encoded is there any chance you can paste your code where you do this I have tried it with no luck so far.

Regards

Mick

Avatar
zenmonkey

3 May 2012 at 11:18am Community Member, 528 Posts

Okay here is my full onBeforeWrite and encryption function http://pastie.org/3851142

Hopefully it helps

Avatar
cumquat

3 May 2012 at 7:27pm Community Member, 198 Posts

Many thanks for that, i had missed out the = in the

$this->FirstName = base64_encode($encrypted[0]);

and as im doing this on a decorator i had also missed the

$this->owner->

as well.
I'm entering this data via modeladmin how would i call the decrypt function for the couple of encrypted fields in the CMS?

Mick

Go to Top