Jump to:

23358 Posts in 17875 Topics by 2862 members

General Questions

SilverStripe Forums » General Questions » Encrypting Data using OnBeforeWrite

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2 3
Go to End
Author Topic: 2336 Views
  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Encrypting Data using OnBeforeWrite Link to this post

    I'm working on an application that may need to store sensitive medical information and I was wondering can fields be encrypted/decrypted using AES_ENCRYPT() and AES_DECRYPT() or others using standard DataObject Write and Get methods? Or would I need to use an onBeforeWrite() and create functions to Manually Decrypt later?

    Cheers

  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    I've decided to try using onBeforeWrite. here is my code:

    function onBeforeWrite(){
       $modes = mcrypt_list_modes();
       
       /* Open the cipher */
       $td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
       
       /* Create the IV and determine the keysize length, use MCRYPT_RAND
           * on Windows instead */
          $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
          $ks = mcrypt_enc_get_key_size($td);
          
          /* Create key */
          $key = substr(md5('very secret key'), 0, $ks);
       
       /* Intialize encryption */
        mcrypt_generic_init($td, $key, $iv);
       
        $toEncrypt = $this->FirstName;
       
        $encrypted = mcrypt_generic($td, $toEncrypt);
       
        $this->setField("FirstName", $encrypted);
       
        /* Terminate encryption handler */
          mcrypt_generic_deinit($td);
          mcrypt_module_close($td);

       
       parent::onBeforeWrite();
    }

    The data encrypts but won't write to the DB. is this because SilverStripe is escaping any non standard alphanumeric characters? If so how do I override

    Thanks

  • cumquat
    Avatar
    Community Member
    190 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Hi ya,

    this is something i may also need to do, did you find a suitable solution?

    Regards

    Mick

  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Yes, I found a solution. It turns out AES_ENCRYPT() converts the data into a binary blob, so you need to use base64_encode on the value before you can write it to the Database and base64_decode on the other end.

    A word of warning on host choices though, the client used GoDaddy VPS against my advice and their default PHP install doesn't include the MCRYPT module so when I installed it on the server everything failed until I manually patched the MCRYPT module onto the server.

  • cumquat
    Avatar
    Community Member
    190 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Cheers for that,

    I'm just looking at the code now to see if it's something I can do easily enough.

    Regards

    Mick

  • cumquat
    Avatar
    Community Member
    190 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Hi ya,

    I'm having a play finally with the code and like you it won't write to the database, I know you mentioned that it needed to be base64 encoded is there any chance you can paste your code where you do this I have tried it with no luck so far.

    Regards

    Mick

  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Okay here is my full onBeforeWrite and encryption function http://pastie.org/3851142

    Hopefully it helps

  • cumquat
    Avatar
    Community Member
    190 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Many thanks for that, i had missed out the = in the

    $this->FirstName = base64_encode($encrypted[0]);

    and as im doing this on a decorator i had also missed the

    $this->owner->

    as well.
    I'm entering this data via modeladmin how would i call the decrypt function for the couple of encrypted fields in the CMS?

    Mick

    2336 Views
Page: 1 2 3
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.