[英]Selecting Encrypted Data from MySQL
我將一些加密信息存儲在MySQL數據庫中,但是由於某種原因我無法將其取回。 我將加密數據存儲為BINARY(46) 。 為什么我的選擇語句失敗?
這是我的SELECT語句:
SELECT max(created) FROM incentive_sales WHERE incentive_sales.accountID = :aid
所以我不應該為我的選擇語句加密accountID(:aid)嗎?
這是我的加密功能:
private function _encrypt($decrypted, $password, $salt = '|SgQLL*ea!UMwf^s%'){
// Build a 256-bit $key which is a SHA256 hash of $salt and $password.
$key = hash('SHA256', $salt . $password, true);
// Build $iv and $iv_base64. We use a block size of 128 bits (AES compliant) and CBC mode. (Note: ECB mode is inadequate as IV is not used.)
srand(); $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_RAND);
if (strlen($iv_base64 = rtrim(base64_encode($iv), '=')) != 22){
return false;
}
// Encrypt $decrypted using $key.
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $decrypted, MCRYPT_MODE_CBC, $iv));
return $iv_base64.$encrypted;
}
而我的解密功能:
private function _decrypt($encrypted, $password, $salt = '|SgQLL*ea!UMwf^s%'){
// Build a 256-bit $key which is a SHA256 hash of $salt and $password.
$key = hash('SHA256', $salt . $password, true);
// Retrieve $iv which is the first 22 characters plus ==, base64_decoded.
$iv = base64_decode(substr($encrypted, 0, 22) . '==');
// Remove $iv from $encrypted.
$encrypted = substr($encrypted, 22);
// Decrypt the data.
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, $iv)
return $decrypted;
}
正確的答案是,“據我所知,你不能使用加密的數據,在where子句中的選擇,因為它永遠是不同的。”
為了避免這個(因為我希望能夠基於加密的數據來選擇),我還存儲加密數據,然后我在我的SELECT語句中使用的哈希/鹽腌值。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.