(03-24-2015, 04:52 AM)PaulD Wrote: I am just doing some tests and have got myself a bit confused on CI3 and encryption.
I encrypt a simple string like 'HelloWorld', call it $coded and store it in a database BLOB field.
First try your test with a database LONGTEXT field. Once you have it working then try it on BLOB.
(03-24-2015, 04:52 AM)PaulD Wrote: I then, from a controller, read the blob field and call it $db_coded.
I compare $coded and $db_coded and the comparison fails.
If you are trying to compare passwords is best to use CI hash functions. However if you need to decode the string at some point (like a usernme) but also need to make an encrypted comparation then use CI encryption library with ECB mode (less secure) that will allow you to compare encrypted strings. If they match the comparation will pass.
(03-24-2015, 04:52 AM)PaulD Wrote: BUT, if I decrypt $db_coded and compare it to 'HelloWorld', the comparison passes.
Of course... if the string and the $db_coded is decrypted it will be ok to compare and it will pass.
Read about switching to ECB mode on CI documentation before make any changes.
