After modifying php.ini, you need to restart Apache.
CHAPTER 16 ?– MANAGING CUSTOMER DETAILS 487
Figure 16-2. Testing encryption
?– Caution The decrypted string always has a length that is a multiple of 32 bytes. If the original string is
less than 32 bytes, null characters are appended until the string??™s length becomes a multiple of 32 bytes.
You need to be careful with this detail because it means the decrypted value of the string may not be identical
to the encrypted value. For our TShirtShop project, because we??™ll encrypt XML data and the values of
interest are between XML tags, we won??™t need to worry about having additional void characters at the end
of the string.
How It Works: Encryption Functionality in the Business Tier
The SymmetricCrypt class has two static methods, Encrypt() and Decrypt(), which encrypt and decrypt
data, and a number of encryption configurations parameters stored as static members:
// Encryption/decryption key
private static $_msSecretKey = 'From Dusk Till Dawn';
// The initialization vector
private static $_msHexaIv = 'c7098adc8d6128b5d4b4f7b2fe7f7f05';
// Use the Rijndael Encryption Algorithm
private static $_msCipherAlgorithm = MCRYPT_RIJNDAEL_128;
The secret key is 16 characters (bytes) long for AES algorithms. Using a smaller key is allowed by the mcrypt
library but will reduce the encryption security.
Pages:
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611