|
|
Posted by Jochem Maas on 09/26/05 22:36
Graham Anderson wrote:
> Progressive Load is for a .mov file
> I need to keep the movie headers of the file intact...and just compress
> the actual audio/video data :)
> That way, Quicktime will not try to load the the whole thing before
> knowing what to do with the file
> I'll put the $key in my 'includes' outside the web folder in a class.
sounds lots better :-)
globals suck, long live globals.
>
> BTW, is MCRYPT_RIJNDAEL_256 good enough for day to day use ?
er? yes.
>
> many thanks for your time
> g
>
>
> On Sep 26, 2005, at 12:50 AM, Jochem Maas wrote:
>
>> Graham Anderson wrote:
>>
>>> Is this good enough encryption for daily use ?
>>> FYI, I need to keep the first part of the file unencrypted so the
>>> file will progressively load
>>
>>
>> hi Graham, could you explain this progressive load wotsit?
>>
>>> Functions were taken from the mycrypt php page :)
>>> $chunkSize = 32768;
>>> $key = "6q9nKLg5"
>>> if( $fd = fopen($filepath, 'rb')){
>>> while(!feof($fd)) {
>>> if($gotFastStartHeaders != true){
>>> echo fread($fd, $chunkSize/30);
>>> $gotFastStartHeaders = true;
>>> }else{
>>> echo encrypt(fread($fd, $chunkSize));
>>> }
>>> }
>>> fclose ($fd);
>>> exit;
>>> }
>>> /
>>> /---------------------------------------------------------------------
>>> -- -------------------
>>> // Encrypt
>>> function encrypt($encrypt) {
>>> global $key;
>>
>>
>> SIDENOTE:
>>
>> having a global called $key is probably a bad idea...
>> some one is liable to come along and add something like the following
>> to your code ...:
>>
>> foreach ($myArr as $key => $value) {
>> // do stuff that has nothing to do with encryption.
>> }
>>
>> $val = encrypt($stuff);
>>
>> if (!checkEncrypedValue($val)) {
>> // why is the encryption broken???
>> var_dump( $val, $stuff);
>> }
>>
>> so instead of a global $key - either pass in the key to the funcs
>> or add the funcs to a class and store the key inside the class or an
>> [singleton] object of that class to protect it.
>>
>> ...nothing else to add I'm afraid.
>>
>>> //$key = "6q9nEUg5";
>>> srand((double) microtime() * 1000000); //for sake of MCRYPT_RAND
>>> $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
>>> MCRYPT_MODE_ECB), MCRYPT_RAND);
>>> $passcrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $encrypt,
>>> MCRYPT_MODE_ECB, $iv);
>>> $encode = base64_encode($passcrypt);
>>> return $encode;
>>> }
>>> /
>>> /---------------------------------------------------------------------
>>> -- -------------------
>>> // Decrypt
>>> function decrypt($decrypt) {
>>> global $key;
>>> $decoded = base64_decode($decrypt);
>>> $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
>>> MCRYPT_MODE_ECB), MCRYPT_RAND);
>>> $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded,
>>> MCRYPT_MODE_ECB, $iv);
>>> return $decrypted;
>>> many thanks
>>> g
>>> On Sep 24, 2005, at 2:25 PM, Jasper Bryant-Greene wrote:
>>>
>>>> Graham Anderson wrote:
>>>>
>>>>> How do you display raw binary data of a file sent from a server
>>>>> with curl ?
>>>>
>>>>
>>>>
>>>> You can probably just use file_get_contents() if allow_url_fopen
>>>> is enabled (it is by default).
>>>>
>>>> For binary data, base64_encode and it's friend base64_decode allow
>>>> you to encode and decode binary data in a normal ASCII string.
>>>>
>>>> http://php.net/file_get_contents
>>>> http://php.net/base64_encode
>>>>
>>>>> I want to encrypt the file with something akin to str_replace
>>>>> and decode it on the other side with a custom data handler
>>>>> Just want to make sure that I am str_replace'ing the actual data
>>>>> and not a representation of it :)
>>>>
>>>>
>>>>
>>>> str_replace is not for encryption. You might want to look at
>>>> mcrypt, as using str_replace is probably just as bad as sending
>>>> the unencrypted string. It's not going to be secure.
>>>>
>>>> http://php.net/mcrypt
>>>>
>>>> --
>>>> Jasper Bryant-Greene
>>>> Freelance web developer
>>>> http://jasper.bryant-greene.name/
>>>>
>>>> --
>>>> PHP General Mailing List (http://www.php.net/)
>>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>
Navigation:
[Reply to this message]
|