Geen fout
SELECT *, LENGTH( pw_encrypted), LENGTH( pw_hash_encrypted) FROM forum WHERE id = 1;
stdClass Object
(
[id] => 1
[username] => Harald
[password] => Wachtwoord
[enc_key] => N7KLE9T9X8YS4J8
[pw_hash] => $2y$10$ERHO6DaD/QVr0RCrIzeDp.mBpLuGWTDUKG0VBw8PJkS5YKvNwO9na
[pw_encrypted] => 0009E5F2A061696F9F8291E0A5652FC2
[pw_hash_encrypted] => 8C828CF5FE3160EF323548623436CE0780AF96FD8AE0091102B904A0089A528FD6B0B1649DD736220F8F7E79BF8628621EFCF9B236DB600C7710580F46DCD784
[enc_pw_encrypted] => 0D2C18D0758173F7AFF6D1C452321F71
[enc_pw_hash_encrypted] => 72CB1880F2146BC3CEB671FB82FD8F40786013F8D87069CE3D92CB1546945AE6B10506F1A0F399EE4C24BB0280C107FC6D43912FDC1410C618F598DB2324B058
[LENGTH( pw_encrypted)] => 32
[LENGTH( pw_hash_encrypted)] => 128
)
In plaats van het password kan ook de hash van het wachtwoord worden encrypt.
In werkelijkheid wordt het wachtwoord NIET leesbaar bewaard.
In het geval de database wordt gejat, moet eerst de encrypted hash worden decrypt alvorens de hash zelf kan worden gekraakt.
De $SQL_encrypt_key variable moet op een veilige plek worden bewaard. De meningen verschillen over waar die veilige plek dan wel is.
Het encrypten/decrypten gebeurt door/op de MySQL/MariaDB databaseserver volgens onderstaande link.
➠ https://mariadb.com/kb/en/aes_encrypt/
➠ De toelichting voor het geval dat u ’m gemist heeft.
User specific enc_key = NJFB8XDZ1OYUPK9
$query = "UPDATE forum
SET pw_hash = '" . $pw_hash . "',
pw_encrypted = HEX( AES_ENCRYPT( password, '" . $SQL_encrypt_key . "' ) ),
pw_hash_encrypted = HEX( AES_ENCRYPT( pw_hash, '" . $SQL_encrypt_key . "' ) )
WHERE username <> '';";
UPDATE forum
SET
pw_hash = "$2y$10$CkzQwLHuoUqjDG/vomiACO51IKNYs.1qDYxCG2q7F61.xy9DXo2qW",
enc_key = "NJFB8XDZ1OYUPK9",
pw_encrypted = HEX( AES_ENCRYPT( password, "Carthago moet vernietigd worden" ) ),
pw_hash_encrypted = HEX( AES_ENCRYPT( pw_hash, "Carthago moet vernietigd worden" ) ),
enc_pw_encrypted = HEX( AES_ENCRYPT( password, "NJFB8XDZ1OYUPK9" ) ),
enc_pw_hash_encrypted = HEX( AES_ENCRYPT( pw_hash, "NJFB8XDZ1OYUPK9" ) )
WHERE id = 1;
| Field | Value |
|---|---|
| ID | 1 |
| Username | Harald |
| password | Wachtwoord |
| hash | $2y$10$CkzQwLHuoUqjDG/vomiACO51IKNYs.1qDYxCG2q7F61.xy9DXo2qW |
| enc_key | NJFB8XDZ1OYUPK9 |
| pw_encrypted | 0009E5F2A061696F9F8291E0A5652FC2 |
| pw_decrypted | Wachtwoord |
| pw_hash_encrypted | 08AAC33C272160C9D9D61A2DA0EDA715ACA86B06CCF59BE2AD1AE6A4ADDE02239761170E006C48FD501B154771983FDC018A996312A1A637E07BD497BE41A16F |
| pw_hash_decrypted | $2y$10$CkzQwLHuoUqjDG/vomiACO51IKNYs.1qDYxCG2q7F61.xy9DXo2qW |
| password is | Valid |
| enc_key | NJFB8XDZ1OYUPK9 |
| enc_pw_encrypted | 5174BAD67DCD268646257631A80AC488 |
| enc_pw_hash_encrypted | EE344FF75B4BEE98BA09182179CE84747B5A4390F511288ADB7F389E5978F5294BAAAD2216A006EA184FA33D14F1763FBA8F92133328E8090BC613F7B64FDCB0 |
| enc_pw_decrypted | Wachtwoord |
| enc_pw_hash_decrypted | $2y$10$CkzQwLHuoUqjDG/vomiACO51IKNYs.1qDYxCG2q7F61.xy9DXo2qW |
| password is | Valid |