0

Situation : How can I encrypt json in the page getuser.php and then decrypt it in index.php?

I got a getuser.php that creates echo (json_encode($data)); with a example output

{
    "id": 2,
    "username": "Teeto",
    "surname": "",
    "password": "somepassword",
    "lastlogin": "2014-02-18 15:35:01",
    "level": 0
}

Then I get the data to jquery

$.ajax({ 
            type: 'POST', 
            url: "getuserdata.php?id="+ otherPro,
            datatype: 'json',
            success: function(data){ 

            $.each(data, function (key, value) {
                $( '#' + key ).val( value ); 
            });

            } 
        });

Thanks for any tips.

user3002600
  • 165
  • 1
  • 2
  • 13
  • 1
    What's the purpose, can't you use ssl? – jeroen Feb 20 '14 at 15:02
  • In index.php decode the variable with json with `$data = json_decode($jsonstring, true);` – Alesfatalis Feb 20 '14 at 15:03
  • 2
    you really shouldn't be sending the password to the client. – Kevin B Feb 20 '14 at 15:03
  • its a admin option to edit password. But I need to take into account someone gets the json somehow. ( dont allow direct access to the json generator ) – user3002600 Feb 20 '14 at 15:15
  • 1
    your administrators, heck, not even you should be able to see those passwords in plain text from a security standpoint. passwords shouldn't be edited edited or retrieved as plain text, only changed. – Kevin B Feb 20 '14 at 15:19
  • @KevinB Any other idea how should I do it? Its to enable me access to the passwords/change them without database access. – user3002600 Feb 20 '14 at 15:42
  • 2
    have a form, where the "admin" inputs a new password. the admin clicks "Submit". said new password is sent to the database either through a normal postback or through ajax. the admin doesn't need to see the old password to set a new one. – Kevin B Feb 20 '14 at 15:45
  • True:) lets consider this the best option. – user3002600 Feb 20 '14 at 15:47

3 Answers3

5

There is absolutely no reason to allow even the admin access to see current passwords. At most, the admin should be allowed to change them (which doesn't require seeing them.) Simply remove the password field from your json and continue on your way. You do not need to encrypt the json any more than simply using ssl once you remove the password from it (since any encryption/decryption you do in javascript can be easily reverse-engineered.)

Kevin B
  • 94,570
  • 16
  • 163
  • 180
1

Use getJSON to load the JSON data by sending a GET request and iterate through the list with $.each:

$(document).ready(function() {
    $.getJSON('file.json', function(result) {
        $.each(result, function(i, field){
          $("#results").append(i + '=>' + field + '<br/ >');
        });
    });
});

But as said in the comments, you really shouldn't store / send passwords in plaintext.

Amal Murali
  • 75,622
  • 18
  • 128
  • 150
  • I use it only for admin purposes. But still need secure it somehow to not lookup the plain password if someone figure out the json file ( which is easy to do ) – user3002600 Feb 20 '14 at 15:17
  • 2
    @user3002600: No matter what purpose you use it for, **storing passwords as plaintext is just a Bad Idea ™**. – Amal Murali Feb 20 '14 at 15:22
  • Whats the solution? I mean a admin level 1 only would access the edit password page. All other admins wont have the privilege. – user3002600 Feb 20 '14 at 15:24
1

The short and sweet answer is that you must forget about using encryption or decryption with JavaScript. It takes extra time from a development standpoint, and it doesn't secure your data. Your JavaScript code can be modified and manipulated by third parties.

As Kevin suggested, your only solution in this case is to use SSL, which encrypts your data as it passes over the network from one page to another. This is not a panecea either because it comes with its own concerns. [0] However, SSL is a mandatory step if you have any interest in protecting your users' passwords from attackers and eavesdroppers.

A few weeks ago I asked a similar question about using encryption in JavaScript. [1] I wanted to use Stanford's JS Crypto Library to handle the encryption of small bits of data. While Stanford's library is cryptographically strong, I had to rule it out because attackers can tinker with its implementation. Here's one useful answer that I received:

Javascript is sent from the server to the client; whatever cryptography you do client-side will provide security only insofar as the code which the client runs has not been altered in transit -- which means that SSL is still required, at least to make sure that what the client receives and runs really is the genuine implementation of your protocol. [2]

EDIT: This isn't directly related to your concern, but if you're generally interested in using JavaScript for encryption or decryption, you might consider delivering the code through a different means. If you create a Google Chrome plugin [3] to handle these processes, you will have greater certainty that the code has not been modified. There is always substantial risk involved in developing your encryption protocol, and I wouldn't do this for any application that involves sensitive information, but I think the plugins approach is an interesting one. [4]

Community
  • 1
  • 1
hawkharris
  • 2,570
  • 6
  • 25
  • 36