Jerry Geis
2015-Jul-11 10:54 UTC
[CentOS] Using gpg to encrypt a URL line on CentOS 6 additional information
>+1. also, it'd probably be good to state what you're trying to accomplish rather >than if you can throw a technology at vague something or another. I think you'd >find gpg's password input cumbersome for symmetric keys, the output too long in ascii >armor and possibly annoying to deal with public keys... but you don't really say what >you're trying to fix/avoid/do/not do.Sorry if I wasnt being clear enough.... it basically comes down to this. I use an apache interface to my application, the URL line has parameters line mscript?value=2&something=4 etc.. I have a "crude" encoding (wouldnt even call it encryption) that I use right now. I'd like to make that more robust. I started looking and found mcrypt (which I mentioned in the first post) But that did not compile from source, and is not available in the standard yum install. Other repos have it but that may not be an option for me due to other reasons.... No problem. So I started thinking about does GPG support something similiar like mcrypt? Easy way to encrypt a line for URL. That is where my goal lies... Way to encrypt a URL string with what is "standard" in CentOS 6. Thanks, Jerry
Liam O'Toole
2015-Jul-11 11:41 UTC
[CentOS] Using gpg to encrypt a URL line on CentOS 6 additional information
On 2015-07-11, Jerry Geis <geisj at pagestation.com> wrote:>>+1. also, it'd probably be good to state what you're trying to >>accomplish rather than if you can throw a technology at vague >>something or another. I think you'd find gpg's password input >>cumbersome for symmetric keys, the output too long in ascii armor and >>possibly annoying to deal with public keys... but you don't really say >>what you're trying to fix/avoid/do/not do. > > Sorry if I wasnt being clear enough.... > > it basically comes down to this. > > I use an apache interface to my application, the URL line has > parameters line mscript?value=2&something=4 etc.. > > I have a "crude" encoding (wouldnt even call it encryption) that I use > right now. > > I'd like to make that more robust. I started looking and found mcrypt > (which I mentioned in the first post) > > But that did not compile from source, and is not available in the > standard yum install. Other repos have it but that > > may not be an option for me due to other reasons.... No problem. > > > So I started thinking about does GPG support something similiar like > mcrypt? Easy way to encrypt a line for URL. > > That is where my goal lies... Way to encrypt a URL string with what is > "standard" in CentOS 6.Can you not just use HTTPS instead of HTTP? Also, it is preferable to send data in an HTTP(S) POST rather than as query parameters to a GET. -- Liam
Gordon Messmer
2015-Jul-13 02:40 UTC
[CentOS] Using gpg to encrypt a URL line on CentOS 6 additional information
On 07/11/2015 03:54 AM, Jerry Geis wrote:> I use an apache interface to my application, the URL line has > parameters line mscript?value=2&something=4 etc..Maybe don't give the client information that you don't want them to see. Send them a session ID, and store your private information in a local session store. Every web framework should have a library for session data handling.