8

UPDATE

I found the issue that was holding up my script. Apparently it had nothing to do with decryption, but my redirect instead. When I removed this block of code, the script starting performing quickly. Still not sure why this was causing the issue?

// Make sure we have an Order ID
if( ! isset($_GET['id']) && ! isset($_POST['id']) ) {
    header("Location: https://www.website.com/orders/");
    exit;
}

ORIGINAL QUESTION:

I have been using the Encryption class found here: Encryption class. I am storing the data in a MySQL database, with a VARCHAR binary data type (formerly I tried BLOB and TINYBLOB).

The encrypting and decrypting both work, however it takes like 1 minute to decrypt. The encryption is fast.

I guess I should also say that this is happening over a https connection (in case that's relevant).

I don't remember it always taking this long to decrypt. Do you have any idea what could be causing this? When I comment out the decryption portion of the PHP code, and just echo back the encrypted string, it performs quickly.

CODE AS REQUESTED BELOW IN THE COMMENTS

class Encryption
{
    const CYPHER = 'blowfish';
    const MODE   = 'cfb';
    const KEY    = 'MyPersonalKey';

    public function encrypt($plaintext)
    {
        $td = mcrypt_module_open(self::CYPHER, '', self::MODE, '');
        $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        mcrypt_generic_init($td, self::KEY, $iv);
        $crypttext = mcrypt_generic($td, $plaintext);
        mcrypt_generic_deinit($td);
        return $iv.$crypttext;
    }

    public function decrypt($crypttext)
    {
        $plaintext = '';
        $td        = mcrypt_module_open(self::CYPHER, '', self::MODE, '');
        $ivsize    = mcrypt_enc_get_iv_size($td);
        $iv        = substr($crypttext, 0, $ivsize);
        $crypttext = substr($crypttext, $ivsize);
        if ($iv)
        {
            mcrypt_generic_init($td, self::KEY, $iv);
            $plaintext = mdecrypt_generic($td, $crypttext);
        }

        return $plaintext;
    }
}

Here is the code from the webpage, where I set the variables from the MySQL row. I am using WordPress' $wpdb object.

$order = $wpdb->get_row("SELECT * FROM orders WHERE id = ".$order_id." LIMIT 0,1");

$addons_price =      $order->addons_price;
$hooked_package =    (isset($_GET['hooked_package'])) ? $_GET['hooked_package'] : $order->hooked_package;
$arrival_date_unix = $order->arrival_date_unix;
$order_data =        unserialize($order->order_data);
$preview_total =     $order_data['preview_price'] + $addons_price + $order_data['travel_insurance'];
$normal_total =      $order_data['normal_price'] + $addons_price + $order_data['travel_insurance'];
$package_price =     $order->package_price;
$total_price =       $order->total_price;
$billing_cc =        Encryption::decrypt($order->billing_cc);

Also, here is the MySQL type...

`billing_cc` varbinary(255) DEFAULT NULL
Community
  • 1
  • 1
Mike McLin
  • 3,627
  • 7
  • 41
  • 49
  • 1
    Can you show us some of the code, particularly a few lines before and after the "decryption" process? – Jim May 23 '11 at 16:06
  • 3
    Try adding and then moving a "die('stopped on line x')" statement at each line of your decrypt function. Move that down the function until you isolate exactly which mcrypt call is slow. – Michael Petrov May 23 '11 at 16:47
  • I cannot see any problem in that class, do you have a really long key? This could be a factor for slow decrypting – dcai May 23 '11 at 16:47
  • The key is 15 characters long – Mike McLin May 23 '11 at 17:03
  • I'm thinking that the delay is actually happening somewhere else in my script, not during the decrypt phase. I'll keep posting. – Mike McLin May 23 '11 at 17:50
  • Found the issue. Still doesn't make sense to me. I added it towards the top of my question. Thanks everyone for helping me out. Michael Petrov, your die() suggestion is what eventually saved the day in debugging. Thanks. – Mike McLin May 23 '11 at 18:06

1 Answers1

1

The code you indicate as being your problem is a simple conditional redirect. So it shouldn't have anything to do with the decryption. The only reason I can see for the redirect being slow is that the web server is under heavy load, on a slow connection or has some other performance issue.

inquam
  • 12,664
  • 15
  • 61
  • 101
  • Yeah, sorry for the confusion. I understand what the code means. However, I have found that the decryption was NOT the cause of the lag after all. Once I removed the redirect block of code, the script ran fast. Not sure why. – Mike McLin May 24 '11 at 14:04