Storing encrypted strings in MYSQL - encrypted data changes on DB store

rubyonrails-talk
1

Im trying to encrypt a string and store it in the DB. But there seems to be some interpretation problems both in Ruby and in MySQL. Here's what Ive tried and the results.. (the data to be encrypted is the string "1231821029")

#Crypt MODULE has

  def AESCrypt.decrypt(encrypted_data, key, iv, cipher_type="aes-256- cbc")     aes = OpenSSL::Cipher::Cipher.new(cipher_type)     aes.decrypt     aes.key = key     aes.iv = iv if iv != nil     aes.update(encrypted_data) + aes.final   end

  def AESCrypt.encrypt(data, key, iv, cipher_type="aes-256-cbc")     aes = OpenSSL::Cipher::Cipher.new(cipher_type)     aes.encrypt     aes.key = key     aes.iv = iv if iv != nil     aes.update(data) + aes.final   end

#Raising the encrypted data after form submit and before save in yaml format

"\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14"

#Console tests

x = AESCrypt.encrypt("1231821029", "X"*32, "I"*32)

=> "\216?P?&U\246?[??\2611m?"

y = AESCrypt.decrypt("\216?P?&U\246?[??\2611m?", "X"*32, "I"*32)

OpenSSL::CipherError: wrong final block length   from /Users/fire/Sites/Vinay/ROR/RealApps/fi_rest_auth/config/ initializers/aes_crypt.rb:20:in `final'   from /Users/fire/Sites/Vinay/ROR/RealApps/fi_rest_auth/config/ initializers/aes_crypt.rb:20:in `decrypt'   from (irb):3

y = AESCrypt.decrypt(x, "X"*32, "I"*32)

=> "1231821029"

y = AESCrypt.decrypt("\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14", "X"*32, "I"*32)

=> "1231821029" # notice the string i used here is the one i raised before save. that too, works. although it is different from what the console returns for the encrypt function.

x

=> "\216?P?&U\246?[??\2611m?"

#Encrypted data stored in DB

??P?&U??[???1m?

even the SQL insert call has ??P?&U??[???1m? if I check the logs. Im basically getting 3 different values at 3 different points for the same encrypted data. ie.

before_save - "\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14" after_save in DB - ??P?&U??[???1m? in the console - "\216?P?&U\246?[??\2611m?"

And when i try to decrypt using whats there in the DB, I get "bad decrypt - wrong final block length".

Any idea what im missing here? Ive done some serious digging and ive hit bedrock and no water. Hoping someone here's got the answer.

Cheers!

2

Im trying to encrypt a string and store it in the DB. But there seems to be some interpretation problems both in Ruby and in MySQL. Here's what Ive tried and the results.. (the data to be encrypted is the string "1231821029")

Watch out for the type of the column you are storing the data in - if
it is a text column with encoding utf8 mysql will truncate if it
encounters an invalid utf8 sequence.

Fred

3

the encoding IS indeed utf8 and the column is a string column (varchar 255). how can I correct this?

4

the encoding IS indeed utf8 and the column is a string column (varchar 255). how can I correct this?

make the column by BINARY, VARBINARY or BLOB or you could base64 the
data before you store it.

Fred

5

Hi Fred,

I changed the column type to blob by changing the column def in the migration to :binary (which translates into blob in mysql). but the data in the DB still gets stored in the same way. ie ??P?&U?? [???1m?

I havent changed the encoding setting in database.yml from utf8. Do i have to change that?

Or can you explain what you meant by I could base64 before storing? I really am not able to make head or tail of the whole cryptography arena.. thanks for the help..