Storing encrypted strings in MYSQL - encrypted data changes on DB store

Rails
1

Im trying to encrypt a string and store it in the DB. But there seems
to be some interpretation problems both in Ruby and in MySQL. Here’s
what Ive tried and the results… (the data to be encrypted is the
string “1231821029”)

#Crypt MODULE has

def AESCrypt.decrypt(encrypted_data, key, iv, cipher_type=“aes-256-
cbc”)
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
aes.decrypt
aes.key = key
aes.iv = iv if iv != nil
aes.update(encrypted_data) + aes.final
end

def AESCrypt.encrypt(data, key, iv, cipher_type=“aes-256-cbc”)
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
aes.encrypt
aes.key = key
aes.iv = iv if iv != nil
aes.update(data) + aes.final
end

#Raising the encrypted data after form submit and before save in yaml
format

“\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14”

#Console tests

x = AESCrypt.encrypt(“1231821029”, “X”*32, “I”*32)
=> “\216?P?&U\246?[??\2611m?”

y = AESCrypt.decrypt("\216?P?&U\246?[??\2611m?", “X”*32, “I”*32)
OpenSSL::CipherError: wrong final block length
from /Users/fire/Sites/Vinay/ROR/RealApps/fi_rest_auth/config/
initializers/aes_crypt.rb:20:in final' from /Users/fire/Sites/Vinay/ROR/RealApps/fi_rest_auth/config/ initializers/aes_crypt.rb:20:indecrypt’
from (irb):3

y = AESCrypt.decrypt(x, “X”*32, “I”*32)
=> “1231821029”

y = AESCrypt.decrypt("\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14", “X”*32, “I”*32)
=> “1231821029” # notice the string i used here is the one i raised
before save. that too, works. although it is different from what the
console returns for the encrypt function.

x
=> “\216?P?&U\246?[??\2611m?”

#Encrypted data stored in DB

??P?&U??[???1m?

even the SQL insert call has ??P?&U??[???1m? if I check the logs.
Im basically getting 3 different values at 3 different points for the
same encrypted data. ie.

before_save - “\x8E\xEDP\xB4&U\xA6\xDA[\xCC\xFD\xB11m\xDB\x14”
after_save in DB - ??P?&U??[???1m?
in the console - “\216?P?&U\246?[??\2611m?”

And when i try to decrypt using whats there in the DB, I get “bad
decrypt - wrong final block length”.

Any idea what im missing here? Ive done some serious digging and ive
hit bedrock and no water. Hoping someone here’s got the answer.

Cheers!

2

On 3 Mar 2009, at 10:37, Ram wrote:

Im trying to encrypt a string and store it in the DB. But there seems
to be some interpretation problems both in Ruby and in MySQL. Here’s
what Ive tried and the results… (the data to be encrypted is the
string “1231821029”)

Watch out for the type of the column you are storing the data in - if
it is a text column with encoding utf8 mysql will truncate if it
encounters an invalid utf8 sequence.

Fred

3

the encoding IS indeed utf8 and the column is a string column (varchar
255). how can I correct this?

On Mar 3, 3:51 pm, Frederick C. [email protected]

4

On 3 Mar 2009, at 10:58, Ram wrote:

the encoding IS indeed utf8 and the column is a string column (varchar
255). how can I correct this?

make the column by BINARY, VARBINARY or BLOB or you could base64 the
data before you store it.

Fred

5

Hi Fred,

I changed the column type to blob by changing the column def in the
migration to :binary (which translates into blob in mysql).
but the data in the DB still gets stored in the same way. ie ??P?&U??
[???1m?

I havent changed the encoding setting in database.yml from utf8. Do i
have to change that?

Or can you explain what you meant by I could base64 before storing?
I really am not able to make head or tail of the whole cryptography
arena…
thanks for the help…

On Mar 3, 4:07 pm, Frederick C. [email protected]