| Re: problem encrypting data (AES_ENCRYPT/AES_DECRYPT) [message #181759 is a reply to message #181758] |
Thu, 30 May 2013 08:21   |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 30/05/13 08:46, Denis McMahon wrote:
> On Wed, 29 May 2013 23:28:32 -0700, ViVi wrote:
>
>
>> I've not been able to track down WHEN it fails, but some strings
>> everytime fail, other strings are OK.
> How long are the strings that fail - I seem to recall that aes works on
> 128 bit chunks - so multiples of 16 bytes.
>
> One padding scheme I have seen uses n digits of hex character n as
> padding, with 16 wrapping to 0, so for example if the data is a multiple
> of 16 bytes, the last 16 bytes are 0, but then if the length of the data
> mod 16 is:
>
> 1 - 15 * f
> 2 - 14 * e
> ...........
> 15 - 1 * 1
> 0 - 16 * 0
>
> Then after you decrypt, remove the padding chars, given that the last
> char tells you how much padding there is.
>
>> OK are .... almost all the following string doppio " apice FAILS
>> everytime.
>> I've tried defining the DB field (catName) VARCHAR or BINARY to no
>> avail.
> Also, there's a suggestion elsewhere that I googled that the sql data
> field should be varbinary or blob. Is it possible that your encrypted
> data is longer than your fixed width field, or in some cases not
> compatible with varchar?
>
definitely you should use varbinary or blob
"
|AES_ENCRYPT()|
< https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_ aes-encrypt>
encrypts a string and returns a binary string. |AES_DECRYPT()|
< https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_ aes-decrypt>
decrypts the encrypted string and returns the original string. The input
arguments may be any length. If either argument is |NULL|, the result of
this function is also |NULL|.
Because AES is a block-level algorithm, padding is used to encode uneven
length strings and so the result string length may be calculated using
this formula:
16 * (trunc(/|string_length|/ / 16) + 1)
If |AES_DECRYPT()|
< https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_ aes-decrypt>
detects invalid data or incorrect padding, it returns |NULL|. However,
it is possible for |AES_DECRYPT()|
< https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_ aes-decrypt>
to return a non-|NULL| value (possibly garbage) if the input data or the
key is invalid."
https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]