All geek questions in one place

The struggle to store information in the database field

I had huge problems storing encrypted information in mysql database, mySam engine

I encrypt the information as follows:

function in($plaintext) { $cipher = 'rijndael-256'; $mode = 'cbc'; $key = 'key'; $td = mcrypt_module_open($cipher, '', $mode, ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $key, $iv); $crypttext = mcrypt_generic($td, $plaintext); mcrypt_generic_deinit($td); return $iv.$crypttext; }

Then the data is saved in blob. When I come to derypt info, it looks like about 10% of the time it was corrupted due to storage in the database.

I can verify that this is a database problem, since I run scripts to bulk encrypt and decrypt data without problems.

Any ideas? Thanks in advance...

[change decryption procedure]

 function decrypt($crypttext) { $cipher = 'rijndael-256'; $mode = 'cbc'; $key = '$key'; $plaintext = ''; $td = mcrypt_module_open($cipher, '', $mode, ''); $ivsize = mcrypt_enc_get_iv_size($td); $iv = substr($crypttext, 0, $ivsize); $crypttext = substr($crypttext, $ivsize); if ($iv) { mcrypt_generic_init($td, $key, $iv); $plaintext = mdecrypt_generic($td, $crypttext); } return $plaintext; }
+6
source share
2 answers

I highly doubt that you have encountered a mysql database error ... "corrupted" how? Can we see your decryption procedure and test script? Isn't that just the block size you've come across?

Filling: crypt algos usually work with data blocks (using 128 bits) - the input data (and therefore output!) Will be supplemented with this length, and you need to save the entire filled output string - and, possibly, the length from your unfilled input, if your input is a form in which the filling cannot be detected and automatically deleted after decryption.

+2
source

Protecting plaintext passwords in MySQL is not a good idea ... also why not use SHA1 or an MD5 hash ... you will get more siphon answers and then change the algorithm as you like.

Basically

SELECT SHA1 ("SecretPassword") will be = 08cd923367890009657eab812753379bdb321eeb or blabityboo

SHA1 will store up to 40 characters, which means that you probably should change your data type from BLOB to varchar or nvarchar () <--- probably varchar ...

without building your algorithm, we can’t say how long the field will be, so a comment about the addition.

When you select a passage using SELECT CHARACTER_LENGTH ("SecretPassword"), you will get the length of the encrypted field. and then you can create the appropriate restrictions.

Hope this helps.

0
source

Source: https://habr.com/ru/post/915921/

More articles:


All Articles