LC Encrypting with Aes-256-cbc supported ?

Creating desktop or client-server database solutions?

Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller

Post Reply
teriibi
Posts: 254
Joined: Mon Nov 13, 2017 3:49 pm
Location: Bolivia

LC Encrypting with Aes-256-cbc supported ?

Post by teriibi » Sun Jan 28, 2018 3:30 am

Hi,

it seems that i can only encrypt using the AES-128-cbc Cypher but not the 256 version ?

Code: Select all

  encrypt tValU using "aes-128-cbc" with key tKeyHex and IV tIVHex at 128 bit
Creates a value...then stored in a MySQL DB.

Code: Select all

  encrypt tValU using "aes-256-cbc" with key tKeyHex and IV tIVHex at 256 bit
Doesnt create any value...nothing gets stored in the DB.

Does anyone know if this is a syntax error aes-256 is even supported by LC now ?
:roll:

PS: Now using this syntax :

Code: Select all

 encrypt  tValU using "aes256" with password tPassword and salt tSalt
produces a Value...(and stores in the DB)

Is any of this Encryption method still worth using as of today ? (reliable)

ghettocottage
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 366
Joined: Tue Apr 10, 2012 9:18 am

Re: LC Encrypting with Aes-256-cbc supported ?

Post by ghettocottage » Sun Jan 28, 2018 4:09 am

I had something like this that worked for me. I would first create a gPW and gSalt through some other functions that would create randomized strings, then:

Code: Select all

#encode with aes
function aesEncode tString
   encrypt tString using "aes256" with gPW and salt gSalt
   put it into tString
   put base64Encode(tString) into tString
   put URLEncode(tString) into tString
   return tString
end aesEncode

teriibi
Posts: 254
Joined: Mon Nov 13, 2017 3:49 pm
Location: Bolivia

Re: LC Encrypting with Aes-256-cbc supported ?

Post by teriibi » Sun Jan 28, 2018 11:51 am

Thanks very much, :)
1rst thing is that "aes256" seems the right way to refer to it (not "aes-256-cbc")
2nd I ll make sure I dont skip the other encodings :wink:

Is it the way that the encrypting process adds the prefix string : Salted__******* to the value stored in the DB field ? :D

ghettocottage
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 366
Joined: Tue Apr 10, 2012 9:18 am

Re: LC Encrypting with Aes-256-cbc supported ?

Post by ghettocottage » Sun Jan 28, 2018 3:56 pm

For my usage, I would decrypt and everything on the server before putting it into the database, so I am not sure but I do not see why not.


on the server, with Livecode Server:

Code: Select all

		//decode aes encoded data
		function aesDecode tString
		  put base64Decode(tString) into tString
		  decrypt tString using "aes256" with gPW and salt gSalt
		  return it
		end aesDecode

teriibi
Posts: 254
Joined: Mon Nov 13, 2017 3:49 pm
Location: Bolivia

Re: LC Encrypting with Aes-256-cbc supported ?

Post by teriibi » Sun Jan 28, 2018 6:51 pm

Well I ve read here and there that it has its Pro side and its Cons side. :roll:

Not crypted field´s DB
Pro, I think that you can only run querries on non encrypted fields, not so sure you can do that for encrypted one, or it has to be suported by the DB structure you´ll choose.
cons, all your backups or dumps reveals all non encrypted values
..would lightly save some CPU resources not to have to decrypt before storing...and RE-encrypt before sending back.


For encrypted fleld DB.
Pro, Backups are either protecting the fields values or not possible to backup/restore up due to enryption
(would require further investugation on that point).
Cons, not being able to run queries on encrypted value. though, if its for PW, rare case you´d need to run a querries on that I beleieve. But if its about for a number fld you probably want to query it sometime - than you d need to check if query would ever be possible on a crypted fone number fld.
Thats where your DB format could make the difference...
De/Crypting is done on the device not the server.

FourthWorld
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 9801
Joined: Sat Apr 08, 2006 7:05 am
Location: Los Angeles
Contact:

Re: LC Encrypting with Aes-256-cbc supported ?

Post by FourthWorld » Mon Jan 29, 2018 3:48 am

Some useful tips for limited searching of encrypted DBs:
https://dba.stackexchange.com/questions ... ted-fields

I think I'd be more inclined to encrypt the disk and harden elsewhere, unless there's some serious regulatory requirement for the particular data I'm working with.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn

Post Reply

Return to “Databases”