LiveCode Forums.

Posted: **Sun Jan 28, 2018 3:30 am**

Hi,

it seems that i can only encrypt using the AES-128-cbc Cypher but not the 256 version ?

  encrypt tValU using "aes-128-cbc" with key tKeyHex and IV tIVHex at 128 bit

Creates a value...then stored in a MySQL DB.

Code: Select all

  encrypt tValU using "aes-256-cbc" with key tKeyHex and IV tIVHex at 256 bit

Doesnt create any value...nothing gets stored in the DB.

Does anyone know if this is a syntax error aes-256 is even supported by LC now ?

PS: Now using this syntax :

Code: Select all

 encrypt  tValU using "aes256" with password tPassword and salt tSalt

produces a Value...(and stores in the DB)

Is any of this Encryption method still worth using as of today ? (reliable)

Posted: **Sun Jan 28, 2018 4:09 am**

I had something like this that worked for me. I would first create a gPW and gSalt through some other functions that would create randomized strings, then:

Code: Select all

#encode with aes
function aesEncode tString
   encrypt tString using "aes256" with gPW and salt gSalt
   put it into tString
   put base64Encode(tString) into tString
   put URLEncode(tString) into tString
   return tString
end aesEncode

Posted: **Sun Jan 28, 2018 11:51 am**

Thanks very much,

1rst thing is that "aes256" seems the right way to refer to it (not "aes-256-cbc")
2nd I ll make sure I dont skip the other encodings

Is it the way that the encrypting process adds the prefix string : Salted__******* to the value stored in the DB field ?

Posted: **Sun Jan 28, 2018 3:56 pm**

For my usage, I would decrypt and everything on the server before putting it into the database, so I am not sure but I do not see why not.

on the server, with Livecode Server:

Code: Select all

		//decode aes encoded data
		function aesDecode tString
		  put base64Decode(tString) into tString
		  decrypt tString using "aes256" with gPW and salt gSalt
		  return it
		end aesDecode

Posted: **Sun Jan 28, 2018 6:51 pm**

Well I ve read here and there that it has its Pro side and its Cons side.

Not crypted field´s DB
Pro, I think that you can only run querries on non encrypted fields, not so sure you can do that for encrypted one, or it has to be suported by the DB structure you´ll choose.
cons, all your backups or dumps reveals all non encrypted values
..would lightly save some CPU resources not to have to decrypt before storing...and RE-encrypt before sending back.

For encrypted fleld DB.
Pro, Backups are either protecting the fields values or not possible to backup/restore up due to enryption
(would require further investugation on that point).
Cons, not being able to run queries on encrypted value. though, if its for PW, rare case you´d need to run a querries on that I beleieve. But if its about for a number fld you probably want to query it sometime - than you d need to check if query would ever be possible on a crypted fone number fld.
Thats where your DB format could make the difference...
De/Crypting is done on the device not the server.

Posted: **Mon Jan 29, 2018 3:48 am**

Some useful tips for limited searching of encrypted DBs:
https://dba.stackexchange.com/questions ... ted-fields

I think I'd be more inclined to encrypt the disk and harden elsewhere, unless there's some serious regulatory requirement for the particular data I'm working with.

LiveCode Forums.

LC Encrypting with Aes-256-cbc supported ?

LC Encrypting with Aes-256-cbc supported ?

Re: LC Encrypting with Aes-256-cbc supported ?

Re: LC Encrypting with Aes-256-cbc supported ?

Re: LC Encrypting with Aes-256-cbc supported ?

Re: LC Encrypting with Aes-256-cbc supported ?

Re: LC Encrypting with Aes-256-cbc supported ?