Python: Trying to store AES encrypted string into database

BrianK · 01-23-2009, 01:48 PM

I'm encrypting some data to store in a database. The encryption needs to be 2 way. Rather than use bzip or base64, I'd like to use something that requires a key to retreive the data. The problem is, I need to store the encrypted string in a MySQL and/or Sqlite database, preferably in a varchar field rather than a blob.

The way I'm doing the encryption is like so:

Code:

thing = 'encrypt me'
thing = thing.rjust(16,' ')
key = 'some padded key '
obj=AES.new(key, AES.MODE_ECB)
encrypted_val = obj.encrypt(thing)

(and then later, I can do an obj.decrypt(encrypted_val))

which results in:

Code:

"\xbbs\rv\xf8'u\xf9_\x02\xde\xad\x93E9\xb4"

...as ouptput by ipython which I believe does some sort of conversion so I can view the data. If I try to print out the value to a standard terminal, I get something like:

Code:

obj.encrypt(thing): '�p�
                         �*����        l1y'

(assuming you can even see that)

and, when I try to read that data from the db, similar problems arise & it causes my tests to fail.

Is there a better method of keyable two way encryption that results in ascii chars?
Is there a way to convert the binary to ascii for storage (like how ipython displays it), then a way to convert that ascii back to binary for obj.decrypt()?

BrianK · 01-23-2009, 01:54 PM

As is typical.. after I give up & ask the forum, I find the solution...

this seems to work for bin -> ascii -> bin conversion:

Code:

In [28]: foo = obj.encrypt(thing)

In [29]: foo
Out[29]: 'cV\x0f\xc5u)\x8b\xc8\xf4\xf2\x02\x9e!\xca\xb6('

In [30]: bar = binascii.b2a_hex(foo)

In [31]: bar
Out[31]: '63560fc575298bc8f4f2029e21cab628'

In [33]: binascii.a2b_hex(bar)
Out[33]: 'cV\x0f\xc5u)\x8b\xc8\xf4\xf2\x02\x9e!\xca\xb6('

In [34]: gah = binascii.a2b_hex(bar)

In [35]: obj.decrypt(gah)
Out[35]: '      encrypt me'

raconteur · 01-23-2009, 01:58 PM

Hmmm... binary data stored in a database shouldn't be a problem, I'd take a look at the way it is being written and read and the table/field structure to make sure the values aren't being truncated or mangled in some way. If you really need to store ASCII instead of binary, you could always uuencode the binary data. That will, of course, dramatically increase the size of the stored data.