AES encryptor is not UTF-8 compatible about crypt_keeper HOT 16 CLOSED

I guess adding something like Base64.encode64(encrypted).encode('utf-8') somewhere would do the trick. Possibly before the encryption and after the decryption.

from crypt_keeper.

Don't seem to work and I don't know it there is something wrong on my setup but the following code doesn't help.

require 'crypt_keeper/provider/aes'

module CryptKeeper
  module Provider
    class BaseAesEncryptor < CryptKeeper::Provider::Aes

      # Public: Encrypt a string
      #
      # Note: nil and empty strings are not encryptable with AES.
      # When they are encountered, the orignal value is returned.
      # Otherwise, returns the encrypted string
      def encrypt(value)
        Base64.encode64(super(value)).encode('utf-8')
      end

      # Public: Decrypt a string
      #
      # Note: nil and empty strings are not encryptable with AES (and thus cannot be decrypted).
      # When they are encountered, the orignal value is returned.
      # Otherwise, returns the decrypted string
      def decrypt(value)
        super(Base64.decode64(value.encode('ascii-8bit')))
      end
    end
  end
end

from crypt_keeper.

# encoding: utf-8
require 'crypt_keeper/provider/aes'

module CryptKeeper
  module Provider
    class BaseAesEncryptor < CryptKeeper::Provider::Aes

      # Public: Encrypt a string
      #
      # Note: nil and empty strings are not encryptable with AES.
      # When they are encountered, the orignal value is returned.
      # Otherwise, returns the encrypted string
      def encrypt(value)
        super(value)
      end

      # Public: Decrypt a string
      #
      # Note: nil and empty strings are not encryptable with AES (and thus cannot be decrypted).
      # When they are encountered, the orignal value is returned.
      # Otherwise, returns the decrypted string
      def decrypt(value)
        super(value).force_encoding('utf-8')
      end
    end
  end
end

That solves the problem

from crypt_keeper.

Could it be related to #50 ? Using AES as well.
We worked around it with https://github.com/robotvert/crypt_keeper/commit/af78261984d87f4c26220e5b6b41c655d588b876
In some other app maintained by other guys in our company they solved it with a rails initializer that basically does the same using monkey patching.

from crypt_keeper.

Yeah it is that exact problem decrypting and then forcing encoding to utf-8 seems to do the trick.

from crypt_keeper.

I’m mulling over some options on how to fix this. I really want to avoid messing with encodings, but it sounds like I need to at least provide an option to force encodings on operations.

@robotvert @mhenrixon any thoughts on providing an option in crypt_keeper like force_encoding that would enable this behavior for a given provider?

class Dog < ActiveRecord::Base
  crypt_keeper encryptor: :aes, encoding: 'UTF-8' ...
end

from crypt_keeper.

e10e3d6 made big changes around that area, I need to test when I have time but could it be the AES gem handles that automagically? (wishful thinking)

from crypt_keeper.

@robotvert are you using a pre-release? That commit you're pointing to was not available in a stable release.

from crypt_keeper.

@jmazzi yes and no, I mean, aren't all versions -pre?
My fork that we are using is based off 0.14.pre, which dates back to last summer.
That commit I pointed it out to has indeed been added at a later time, my point was, could it be the problem we are experiencing with encodings be naturally resolved since that commit changed a lot of things around this area?
Sorry, I haven't had the time to try out the latest code, since the existing data is not compatible it's not as simple as incrementing a version number in the Gemfile... 😅

from crypt_keeper.

@robotvert it's possible it fixed it, that's what I was getting at.

I've updated the release notes. This v0.16.0-pre deprecates the legacy encryptor but it does not remove them. You'll just get a warning about it. Could you give it a shot when you get time?

from crypt_keeper.

@jmazzi unfortunately, after upgrading to 0.16.0.pre and re-encoding the data has explained in the AES Legacy Migration Instructions the result is the same here.
Encrypting data in Japanese works but decrypting it returns the hex representation.
Applying force_encoding('utf-8') does the trick though.

from crypt_keeper.

Tried upgrading to 16.1 but it completely messed up my whole application and like @robotvert says the problem persists.

What now? How can I safely update?

from crypt_keeper.

@mhenrixon the upgrade was smooth here, the executable provided to re-encrypt the data using the new method worked like a charm. FWIW I dealt with the encoding issue using this:

module AesNewOverrides
  def decrypt(value)
    v = super(value)
    v.force_encoding('utf-8') if v.respond_to?(:force_encoding)
  end
end

module CryptKeeper
  module Provider
    class AesNew
      prepend AesNewOverrides
    end
  end
end

from crypt_keeper.

@mhenrixon could you elaborate on the problems you had when you upgraded?

from crypt_keeper.

@mhenrixon @robotvert would you mind giving the feature/encoding_fixes branch a shot? This should fix the encoding issue you were encoutering.

from crypt_keeper.

This was released as 0.17.0

from crypt_keeper.