Crypto Plugin

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Crypto Plugin

SanjayGupta
Hi, I am using crypto plugin to encrypt/decrypt credit card. The decryption doesn't work for some credit card numbers. What I am doing wrong. The oracle database column that stores the encrypted cc is typed as varchar. Do I need to store it as bytearray? Here is my code.
Thanks
Sanjay


    private String encryptInfo(String plainString)
    {
        String password = ConfigurationHolder.config.encryptionPassword
        String decryptedString
        byte[] encrypted = Blowfish.encrypt(plainString.getBytes(), password)
        decryptedString = new String(encrypted)
        return decryptedString

    }
    private String decryptInfo(String encryptedString)
    {
        log.debug "in decryptInfo"
        String password = ConfigurationHolder.config.encryptionPassword
        byte[] encryptedStringByteArray = encryptedString.getBytes()
        def decrypted = Blowfish.decrypt(encryptedStringByteArray, password)
        String decryptedString = ""
        decryptedString = (new String (decrypted)).trim()
        return decryptedString
    }

Reply | Threaded
Open this post in threaded view
|

Re: Crypto Plugin

Robert Fischer
Does this code work?

def str = "Robert said this should work"
def pass = "Some password"
assertEquals(str, new String(Blowfish.decrypt(Blowfish.encrypt(str.getBytes(), pass), pass)))

If so, it's not a problem with the conversion, either from String to bytes back to String or from
plaintext to ciphertext to plaintext.

For database storage, my recommendation would be to use encryptBase64/decryptBase64 and store them
as strings/varchar.  Storing bytes in the DB via Strings is a really, really bad idea, since null
strings and unicode characters can really mess you up.

The stuff in cr.co.arquetipos.crypto.* is all inherited, so I haven't worked with it directly.  I'll
add a unit test tomorrow morning along the lines of the one you had—there were original unit tests,
including some that covered the Blowfish code, but they were lost in the conversion to svn.codehaus.org.

~~ Robert.

SanjayGupta wrote:

> Hi, I am using crypto plugin to encrypt/decrypt credit card. The decryption
> doesn't work for some credit card numbers. What I am doing wrong. The oracle
> database column that stores the encrypted cc is typed as varchar. Do I need
> to store it as bytearray? Here is my code.
> Thanks
> Sanjay
>
>
>     private String encryptInfo(String plainString)
>     {
>         String password = ConfigurationHolder.config.encryptionPassword
>         String decryptedString
>         byte[] encrypted = Blowfish.encrypt(plainString.getBytes(),
> password)
>         decryptedString = new String(encrypted)
>         return decryptedString
>
>     }
>     private String decryptInfo(String encryptedString)
>     {
>         log.debug "in decryptInfo"
>         String password = ConfigurationHolder.config.encryptionPassword
>         byte[] encryptedStringByteArray = encryptedString.getBytes()
>         def decrypted = Blowfish.decrypt(encryptedStringByteArray, password)
>         String decryptedString = ""
>         decryptedString = (new String (decrypted)).trim()
>         return decryptedString
>     }
>
>

--
~~ Robert Fischer, Smokejumper IT Consulting.
Enfranchised Mind Blog http://EnfranchisedMind.com/blog

Check out my book, "Grails Persistence with GORM and GSQL"!
http://www.smokejumperit.com/redirect.html

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: Crypto Plugin

SanjayGupta
Hi Robert,
I changed my encryption to base64 and it works fine Now. Thanks for your help.
Sanjay

Robert Fischer wrote
Does this code work?

def str = "Robert said this should work"
def pass = "Some password"
assertEquals(str, new String(Blowfish.decrypt(Blowfish.encrypt(str.getBytes(), pass), pass)))

If so, it's not a problem with the conversion, either from String to bytes back to String or from
plaintext to ciphertext to plaintext.

For database storage, my recommendation would be to use encryptBase64/decryptBase64 and store them
as strings/varchar.  Storing bytes in the DB via Strings is a really, really bad idea, since null
strings and unicode characters can really mess you up.

The stuff in cr.co.arquetipos.crypto.* is all inherited, so I haven't worked with it directly.  I'll
add a unit test tomorrow morning along the lines of the one you had—there were original unit tests,
including some that covered the Blowfish code, but they were lost in the conversion to svn.codehaus.org.

~~ Robert.

SanjayGupta wrote:
> Hi, I am using crypto plugin to encrypt/decrypt credit card. The decryption
> doesn't work for some credit card numbers. What I am doing wrong. The oracle
> database column that stores the encrypted cc is typed as varchar. Do I need
> to store it as bytearray? Here is my code.
> Thanks
> Sanjay
>
>
>     private String encryptInfo(String plainString)
>     {
>         String password = ConfigurationHolder.config.encryptionPassword
>         String decryptedString
>         byte[] encrypted = Blowfish.encrypt(plainString.getBytes(),
> password)
>         decryptedString = new String(encrypted)
>         return decryptedString
>
>     }
>     private String decryptInfo(String encryptedString)
>     {
>         log.debug "in decryptInfo"
>         String password = ConfigurationHolder.config.encryptionPassword
>         byte[] encryptedStringByteArray = encryptedString.getBytes()
>         def decrypted = Blowfish.decrypt(encryptedStringByteArray, password)
>         String decryptedString = ""
>         decryptedString = (new String (decrypted)).trim()
>         return decryptedString
>     }
>
>

--
~~ Robert Fischer, Smokejumper IT Consulting.
Enfranchised Mind Blog http://EnfranchisedMind.com/blog

Check out my book, "Grails Persistence with GORM and GSQL"!
http://www.smokejumperit.com/redirect.html

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email

Reply | Threaded
Open this post in threaded view
|

Re: Crypto Plugin

Ricardo J. Méndez
In reply to this post by Robert Fischer


On Tue, Jun 30, 2009 at 6:32 AM, Robert Fischer <[hidden email]> wrote:

The stuff in cr.co.arquetipos.crypto.* is all inherited, so I haven't worked with it directly.  I'll add a unit test tomorrow morning along the lines of the one you had—there were original unit tests, including some that covered the Blowfish code, but they were lost in the conversion to svn.codehaus.org.


Hello Sanjay,

Robert is correct, the pre-Grails 1.1 version of the plugin used a beta version of commons-codec that is still not integrated with Grails, and would cause clashes - that code can be brought back once Grails is using the same version of the library. Meanwhile you can find the examples here http://grails.org/Encryption+plugin - as Robert points out, it's best to use base64 encoding if you're storing them as strings.

Best,

--
Ricardo J. Méndez
http://www.arquetipos.co.cr/