Sn3akyP3t3 Posted February 18, 2011 Share Posted February 18, 2011 I'm trying to figure out why the return value for 128 Bit AES encryption from the AutoIt function _Crypt_EncryptData($vData, $vCryptKey, $iALG_ID) is not the same as the MySql function AES_ENCRYPTION(str,key) In my test these are the return values: MySql = 900ba94029f095c4c9834cc3c76226a8f321a6772bcef8850f2b1646509d601d AutoIt = 0x9ECB65E4F62B685D3F6749FABE6FFB5B6CD45D030D4FF9C5B391DACA0B40FC62 Why are these different values? To recreate my test perform the following: Create a table in a MySql database and title it testTable CREATE TABLE `multimedia`.`testTable` (`Email` VARCHAR( 30 ) NOT NULL) ENGINE = MYISAM ; Insert into the table the one email address to do testing on: INSERT INTO `multimedia`.`testTable` (`Email`) VALUES ('firstname.lastname@college.edu'); Run encryption against the email address to get the return value: SELECT AES_ENCRYPT( Email, '3n(ryp73d' ) FROM `testTable` WHERE Email = 'firstname.lastname@college.edu' This is the AutoIt code to generate the comparison return value. I used an Inputbox to allow copy and paste: #Include <Crypt.au3> $sPassword = "3n(ryp73d" $sString = "firstname.lastname@college.edu" Inputbox("","", _Crypt_EncryptData($sString, $sPassword, $CALG_AES_128)) Link to comment Share on other sites More sharing options...
spudw2k Posted February 18, 2011 Share Posted February 18, 2011 I couldn't find anything besides the reference manual for MySql, and it doesn't explain how they implement Rijndael encryption. I bet it is more likely a matter of how they "salt" it, versus how they handle the strings. It certainly appears to be a correct length when compared to the AutoIt result. As far as I know, the AutoIt AES implementation does no use "salt", but I could be wrong. Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX BuilderMisc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retreive SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose ArrayProjects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalcCool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF Link to comment Share on other sites More sharing options...
jchd Posted February 18, 2011 Share Posted February 18, 2011 Beware of how exactly the hash (any kind) is done each side: does it run over a UTF-8 string, a UTF-16LE string, a UTF-16BE string, some UTF-32 string, ... Both sides have to perform exactly the same hash over the same representation! This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt) Link to comment Share on other sites More sharing options...
Sn3akyP3t3 Posted February 23, 2011 Author Share Posted February 23, 2011 I'll return to this armed with the new information later and see if I can confirm that it is related to UTF8, which is the MYSQL database setting. I have much more debugging to do before I can return to this. Thanks for the tips! Link to comment Share on other sites More sharing options...
spudw2k Posted February 24, 2011 Share Posted February 24, 2011 Might not be the proffered method, but you could also just rely on the AES encryption in AutoIt if your goal is to use AutoIt for data transactions. Sounds like you might be on the right track though with the encoding. Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX BuilderMisc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retreive SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose ArrayProjects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalcCool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now