Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
It's not possible to store an encrypted (serialized) value into MySQL longtext field, I get:
SQLSTATE[HY000]: General error: 1366 Incorrect string value: '\x89\xDF\x16\x09\xD1T...' for column 'keydata' at row 1HY000
It's the part of ['text'] in the serialized array, it seems not UTF-8?
Comment | File | Size | Author |
---|---|---|---|
#15 | encrypt-use-base64-by-default-2138495-14.patch | 3.15 KB | rlhawk |
#11 | encrypt-base64default-2138495-11.patch | 1.32 KB | Cellar Door |
Comments
Comment #1
gregglesCan you test this on the 7.x-2.x version?
Comment #2
Anonymous (not verified) CreditAttribution: Anonymous commentedComment #3
Anonymous (not verified) CreditAttribution: Anonymous commentedActually, it doesn't work. Same problem in 2.x dev branch. Encrypted text is not UTF8.
Comment #4
gregglesOK, so still needs work.
BTW, did you try the base64 encoding setting? I believe that makes this work out OK.
Comment #5
Anonymous (not verified) CreditAttribution: Anonymous commentedYes, that works.
Comment #6
jonloh CreditAttribution: jonloh commentedI've tried base64_encode, and when I base64_decode and decrypt, the string is empty. Is there an additional setting to support base64 function?
Comment #7
Anonymous (not verified) CreditAttribution: Anonymous commented@#6, use the function like this:
Comment #8
gregglesGiven that this seems to cause repeated problems and is super confusing to try to debug, I think we should make base64 => TRUE the default.
What do you think?
Comment #9
jonloh CreditAttribution: jonloh commented#7 Found out the reason - My decoding "steps" were wrong. It should be working fine now.
And yes, I would actually suggest to base64_encode by default, and provide an option for developer to either enable or disable.
Comment #10
Anonymous (not verified) CreditAttribution: Anonymous commentedI agree to make it default.
Comment #11
Cellar Door CreditAttribution: Cellar Door commentedI've attached a patch for this to the 2.x-dev branch. It just changes the settings check to look for a FALSE instead of TRUE. This by nature defaults it to base 64 unless someone overrides by passing in an override. Simple variable rename and check is all it took.
Comment #12
Cellar Door CreditAttribution: Cellar Door commentedForgot to update the status
Comment #13
gregglesLooks good to me. There are some uses of base64 option in encryptfapi so we probably need to have a followup issue to fix those.
I feel like the phpseclib.inc should probably also have this option added (right?). I'm not sure why it's not in there now. And we should also document this (though I realize there's currently no documentation about this option, so its a new section).
Comment #14
gregglesNeeds work for the items in #13.
* followup issue in encryptfapi
* modifying phpseclib.inc
* documentation
Comment #15
rlhawkHere's a new patch that addresses the above three work items:
1) Encrypt FAPI is no longer included in this project, so any changes will need to be done in that module.
2) I've made Base64-encoding enabled by default for phpseclib.
3) I added notes about Base64-encoding in the PHP doc blocks for the appropriate functions.
Comment #16
rlhawkChanging status to needs review.
Comment #17
gregglesOn visual review this looks solid to me.
I filed #2323313: Handle that base64 is enabled by default after #2138495 as a followup in the encrypt form api queue.
Comment #18
crashtest_ CreditAttribution: crashtest_ commentedI applied the patch, read the super interesting docblock comments, and had a merry old time trying to make anything break while using this. I did find an error in my encrypt_password module, but none here. LOOKS GREAT!
Comment #20
rlhawkCommitted and marked as fixed.