Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Hi,
I'm trying to encrypt profile fields but I can't make it work.
I have installed Encrypt with configuration:
Encryption method settings -> Mcrypt AES (CBC Mode)
Key Provider -> Drupal encrypt_drupal_variable_key variable
settings.php -> $conf['encrypt_drupal_variable_key'] = 'u1xnyr5zFzGj92do6gZHL72IQjmF1Omqepmba7FwJNI';
I always get: Encryption failed because the key is not the right size, no matter the size of encrypt_drupal_variable_key I use. Could I have one working example of this key?
Thank you!
Comments
Comment #2
rlhawkIt looks as though your key is Base64-encoded, but you're missing a trailing "=".
Comment #3
jeepster CreditAttribution: jeepster commentedthanks, @rlhawk
where am i missing this "=" ???
$conf['encrypt_drupal_variable_key'] = 'u1xnyr5zFzGj92do6gZHL72IQjmF1Omqepmba7FwJNI';
Comment #4
jeepster CreditAttribution: jeepster commentedIn Additional Key Provider Settings I selected Variable contents; I don't know exactly what it means bit if I select Base64 decode I have this error:
Data too long for column 'field_first_name_value' at row 1 :(
Comment #5
rlhawkThe "=" should be the last character of the key.
If the database column can't support the length of the encrypted field value, you will need to alter the column definition.
Comment #6
jeepster CreditAttribution: jeepster commentedYou're right, now I have ok the key but I would have to alter the column definition.
Comment #7
jeepster CreditAttribution: jeepster commentedChanging the database column worked for encryption but now I have this error in decryption:
Exception: Decryption failed because the HMAC could not be validated
Any ideas? Thanks!
Comment #8
jeepster CreditAttribution: jeepster commentedOk, Exception: Decryption failed because the HMAC could not be validated shows up when there not encrypted text to decrypt.
Anyway, decrypt does not work either.
I have this field_first_name_value: a:6:{s:4:"text";s:128:"X1b6pVhtryS65NP2SbWCNcleYiwExkDPu31ybzepYUxbmmEjZ+TfEBeyeMUYq5I7xUi/mDCAEcjuCLyjcL3f87wzYXtajwe1/Bt1Hv9WPDHwWKyw4YsZp1QUW8kpHuNQ";s:6:"method";s:14:"mcrypt_aes_cbc";s:12:"key_provider";s:15:"drupal_variable";s:7:"options";a:0:{}s:15:"method_settings";s:0:"";s:17:"provider_settings";a:1:{s:6:"method";s:13:"base64_decode";}}
And decrypt (this) returns the same...
Comment #9
jeepster CreditAttribution: jeepster commentedMy fault, module is decrypting ok. Thanks @rlhawk for your help :)
Comment #10
rlhawkComment #11
Cellar Door CreditAttribution: Cellar Door commentedJust catching up on this ticket - One thing to caution is you've posted the key to the public forum here so you'll want to be sure not to use this key again (hopefully it's just an example key). If you want, Lockr can create cryptographically secure keys to help you out or you can roll it with a new random cryptographic key rotator.
Just wanted to make sure your data is safe and this isn't a key used anywhere sensitive.
Comment #12
jeepster CreditAttribution: jeepster commentedYes, @Cellar Door, it was an example key, I have a new (hopefully secure) key.
Thank you very much for your concern.
Comment #13
jeepster CreditAttribution: jeepster commented@rlhawk, may I ask you about Encrypt User? I saw it is in sandbox and it would be perfect for my project but I have doubts, are the bugs already fixed? is it working ok?
thank you!
Comment #14
rlhawkHmm, I'm actually not sure about that. I wouldn't feel comfortable recommending it, without a quick review.
Comment #15
jeepster CreditAttribution: jeepster commentedok, thanks, @rlhawk!!