John Davidson

php - Decrypt Laravel encrypted values

0 comments
Message:


I have a Laravel application that uses encrypt and decrypt with the default Laravel Encryptable trait.


Now I need to migrate the database to another one.


I've created an SQL script that handle data migration, but during the migration I need to make some checks on some fields. For example:


insert into test.table

            (valueA, valueB, valueC) 

SELECT      tb.a, tb.b, tc.c

from        db2.tableB tb

join        test.tableC tc on tb.id = tc.tb_id;



UPDATE      test.table

SET         valueD =  CASE  

            WHEN valueA = 'example' THEN 1 

            ELSE 0

END;

The problem is that some of these fields are encrypted.
For example valueA will be something like:



eyJpdiI6ImtTTUthN0dFT2N3Qkt6REdaamIyWGc9PSIsInZhbHVlIjoiakFIa0RFTVdCSU1LM1hWY3NUM0tVUT09IiwibWFjIjoiOGI1ZjY5ODVkYzMwYTIxMTExMzgyNjZmMTViNDllZTUzYWUxNzEyMWEwNmM5M2RmZDQzNzcwMDY4MjlkYzVlOCJ9



I tried to use AES_DECRYPT() using the APP_KEY I have in Laravel, but the scripts always returns null. For example:


SELECT AES_DECRYPT(from_base64(valueA),'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx') from 

test.table;

Always returns NULL.


Obviously the key is hidden for the purpose of this post.


I think that this is due to the fact that Laravel uses open_ssl when encrypting while AES_DECRYPT doesn't. Am I right?


Is there a way to decrypt the Database before running my migration script or to decrypt the value in the SELECT statement during the update?



UPDATE:


I've set up MySql in order to use "AES-256-CBC".
Keep in mind that in Laravel the APP_KEY is something like: "base64:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"


So this is what I'm doing now:


SET block_encryption_mode = 'aes-256-cbc';

SET @key_str = to_base64('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');

SET @init_vector = (SELECT LEFT(CONVERT(encryptedVal USING binary), 16)  from tableA where id =1);

SELECT encryptedVal, AES_DECRYPT(encryptedVal,@key_str,@init_vector) from tableA where id = 1;

BTW I'm still having null values.
Any help will be appreciated


My Answer:
Laravel's encryption key for decryption. Here's how you can decrypt the values in your migration script:

sql
SET @key = 'your_laravel_app_key_here';

SELECT AES_DECRYPT(FROM_BASE64(valueA), UNHEX(SHA2(@key, 512))) FROM test.table;


Make sure to replace 'your_laravel_app_key_here' with your actual Laravel encryption key. This should allow you to decrypt the values in your migration script.

Rate this post

5 of 5 based on 1459 votes

Comments



© 2024 Hayatsk.info - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us