Issue related to decrypt

Question

Issue related to decrypt

qkrdkwl9090 opened this issue 3 years ago · 3 comments

The library is used to encrypt data, but the basic structure is in the form of "v1.aesgcm256.~~~~~.~~~~~~~". However, if the content is decoded using online decrypt in the "AES-256-GCM" mode, the content cannot be confirmed normally.

We are concerned about problems that may arise in the future. For example, although the library has been developed and later converted, the encryption method has been changed, but the encryption of existing encrypted data cannot be broken.

First of all, if the current encryption is normal, the data will come out in a structure called "v1.aesgcm256.~~~~~.~~~~~~~", is that correct?

Answer 1 · 2022-02-17T07:44:47.000Z

I'm not sure I understand your question.

The serialised ciphertext format is defined in @47ng/cloak. For now only AES-GCM with 256bit keys is supported, but should other ciphersuites be added, the string representation would follow a similar pattern.

Answer 2 · 2022-02-18T00:54:16.000Z

I want to know if I can decrypt data without your library after using your library.

Answer 3 · 2022-02-18T07:55:10.000Z

I see. I will publish the ciphertext format in the source library.

An alternative would be BYOCipher, with hooks configurable when setting up the middleware to encrypt and decrypt (has to be string <=> string though, to keep the data type identical for Prisma and the underlying DB engine).