I have a database containing encrypted SSNs which were encrypted using two different methods. The current implementation encrypts/decrypts without issue, however, attempting to decrypt legacy SSNs will always returns a blank string. Looking through the source control, it appears that they originally encrypted using ActiveSupport::MessageEncryptor#encrypt ActiveSupport::MessageEncryptor#decrypt like so:
Setup:
require 'active_support'
# 128 character hex string for the key
KEY = '11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111'
ENCRYPTOR = ActiveSupport::MessageEncryptor.new(KEY)
Decryption:
# All of the undecryptable SSNs are 50 characters
fake_legacy_encrypted_ssn = 'BVWR7PWl2/kuZ6d75/cnwv==--qMADiBu8XoRqn72tug1zaQ=='
ENCRYPTOR.decrypt(fake_legacy_encrypted_ssn)
#=> ""
Encryption:
# Encrypting an SSN returns a 70 characters string, meaning I'm not using the same encryption method?
fake_ssn = '123456789'
ENCRYPTOR.encrypt(fake_ssn)
#=> "Jz0xBXBIC+Pcb6krjopgNcsLcRPPAYytx8Wgn6snqT8=--6rAk3w58N+vRpmpuSEsTvA=="
I have tried installing previous versions of activesupport to hopefully find a different default encryption method other than aes-128-cbc implemented, but no such luck. Might anyone have any suggestions on how to go about decrypting these old SSN values?
Aucun commentaire:
Enregistrer un commentaire