Hello,
I am trying to encrypt data in migrations. Just using cloak
gave me some pretty weird errors (like :crypto.strong_rand_bytes
seemed to return nil
for it ) so I am trying to replicate its functionality inline just for one migration.
Long story short, this is the problem (I am on Erlang 23.3.4.4
and Elixir 1.12.2-otp-23
):
iex(1)> :crypto.crypto_one_time_aead(:aes_256_gcm, "9hs4ndXeD4p/OkcogRyVBa4pUznauN6ZRnh4eLZgsIg=", <<95, 198, 233, 21, 58, 174, 237, 201, 33, 252, 35, 26, 168, 138, 241, 61>>, "123123123123\ndfvdfv\ndfvdfvdfv", "AES256GCM", 16, true)
** (ErlangError) Erlang error: {:badarg, {'aead.c', 90}, 'Unknown cipher'}
(crypto 4.9.0.2) :crypto.aead_cipher(:aes_256_gcm, "9hs4ndXeD4p/OkcogRyVBa4pUznauN6ZRnh4eLZgsIg=", <<95, 198, 233, 21, 58, 174, 237, 201, 33, 252, 35, 26, 168, 138, 241, 61>>, "123123123123\ndfvdfv\ndfvdfvdfv", "AES256GCM", 16, true)
One random idea that popped in my mind was to limit the IV to 12 bytes and I did but the error stays the same.
I also do this just to check:
iex(2)> :crypto.cipher_info :aes_256_gcm
%{block_size: 1, iv_length: 12, key_length: 32, mode: :gcm_mode, type: 901}
And this:
iex(3)> :crypto.supports(:ciphers)
[:chacha20, :blowfish_ecb, :blowfish_ofb64, :blowfish_cfb64, :blowfish_cbc,
:des_ecb, :rc2_cbc, :aes_192_cbc, :aes_256_cfb128, :aes_192_cfb128,
:aes_256_cfb8, :aes_192_cfb8, :aes_256_ecb, :aes_192_ecb, :aes_256_cbc,
:des_ede3_cfb, :aes_128_ecb, :aes_128_cfb128, :aes_128_cfb8, :aes_128_cbc,
:aes_256_ccm, :aes_192_gcm, :aes_192_ccm, :aes_128_ccm, :des_cfb, :des_cbc,
:rc4, :aes_ige256, :aes_256_ctr, :aes_192_ctr, :aes_128_ctr,
:chacha20_poly1305, :aes_256_gcm, :aes_128_gcm, :des_ede3_cbc]
I am completely lost. Can anyone help? (@voltone hope you don’t mind me tagging you)