hi you mix the password and key, use
AES_ENCRYPT(<the clear password>, <the key to crypt>); AES_DECRYPT(<the crypted password>, <the key to crypt>); example > UPDATE user_profile SET > username="james" , password=AES_ENCRYPT("bond007", "sydo89") > WHERE personid=1; saves the password in the record with the id = 1 > SELECT username, AES_DECRYPT(password,"sydo89") AS psw > FROM user_profile > WHERE personid=1 retrieves the username and the clear password regards benny ----- Original Message ----- From: "Stout, Jeff" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, September 20, 2003 4:09 PM Subject: RE: Data store/extract help almost there ,still error's Thanks John, I'm trying various syntax changes but still getting Empty set mysql> INSERT INTO user_profile (userid,password) -> VALUES ("James",AES_ENCRYPT("bond","007")); Query OK, 1 row affected (0.00 sec) mysql> SELECT * FROM user_profile WHERE userid="james" AND -> AES_DECRYPT("password","bond")="007"; Empty set (0.00 sec) -----Original Message----- From: John Hopkins [mailto:[EMAIL PROTECTED] Sent: Friday, September 19, 2003 6:38 PM To: Stout, Jeff Subject: RE: Data store/extract help almost there I've been following with interest. As I understand the previous messages, you are indeed almost there Try this: mysql> INSERT INTO user_profile (userid,password) -> VALUES ("joeblow",AES_ENCRYPT("spit","swallow")); Query OK, 1 row affected (0.01 sec) mysql> SELECT * FROM user_profile WHERE userid="joeblow" AND -> AES_DECRYPT("password","swallow")="spit"; I don't have MySQL running anywhere right now, can't test it. The point is you need to decrypt what's in *password*, and compare that to the unencrypted password (entered by the user?). Hope this helps, John Hopkins Hopkins IT -----Original Message----- From: Stout, Jeff [mailto:[EMAIL PROTECTED] Sent: Friday, September 19, 2003 4:31 PM To: PF: MySQL; [EMAIL PROTECTED] Subject: RE: Data store/extract help almost there Almost there, here is the error mysql> INSERT INTO user_profile (userid,password) -> VALUES ("joeblow",AES_ENCRYPT("spit","swallow")); Query OK, 1 row affected (0.01 sec) mysql> SELECT * FROM user_profile WHERE userid="joeblow" AND -> password=AES_DECRYPT("spit","swallow"); Empty set (0.01 sec) -----Original Message----- From: PF: MySQL [mailto:[EMAIL PROTECTED] Sent: Friday, September 19, 2003 4:48 PM To: [EMAIL PROTECTED] Subject: RE: Data store/extract help !! Woops, Sorry, Phone call distracted me.... AES_ENCRYPT(string,key_string) AES_DECRYPT(string,key_string) These functions allow encryption/decryption of data using the official AES (Advanced Encryption Standard) algorithm, previously known as Rijndael. Encoding with a 128-bit key length is used, but you can extend it up to 256 bits by modifying the source. We chose 128 bits because it is much faster and it is usually secure enough. The input arguments may be any length. If either argument is NULL, the result of this function is also NULL. As AES is a block-level algorithm, padding is used to encode uneven length strings and so the result string length may be calculated as 16*(trunc(string_length/16)+1). If AES_DECRYPT() detects invalid data or incorrect padding, it returns NULL. However, it is possible for AES_DECRYPT() to return a non-NULL value (possibly garbage) if the input data or the key are invalid. You can use the AES functions to store data in an encrypted form by modifying your queries: INSERT INTO t VALUES (1,AES_ENCRYPT("text","password")); You can get even more security by not transferring the key over the connection for each query, which can be accomplished by storing it in a server side variable at connection time: SELECT @password:="my password"; INSERT INTO t VALUES (1,AES_ENCRYPT("text",@password)); AES_ENCRYPT() and AES_DECRYPT() were added in version 4.0.2, and can be considered the most cryptographically secure encryption functions currently available in MySQL. -Kevin -- MySQL Windows Mailing List For list archives: http://lists.mysql.com/win32 To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL Windows Mailing List For list archives: http://lists.mysql.com/win32 To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]