bug

[rubiin]

The example in readme for transformers doesnot work. getting invalid iv length

[generalpiston]

@rubiin could you share more? There's a test for the config in the README and it's passing.

[rubiin]

i am using transformer: new EncryptionTransformer({ key: 'e41c966f21f9e1577802463f8924e6a3fe3e9751f201304213b2f845d8841d61', algorithm: 'aes-256-cbc', ivLength: 16, iv: 'ff5ac19190424b1d88f9419ef949ae56' })

in one of the entities column and saving the entity with .save . However i get

Error: Invalid IV length
    at Decipheriv.createCipherBase (internal/crypto/cipher.js:103:19)
    at Decipheriv.createCipherWithIV (internal/crypto/cipher.js:121:20)
    at new Decipheriv (internal/crypto/cipher.js:262:22)
    at Object.createDecipheriv (crypto.js:127:10)
    at Object.decryptData (/home/devina/Desktop/Projects/nodejs/Triple-A/node_modules/typeorm-encrypted/lib/crypto.js:22:29)
    at EncryptionTransformer.from (/home/devina/Desktop/Projects/nodejs/Triple-A/node_modules/typeorm-encrypted/lib/transformer.js:12:25)
    at Function.ApplyValueTransformers.transformFrom (/home/devina/Desktop/Projects/nodejs/Triple-A/node_modules/typeorm/util/ApplyValueTransformers.js:13:28)
    at PostgresDriver.prepareHydratedValue (/home/devina/Desktop/Projects/nodejs/Triple-A/node_modules/typeorm/driver/postgres/PostgresDriver.js:576:69)
    at /home/devina/Desktop/Projects/nodejs/Triple-A/node_modules/typeorm/query-builder/transformer/RawSqlResultsToEntityTransformer.js:121:56
    at Array.forEach (<anonymous>)

[rubiin]

@generalpiston

[generalpiston]

@rubiin what version of node are you using?

[rubiin]

node 12.18.0 @generalpiston

[rubiin]

also do i need to migrate after adding the transformers? its not mentioned in the readme

[generalpiston]

Transformers do not require database schema changes. If you're adding or removing tables, columns, etc. you'll need to synchronize the DB. If you're adding the transformer to an existing table, then you'll need to migrate the data. It's best to do this programmatically.

[rubiin]

i am adding a transformer to an existing table

[rubiin]

also i am still getting that error

[generalpiston]

I see. I'm guessing the problem is that the pre-existing data isn't encrypted. When the data is encrypted, the first 16 bytes (configurable) of the data is the IV. Here's a way to migrate your data:

1. Add a new column (col B) to the table. Configure the column to be encrypted. Remove the transformer from the original column (col A).
2. Write a script that queries all of the entries in the table. Set the value of col B to col A.
3. Save all the records.
4. Rename col A to something else manually.
5. Rename col B to the original name of col A manually.
6. Remove the typeorm configuration for col A.
7. Rename the typeorm configuration for col B to col A's name.
8. Remove col A (unencrypted column) from the table manually.

[rubiin]

i just created a new column and added the transformer and it worked. what could be the problem . Existing datas

[generalpiston]

@rubiin the wrong IV is being used. When decrypting, the IV is derived from the encrypted contents found in the database. If the contents aren't encrypted, then it will use the wrong IV.

I've created https://github.com/generalpiston/typeorm-encrypted/issues/20 to follow up on migrating data when adding the transformer to an existing table / column.

[rubiin]

also can you tell me how can i migrate an existing column. A code sample would be very helpful

[generalpiston]

const entities = repository.find();
entities.each(e => e.colB = e.colA);
repository.save(entities);

[rubiin]

thanks for the quick response