#3504 Storing RSA Keys in a database issue...

3.4.9
works-for-me
Marc Delisle
5
2013-06-11
2012-01-16
Paul Kirby
No

Hello All

I am one of the main developers to a browser based game and I am currently setting up an Auth server to store all the users account information,
this uses OpenSSL with RSA key pairs to talk to and from our Auth Server to Game Servers so that we only pass hash to the game servers which is then used to requiest the required user infomation, so we have secure communication between the two servers.

The issue that I am having is I am trying to store the RSA Key Certifcates into the database but when I insert all the information via the insert GUI its displays the following:
"You don't have permission to access /URLPATH/tbl_replace.php on this server."

This also happens if I try it with the root login which has full access (MySQL and Appache) so its not an access issue.

However it works fine if I add the following into the SQL GUI:
INSERT INTO `servers2` (`id`, `game`, `url`, `hash_id`, `caption`, `description`, `status`, `type`, `last_reset`, `next_reset`, `duration`, `iduration`, `cert`, `cert_pw`) VALUES
(NULL, 'gamename', 'gameurl', 'gamehash', 'gametitle', 'gamedesc', 'disabled', 'invite', '0000-00-00 00:00:00', '0000-00-00 00:00:00', 'gameduration', 0, '-----BEGIN CERTIFICATE-----\nKEYINFO_REMOVED\n-----END CERTIFICATE-----\n', '');

Also once its all inserted fine I can no longer edit that row via the GUI, however I can edit it if I use the SQL GUI and enter SQL to change the required data.

Not too sure, but I think it may be down to the '-----BEGIN CERTIFICATE-----' and the '-----END CERTIFICATE-----' that is wrapped around the Certificate data.
I can strip those lines and base64_decode the data and then store that as binary data thats works fine, but I shouldn't need to do all that, I should be able to strore it as text with the wrappers.

So is there any chance in this being fixed because I am ATM entering them in by hand while I am working on my Admin page.

Let me know if you require any more information.

Thanks in advance Paul

Discussion

1 2 3 > >> (Page 1 of 3)
  • Marc Delisle
    Marc Delisle
    2012-01-29

    Please attach here the export of your table's structure, and a screenshot taken when you are trying to insert.

     
  • Marc Delisle
    Marc Delisle
    2012-01-29

    • status: open --> pending
     
  • Paul Kirby
    Paul Kirby
    2012-01-29

    Image of the error that is displayed.

     
  • Paul Kirby
    Paul Kirby
    2012-01-29

    Hello Marc

    I have added the exported SQL information along with an image of what I am trying to insert and an image of what is displayed when I click on the Go button.

    Its down to the wrapper around the text that I am trying to insert like for example the following will fail:
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGCz+Jq+McrSuSpWLFz+/rV4sn
    yEn0JVHTWbePnS4YONCMz8K86M6X6HHVtAtxTOqMmRhZqf4jd26tjE7KeV4ySJKD
    9ueN6+QZLnC7PmlE1EEjI/MLNH87ICgO/K7b//w2cpZeZGJSAsVHwuoP/P6n4Q4H
    aQhTocpjtukcz0lwPQIDAQAB
    -----END PUBLIC KEY-----

    However the following will insert fine:
    [BEGIN PUBLIC KEY]
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGCz+Jq+McrSuSpWLFz+/rV4sn
    yEn0JVHTWbePnS4YONCMz8K86M6X6HHVtAtxTOqMmRhZqf4jd26tjE7KeV4ySJKD
    9ueN6+QZLnC7PmlE1EEjI/MLNH87ICgO/K7b//w2cpZeZGJSAsVHwuoP/P6n4Q4H
    aQhTocpjtukcz0lwPQIDAQAB
    [END PUBLIC KEY]

    It seems that phpMyAdmin doesn't like ----- (5 minuses) being used in the text.

    Its strange that it works fine when I insert it via the mysql console and by another mysql admin page, but I would like for phpMyAdmin to allow this due to its the prefered admin application for mysql.

    Let me know if there is anymore info that you require.
    Thanks in advance.
    Paul

     
  • Paul Kirby
    Paul Kirby
    2012-01-29

    • status: pending --> open
     
  • Marc Delisle
    Marc Delisle
    2012-02-01

    Paul,
    I have a problem with your keypairs.sql.txt which does not contain sql code. Try again, this time with a .sql extension.

     
  • Paul Kirby
    Paul Kirby
    2012-02-01

    It does when I download and view it...

    It has a CREATE TABLE and INSERT INTO blocks, but I will re-upload another version with the .sql extension.

     
  • Paul Kirby
    Paul Kirby
    2012-02-01

    Export SQL + 1 example record zipped

     
    Attachments
  • Paul Kirby
    Paul Kirby
    2012-02-01

    SF must be doing stuff because I am having issues uploading and test downloading it, keeps saying the files don't exist when it does, if using Fire Fox just keep clicking on the [Try Again] button and it will download.

    If you still are having issues downloading the zipped sql file then here is the CREAT TABLE block...

    CREATE TABLE IF NOT EXISTS `keypairs` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
    `owner_id` int(10) unsigned NOT NULL,
    `private_key` text NOT NULL,
    `public_key` text NOT NULL,
    `passphrase` varchar(25) NOT NULL,
    `enabled` enum('Y','N','O') NOT NULL DEFAULT 'N',
    PRIMARY KEY (`id`),
    KEY `owner_id` (`owner_id`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

    I would insert the INSERT INTO block but its very big and messy, but hopefully you can down load the zipped SQL file.

    Give me a few mins to upload the fils to my server, I am getting fedup with SF atm.

     
1 2 3 > >> (Page 1 of 3)