Recently I had to implement some AES256 encryption for a project I was working on and needed to do it with Perl, but also have it play nice with Oracle just in case the encryption/decryption needed to be done on the database side with SQL.

Sounds simple, but I struggled for a day or two because I wrongly chose Crypt::OpenSSL::AES instead of Crypt::Rijndael. Google seemed to fail me on that one as searching for "aes encryption perl" brings up the former package. I also tried #perl on irc.freenode.net, but that was a big fail as well. Seems you can't expect much help from the monks unless you need simple regex help.

Anywho, here's how you can accomplish this using Perl and Oracle SQL. First we'll use Perl to encrypt a string and then Base64 encode it so it's easy to manipulate and store (otherwise you'll have to deal with binary data).

Perl code

use Crypt::CBC;
use MIME::Base64;

my $cipher = Crypt::CBC->new({
	key			=> "NSTl4XsUKcOWzHVgci9vPF5jZ8Szscz7", # 256 bits
	cipher		=> "Crypt::Rijndael",
	iv			=> "a41ag2wqDSQjzexC", # 128 bits
	literal_key	=> 1,
	header		=> "none",
	keysize		=> 32 # 256/8
});

my $encrypted = $cipher->encrypt("string to encrypt");

# base64 encode so we can store in db
$encrypted = encode_base64($encrypted);

# remove trailing newline inserted by encode_base64
chomp($encrypted);

print "encrypted result: $encrypted \n";

Note that I used a static initialization vector (IV) in my example. Depending on your implementation you may want to let Crypt::Rijndael generate an IV for you. Just remove the iv and header parameters in that case.

Now you can use Oracle SQL to do the decryption. Just replace S06LglP0qfqHVcYXsLeDd1dsCQUrfCpZpJ4tYckk6Ic= with the output of the Perl encrypted string and you should be good to go.

Oracle SQL code

SET serveroutput on;

DECLARE
    encryption_type PLS_INTEGER :=
        DBMS_CRYPTO.ENCRYPT_AES256
        + DBMS_CRYPTO.CHAIN_CBC
        + DBMS_CRYPTO.PAD_PKCS5;
    key_bytes_raw       RAW (32);           -- 256 bit encryption key
    iv                  RAW(32);            -- 128 bit initialization vector
    encrypted_raw       RAW (2000);         -- stores encrypted binary text
    decrypted_raw       RAW (2000);         -- stores decrypted binary text
    decrypted_string    VARCHAR2 (200);

BEGIN
    key_bytes_raw := UTL_I18N.STRING_TO_RAW('NSTl4XsUKcOWzHVgci9vPF5jZ8Szscz7', 'AL32UTF8');
    iv := UTL_I18N.STRING_TO_RAW('a41ag2wqDSQjzexC','AL32UTF8');

    encrypted_raw := UTL_I18N.STRING_TO_RAW('S06LglP0qfqHVcYXsLeDd1dsCQUrfCpZpJ4tYckk6Ic=','AL32UTF8'); -- base64 encoded and encrypted output from perl code above
    encrypted_raw := utl_encode.base64_decode(encrypted_raw);

    DBMS_OUTPUT.PUT_LINE ('Encrypted binary string: ' || encrypted_raw);

    decrypted_raw := DBMS_CRYPTO.DECRYPT
    (
        src => encrypted_raw,
        typ => encryption_type,
        key => key_bytes_raw,
        iv  => iv
    );

    decrypted_string := UTL_I18N.RAW_TO_CHAR(decrypted_raw, 'AL32UTF8');

    DBMS_OUTPUT.PUT_LINE ('Decrypted string: ' || decrypted_string);
END;

So far so good, we can decrypt a value, but really it's not that useful if we wanted to decrypt a whole bunch of rows in a table. We can take care of that by creating a Oracle function that takes an encrypted string and returns the decrypted value we need.

CREATE OR REPLACE
  FUNCTION aes256_decrypt(
      str    IN VARCHAR2,
      key IN VARCHAR2,
      iv  IN VARCHAR2)
    RETURN VARCHAR2
  IS
  BEGIN
    DECLARE
      encryption_type PLS_INTEGER := DBMS_CRYPTO.ENCRYPT_AES256 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5;
      key_bytes_raw RAW (32);
      iv_raw RAW(32);
      encrypted_raw RAW (2000);
      decrypted_raw RAW (2000);
      decrypted_string VARCHAR2 (200);
    BEGIN
      key_bytes_raw := UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8');
      iv_raw            := UTL_I18N.STRING_TO_RAW(iv,'AL32UTF8');
      encrypted_raw := UTL_I18N.STRING_TO_RAW(str,'AL32UTF8');
      encrypted_raw := utl_encode.base64_decode(encrypted_raw);

      decrypted_raw    := DBMS_CRYPTO.DECRYPT ( src => encrypted_raw, typ => encryption_type, KEY => key_bytes_raw, iv => iv_raw );
      decrypted_string := UTL_I18N.RAW_TO_CHAR(decrypted_raw, 'AL32UTF8');
      RETURN decrypted_string;
    EXCEPTION
    WHEN OTHERS THEN
      RETURN str;
    END;
  END aes256_decrypt;

You'll notice I also included 2 additional parameters, key and iv since you might not want to leave sensitive information like that in your database. Now we can do fun stuff like decrypt an entire column in a table.

-- select all rows from users table and decrypt the email column
select aes256_decrypt(email,'NSTl4XsUKcOWzHVgci9vPF5jZ8Szscz7','a41ag2wqDSQjzexC') from users;

So after 8 months, not much as changed for ConcertsTO. I did end up porting over the initial PHP code to Kohana 3 which was quite the ordeal at the best of times. The docs suck, but it’s supposedly one of the best MVC frameworks for PHP5. Part of me wants to do a third rewrite and port it to Django, but don’t think it’s worth the effort.

I did end up adding the search/filter feature which is client side with Javascript, but it’s really CPU intensive and doesn’t work well on mobile phones. Not sure how to optimize it, got any ideas? I still have two killer features I want to add…I swear I’ll get around to them soon.

In an attempt to become more active, I started looking for a bicycle to my commute to work. I already owned a department store 21 speed CCM Riptide, but it weighed alot and was too small for me.

A friend owned a 2009 Jamis Beatnik which looked really sweet and got me interested in getting a fixed gear bike. Despite checking out 4 authorized Jamis dealers in downtown Toronto, I couldn’t find a single Beatnik. They either didn’t have much Jamis stock to begin with so it had to be ordered, or the dealer had suspended their partnership for the year as one rep told me “Jamis has out priced themselves out of the market” which I assume meant they weren’t able to sell them because of their high price.

With the Beatnik out of the equation, I checked out some alternatives, but wasn’t impressed with the 2010 Specialized Langster (ugly colours, and heavy) or the 2010 Trek Soho S (this time just ugly, chain guard, really?)

At the end of the day I walked into Bikes on Wheels in Kensington and saw several 2010 Fuji Track Classics and one or two 2010 Surly Steamrollers. The Fuji was $499 while the the Surly was a hefty $699. I took the Fuji for a test drive and was sold.

It met my main requirements as it was light (sub 20lbs), looked good (gloss black with aluminum accents), and was relatively cheap. The biggest reason I chose to get a fixed gear bike was the cost. To get a good sub 20lbs geared bike for $499 simply isn’t possible and you’ll likely have to shell out close to $1000.

Since buying it, I’ve replaced the stock toe clip pedals with platforms and added a right hand front brake. After a week of riding without brakes, I became deathly afraid of going fast or going down the smallest of slopes as it’s simply not possible to stop a fixed gear bike without planned or skid stopping. Not sure how the couriers and hipsters are doing it, but its just not for me. I used to ride fixed when I was 10 years old and do skid stops, to the point where I had a bare patch where the inner tube was exposed, but I can’t any more. I’m still riding fixed for the work out benefit, but rely on my front brake for stopping.

Pros
Lightweight, close to 20lbs, if not less
Track bars provide several hand positions
High position crank, so no pedal strikes
Pre-drilled holes for bottle cage, and both brakes (oh the horror)

Cons
Scratches easily, cheap paint job?

Lessons learned
Riding fixed with no brakes blows
Riding on busy roads is dangerous, be very careful, and wear a helmet
Don’t signal and brake at the same time
Slow down around street car tracks, trust me

The world is meaningless, there is no God or gods, there are no morals, the universe is not moving towards any higher purpose. All meaning is man-made, so make your own, and make it well.

Do not treat life as a way to pass the time until you die. Do not try to “find yourself”, you must make yourself. Choose what you want to find meaningful and then live, create, love, hate, cry, destroy, fight and die for it. Do not let your life and your values and your actions slip easily into any mold, other than that which you create for yourself, and say with conviction, “This is who I make myself”. Do not give in to hope.

Remember that nothing you do has any significance beyond that with which you imbue it. Whatever you do, do it for its own sake.

When the universe looks on with indifference, laugh, and shout back, “Fuck You!”. Remember, that to fight meaninglessness is futile but fight anyway, despite its futility.

The world may be empty of meaning, but it is a blank canvas on which to paint meanings of your own.

Live deliberately.

You are free.

- Anon

~~~

Youth is not a time of life; it is a state of mind; it is not a matter of rosy cheeks, red lips and supple knees; it is a matter of the will, a quality of the imagination, a vigor of the emotions; it is the freshness of the deep springs of life.

Youth means a temperamental predominance of courage over timidity of the appetite, for adventure over the love of ease. This often exists in a man of sixty more than a boy of twenty. Nobody grows old merely by a number of years. We grow old by deserting our ideals.

Years may wrinkle the skin, but to give up enthusiasm wrinkles the soul. Worry, fear, self-distrust bows the heart and turns the spirit back to dust.
Whether sixty or sixteen, there is in every human being’s heart the lure of wonder, the unfailing child-like appetite of what’s next, and the joy of the game of living. In the center of your heart and my heart there is a wireless station; so long as it receives messages of beauty, hope, cheer, courage and power from men and from the infinite, so long are you young.

When the aerials are down, and your spirit is covered with snows of cynicism and the ice of pessimism, then you are grown old, even at twenty, but as long as your aerials are up, to catch the waves of optimism, there is hope you may die young at eighty.

- Samuel Ullman

ConcertsTO is a new concert ticket listing website that makes it easy to find concert tickets for upcoming events in Toronto.

Instead of checking multiple retailers for events and/or tickets, you can get all the event information you really need with a single click.

While developing it over the weekend, I aimed to keep it as simple as possible because I was unimpressed by sites like eventful.com, jambase.com, and bandsintown.com. Although feature rich, they are either cumbersome to use, missing events, or make it difficult to get a quick glimpse of who’s playing in town.

New features that I’m toying with adding include:

• Listing Massey Hall events Done.
• Video/music playback so you can easily sample the artist (ie. Youtube integration)
• Myspace integration of some sort

If you have any feedback or comments, I’d love to hear it.