in reply to Crypt::CBC, Crypt::Rijndael - "almost" working

The way you are using Crypt::CBC, you are encoding each 1024-byte block of input independently. This produces--for Rijndael at least--a 1040 byte output for each block. So, a work-around (not recommended) would be to read 1040 bytes at a time from the encrypted file. This seems like a fragile solution since the size of the output block might change if you change ciphers or even upgrade the module.

The better solution is to not encrypt each block independently, but use the chaining feature of Crypt::CBC--which enhances security, too.

Here's the correct code. Note that I also use binmode. Yes, I'm on Windows, but it's still a good idea to use it on Unix to avoid any unwanted Unicode semantics. Also, I have commented out the 'iv' => '§%(Ml7!B'. Unless you have some specific reason not to, it's better to use a random iv.

use strict;
use warnings;
use Crypt::Rijndael;
use Crypt::CBC;
my $my_key = $ARGV[0];
my $plainfile="test2.txt";
my $cipher;
my $buffer;
my $decrypted="$plainfile.cry.txt";

# this sub makes all keysize of 32 bytes, in case the key you give is
# smaller. However, remember to use a strong key !!!
sub get32 {
        my $data = shift;
        return "\0" x ( 32 - length($data)%32 ) . $data;
 }

#--------------------------------------------------------------------
# Parameters
#--------------------------------------------------------------------
$cipher = Crypt::CBC->new( {'key'               => get32($my_key),
                              'cipher'          => 'Rijndael',
#                             'iv'              => '§%(Ml7!B',
                              'regenerate_key'  => 1,
                              'padding'         => 'standard',
#                              'prepend_iv'      => 0
                           });

#--------------------------------------------------------------------
# Encryption
#-------------------------------------------------------------------- 
open(FH_plain,"./$plainfile");
binmode FH_plain;
open(FH_crypted, ">$plainfile.cry");
binmode FH_crypted;
$cipher->start('encrypting');
while (read(FH_plain,$buffer,1024)) {
      print FH_crypted $cipher->crypt($buffer);
  }
print FH_crypted $cipher->finish;

close FH_plain;
close FH_crypted;

#--------------------------------------------------------------------
# Decryption
#--------------------------------------------------------------------

open(FH_crypted, "<$plainfile.cry");
binmode FH_crypted;
open(FH_decrypted, ">$decrypted");
binmode FH_decrypted;
$cipher->start('decrypting');
while (read(FH_crypted,$buffer,1024)) {
      print FH_decrypted $cipher->crypt($buffer); 
  }
print FH_decrypted $cipher->finish;
close FH_crypted;
close FH_decrypted;

[download]
Your "get32" function is not necessary. It doesn't add to security in any significant way, except slightly by obscurity.

Replies are listed 'Best First'.
Re: Re: Crypt::CBC, Crypt::Rijndael - "almost" working
by Frederic Lemoine (Novice) on May 26, 2003 at 14:45 UTC

    Thank you so much for your help and your very good explanation.

[reply]

In Section Seekers of Perl Wisdom