jettero has asked for the wisdom of the Perl Monks concerning the following question:

I wrote cbc a while ago. I discovered recently that it's broken. I never noticed working with small files though. I really have no idea why. Am I doing something really dumb with my read() statements?

Oh... it's broken in that if you were to 

cp -v /var/log/messages .
cp -v messages tempy
cbc tempy
cbc tempy.cbc
diff tempy messages | less

[download]
they would differ greatly. I'd assume I'm having a block boundry problem, but I can't figure out why. :(

Replies are listed 'Best First'.
Re: cbc broken
by a (Friar) on Feb 11, 2001 at 09:22 UTC
    After a certain amount of fiddling (there is no Crypt::CBC on activestate and Crypt::Blowfish has no start/finish methods, for 2) it seems you may have trouble w/ padding. Blowfish encrypt/decrypt want 8 byte buffers, so I had to manually pad the last read for encrypting w/ spaces (not \0 that made my cygnus diff call it a binary file ;-) and that threw off the diff as it was missing a final \n. Winxx worked w/o the stty (so you can see passwds, though my cygnus stty (once I added it to the path) worked well) . Very important: the ever-popular binmode, on IN/OUT for encrypting and decrypting.

    I, of course, added -w/use strict, but that didn't help too much, except for complaining about your pass cache business, using pw.$_] before it was initialized and that "if @{ $todo{encrypt} } ..." didn't exist - 'course, you don't need the @{ at the checking if anything's to be encrypted stage, so its still a good idea. Soooooo, my guess: padding on the last read IN is messing up the exact return on decrypt.

    I'm constantly amazed that this stuff'll work on winxx period, maybe its not just a toy OS ... nah.

    I tested it on on 131k file - but this all may be rot if the CBC wrapper/start/finish stuff handles the padding properly.

    a

[reply]
      Hmrph... I can look into that I guess. I was pretty sure Crypt::CBC was supposed to do the block boundry padding for you. The was the whole point in using it.

      In fact, the author put this example in the pods: 

               use Crypt::CBC;
         $cipher = new Crypt::CBC('my secret key','IDEA');
         $ciphertext = $cipher->encrypt("This data is hush hush");
         $plaintext = $cipher->decrypt($ciphertext);

         $cipher->start('encrypting');
         open(F,"./BIG_FILE");
         while (read(F,$buffer,1024)) {
             print $cipher->crypt($buffer);
         }
         print $cipher->finish;

      [download]
[reply]
[d/l]
        Well, maybe IDEA and Blowfish are different that way.

        a

[reply]
Re: cbc broken
by extremely (Priest) on Feb 11, 2001 at 00:25 UTC
    don't you have to do cbc -c tempy.cbc if you want it to decrypt?

    --
    $you = new YOU;
    honk() if $you->love(perl)

[reply]
      no, if the extension is .cbc, then it'll just decrypt it. if you use -c it decrypts to stdout instead.
[reply]
Re: cbc broken
by jettero (Monsignor) on Jan 21, 2002 at 19:08 UTC
    I found the actual reason why it was broken... This is WRONG!: 
            $cipher->start('decrypting');
        while(read(IN, $buffer, 1024)) {
            if($cat_it) {
                print $cipher->decrypt($buffer);
            } else {
                print OUT $cipher->decrypt($buffer);
            }
        }
        print OUT $cipher->finish;

    [download]
    This isn't: 
            $cipher->start('decrypting');
        while(read(IN, $buffer, 1024)) {
            if($cat_it) {
                print $cipher->crypt($buffer);
            } else {
                print OUT $cipher->crypt($buffer);
            }
        }
        print OUT $cipher->finish;

    [download]
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom