in reply to cbc broken

After a certain amount of fiddling (there is no Crypt::CBC on activestate and Crypt::Blowfish has no start/finish methods, for 2) it seems you may have trouble w/ padding. Blowfish encrypt/decrypt want 8 byte buffers, so I had to manually pad the last read for encrypting w/ spaces (not \0 that made my cygnus diff call it a binary file ;-) and that threw off the diff as it was missing a final \n. Winxx worked w/o the stty (so you can see passwds, though my cygnus stty (once I added it to the path) worked well) . Very important: the ever-popular binmode, on IN/OUT for encrypting and decrypting.

I, of course, added -w/use strict, but that didn't help too much, except for complaining about your pass cache business, using pw.$_] before it was initialized and that "if @{ $todo{encrypt} } ..." didn't exist - 'course, you don't need the @{ at the checking if anything's to be encrypted stage, so its still a good idea. Soooooo, my guess: padding on the last read IN is messing up the exact return on decrypt.

I'm constantly amazed that this stuff'll work on winxx period, maybe its not just a toy OS ... nah.

I tested it on on 131k file - but this all may be rot if the CBC wrapper/start/finish stuff handles the padding properly.

a

Replies are listed 'Best First'.
Re: Re: cbc broken
by jettero (Monsignor) on Feb 11, 2001 at 20:11 UTC
    Hmrph... I can look into that I guess. I was pretty sure Crypt::CBC was supposed to do the block boundry padding for you. The was the whole point in using it.

    In fact, the author put this example in the pods: 

             use Crypt::CBC;
         $cipher = new Crypt::CBC('my secret key','IDEA');
         $ciphertext = $cipher->encrypt("This data is hush hush");
         $plaintext = $cipher->decrypt($ciphertext);

         $cipher->start('encrypting');
         open(F,"./BIG_FILE");
         while (read(F,$buffer,1024)) {
             print $cipher->crypt($buffer);
         }
         print $cipher->finish;

    [download]
[reply]
[d/l]
      Well, maybe IDEA and Blowfish are different that way.

      a

[reply]

In Section Seekers of Perl Wisdom