in reply to Re^6: line by line Encryption fun with Crypt::CBC and Rijndael? File Ownership issues? (code)
in thread line by line Encryption fun with Crypt::CBC and Rijndael? File Ownership issues?

If I have to encrypt something on an outside machine and decrypt it at my end (using the encrypter and decrypter above), do they both have to be the same endian?

If you store 0x11223344 into the file, you'd rather not read 0x44332211 from the file.

Thank you very much for your help. I changed the pack/unpack to little-endian order and that worked

I used 'N', which produces the same encoding on all systems. Why did you change it?

Could I use your recommendation above to encrypt and decrypt large files (about 3 million records) or would you have any suggestions or reference points you could guide me to?

The format is efficient for appending records semi-frequently, but it's quite wasteful otherwise. Your 300MB might very well take up 600MB, and it could take a while to decode.

If you have a write-once-read-often scenario, you'd be better off converting the record file into a normal (single encryption session) file before doing your reading.

An alternative to the entire approach would be to have a persistent deamon which handles writting to the file (as a single encryption session). This would definitely be better if you had a near-constant stream of records to write.

my entire charset on the terminal gets funky.

Programs control the terminal by sending special character sequences in-band. The encrypted data can contain any characters, including some that resemble terminal control sequences.

more and/or less replace "dangerous" characters with representative glyphs. There's also od.

  • Comment on Re^7: line by line Encryption fun with Crypt::CBC and Rijndael? File Ownership issues? (code)
  • Select or Download Code

Replies are listed 'Best First'.
Re^8: line by line Encryption fun with Crypt::CBC and Rijndael? File Ownership issues? (code)
by samip (Novice) on Jul 31, 2008 at 14:57 UTC
    I used 'N', which produces the same encoding on all systems. Why did you change it?

    On one server I couldn't use 'N' or 'Q'. It gave me an invalid-type error. I can understand 'Q' not working, but I am not sure why 'N' did not work. It worked everywhere else.

    I am now trying to decrypt a file that is encrypted using the BlowfishNET 2.1.2 library from http://www.hotpixel.net/software.html using the BlowfishSimple class. (The people encrypting the file don't use PERL, but I do.) The README for the above-mentioned says:

    "For efficiency the given string will be UTF-8 encoded and padded to the next 8byte block border. The CBC IV plus the encrypted data will then be BASE64 encoded and returned as the final encryption result."

    Based upon my understanding so-far I am trying to use the following approach to decrypt the data without success:

    • Decode using MIME::Base64::decode. I am unsure here as to whether I have to decode the entire file or 57 bytes at a time. Would you have any suggestions?
    • Read 8 bytes at a time and decode the string using utf8::decode($string). In your read_uint32, I'm changing return (unpack('N', read_bytes($fh, 4))); to return utf8::decode(read_bytes($fh, 4));

    Thank you very much for your help and comments.

[reply]
[d/l]
[select]

      First, could you confirm that you really need to ability to append record to an existing encrypted file?

      Using my appendable format (which means you undid the Base64 encoding before storing the data): 

      utf8::decode( my $s = $cipher->decrypt( read_str($fh) ) );

      [download]

      Using my appendable format, but left the data Base64-endoded: 

      utf8::decode( my $s = $cipher->decrypt( decode_base64 ( read_str($fh) 
+) ) );

      [download]

      If you just dumped the return value of your encrypter to a file: 

      local $/;
utf8::decode( my $s = $cipher->decrypt( decode_base64 ( <$fh> ) ) );

      [download]
[reply]
[d/l]
[select]

        Thank you for your help.

        First, could you confirm that you really need to ability to append record to an existing encrypted file? If I understand the question correctly; not always, but maybe at times and therefore I have to code that in.

        I still cannot get it to decrypt the file that is encrypted using BlowfishNET 2.1.2. Here is the code that includes your most recent updates as well. Pardon the long variable names. 

        sub encryptData {
    my ( $cObject ) = @_;
    my $buffer;

    open(PLAINTEXT, "<", $plaintextReadFileName) || die("Cannot open f
+ile $plaintextReadFileName");
    binmode PLAINTEXT;
    flock PLAINTEXT, LOCK_SH;

    open(my $fhENCRYPTEDFILE, ">", $encryptedFileName) || die("Cannot 
+open file $encryptedFileName");
    binmode $fhENCRYPTEDFILE;
    flock $fhENCRYPTEDFILE, LOCK_EX;

    while (read(PLAINTEXT,$buffer,4)) {
        utf8::encode($buffer) if ($type eq "utf8base64");
        $buffer = $cObject->encrypt($buffer);
        print $fhENCRYPTEDFILE (pack('N', length($buffer)), $buffer);
    }
    close PLAINTEXT;
    close $fhENCRYPTEDFILE;

    print "Encrypted $plaintextReadFileName to $encryptedFileName.";
}

sub encodeData {
    open(my $fhENCRYPTEDFILE, "<", $encryptedFileName) || die("Cannot 
+open file $encryptedFileName");
    binmode $fhENCRYPTEDFILE;
    flock $fhENCRYPTEDFILE, LOCK_EX;

    open(my $fhENCODEDnENCRYPTEDFILE, ">", $encodedFileName) || die("C
+annot open file $encodedFileName");
    binmode $fhENCODEDnENCRYPTEDFILE;
    flock $fhENCODEDnENCRYPTEDFILE, LOCK_EX;

    if ($type eq "utf8base64") {
        $utf8base64EncryptedFile = do { local( $/ ) ; <$fhENCRYPTEDFIL
+E> } ;
        print $fhENCODEDnENCRYPTEDFILE encode_base64($utf8base64Encryp
+tedFile);
    }

    close $fhENCRYPTEDFILE;
    close $fhENCODEDnENCRYPTEDFILE;

    print "Encoded $encryptedFileName to $encodedFileName.";
}

sub decodeData {
    open(my $fhENCODEDFILE, "<", $encodedFileName) || die("Cannot open
+ file $encodedFileName");
    binmode $fhENCODEDFILE;
    flock $fhENCODEDFILE, LOCK_EX;

    open(my $fhDECODEDFILE, ">", $decodedFileName) || die("Cannot open
+ file $decodedFileName");
    binmode $fhDECODEDFILE;
    flock $fhDECODEDFILE, LOCK_EX;

    $utf8base64EncodedFile = do { local( $/ ) ; <$fhENCODEDFILE> } ;
    print $fhDECODEDFILE decode_base64($utf8base64EncodedFile);

    close $fhENCODEDFILE;
    close $fhDECODEDFILE;

    print "Decoded $encodedFileName to $decodedFileName.";
}

sub decryptData {
    my $cObject = shift;
    my ( $length, $buffer );

    open( my $fhREADFROM, "<", $decodedFileName ) || die("Cannot open 
+encrypted file $decodedFileName");
    binmode $fhREADFROM;
    flock $fhREADFROM, LOCK_SH;

    open( finalFile, ">", $decryptedFileName ) || die("Cannot open fil
+e $decryptedFileName to write decrypted contents");
    binmode finalFile;
    flock finalFile, LOCK_EX;

    while (!eof($fhREADFROM)) {
        $length = unpack('N', read_bytes($fhREADFROM, 4));
        $buffer = read_bytes($fhREADFROM, $length);
        utf8::decode( my $str = $cObject->decrypt( $buffer ) );
        print finalFile $str;
    }

    close $fhREADFROM;
    close finalFile;
    print "Decrypted $decodedFileName to $decryptedFileName.";
}

sub read_bytes {
    my ($fh, $to_read) = @_;
    my $buf = '';
    while ($to_read) {
        my $bytes_read = read($fh, $buf, $to_read, length($buf));
        die("$!\n") if !defined($bytes_read);
        die("Unexpected end of file\n") if !$bytes_read;
        $to_read -= $bytes_read;
    }
    return $buf;
}

encryptData($cObject);
encodeData() if ($type eq "utf8base64");
decodeData() if ($type eq "utf8base64");
decryptData($cObject);

        [download]

        Just to clarify; the encrypt, encode, decode and decrypt functions do work if I do all the encryption, encoding, decoding and decryption on my end. However, I can't get it to decrypt the file that is encrypted using the BlowfishNET 2.1.2 library from http://www.hotpixel.net/software.html using the BlowfishSimple class. I'll paste the README here again:

        "For efficiency the given string will be UTF-8 encoded and padded to the next 8byte block border. The CBC IV plus the encrypted data will then be BASE64 encoded and returned as the final encryption result."

        I am confused and hope you can clarify.

        I assume encryption is performed in the following order based upon what the README for the BlowfishNET 2.1.2 library says:

        • UTF-8 encoded
        • Encrypted
        • Padded to next 8-byte block border
        • BASE64 encoded (slurping)

        Now, while decrypting, I was trying to go in the following order:

        • BASE64 decoded (slurping)
        • Unpack next 8-byte block border
        • Decrypt
        • UTF8 decoded

        What am I missing here? Am I not using unpack correctly for my purpose? Could you please help me understand the following line: $length = unpack('N', read_bytes($fhREADFROM, 4)); What would the value of $buf be in the call to read_bytes here? Thanks again for your help.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom