FAQ
What am I doing wrong? I encrypt a tar file and immediatly decrypt it (in a
different function, however) and it is a totally borked file upon decryption.
I've basically copy-pasted the example from Crypt:CBC. The only clue I have
is this warning:

Use of uninitialized value in pack at
/usr/local/lib/perl5/site_perl/5.8.0/Crypt/CBC.pm line 213, <STDIN> line 3.

using this:

----------- encryption ------------
$cipher = Crypt::CBC->new( {'key' => $password,
'cipher' => 'Blowfish',
'padding' => 'standard',
});

open(in, "$ws/$$.new/$$.tar") || die;
open(out, ">$newname") || die;

$cipher->start('encrypting');

while (read(in, $buf, 1024 ) )
{
print out $cipher->crypt($buf);
}

print out $cipher->finish;

close(in);
close(out);

-------------------------- decryption --------------------

$cipher = Crypt::CBC->new( {'key' => $password,
'cipher' => 'Blowfish',
'padding' => 'standard',
});

open (in, $cryptfile) || die;
open (out, ">$workspace/$$") || die;

$cipher->start('decrypting');

while (read(in, $buf, 1024 ) )
{
print out $cipher->decrypt($buf);
}

print out $cipher->finish;
close(in);
close(out);


The warning that is given comes from the "finish" call while decrypting in the
Crypt:CBC module:

sub finish (\$) {
my $self = shift;
my $bs = $self->{'blocksize'};
my $block = $self->{'buffer'};

$self->{civ} ||= '';

my $result;
if ($self->{'decrypt'}) { #decrypting
$block = pack("a$bs",$block); # pad and truncate to block size

*snip*

I just don't see what (if anything) I'm doing wrong. Since the comment
appears to be talking about padding, I've tried a few different padding
options with crypt:cbc, all with the same result.

-Phil

Search Discussions

  • Casey West at Dec 3, 2003 at 11:23 pm
    Hi.

    I'm in the employ of Casey West, a list admin, to assist you with your
    question. I've taken the liberty to search Google using the Subject line
    you provided in your email to the list. I hope one of the links below
    will be of service to you.

    Sadly Google hasn't given us a nice, legal API for searching newsgroups,
    so you may also want to try these searches.

    http://groups.google.com/groups?q=Perl+Crypt%3A%3ACBC
    http://groups.google.com/groups?q=Crypt%3A%3ACBC+group%3Acomp.lang.perl.*

    If you didn't get any useful results below, there's a chance your
    Subject line was not specific enough, or not detailed enough. For
    example, the following subject lines are not very good choices.

    Subject: Doubt
    Subject: HELP!
    Subject: Problem

    On the other hand, it's possible that your question is unique, or the
    search needs a human touch to get just the right results.

    Enjoy!

    Perl.org Beginners' Lists, 2 results.
    Searched: site:nntp.x.perl.org inurl:perl.beginners -inurl:show_headers Crypt::CBC

    [1] nntp.perl.org - perl.beginners (56119)
    http://nntp.x.perl.org/group/perl.beginners/56119
    ... Previous | Next | Toggle headers Newsgroups: perl.beginners
    Date: Thu, 27 Nov 2003 12:37 ... have a copy of Lincoln > Stein's
    (He wrote the Crypt::CBC module, among ...

    [2] nntp.perl.org - perl.beginners (56114)
    http://nntp.x.perl.org/group/perl.beginners/56114
    ... 0500 To: Philipp Traeder <philipp[at]hitchhackers.net> Cc:
    perl beginners <beginners[at ... I have a copy of Lincoln Stein's
    (He wrote the Crypt::CBC module, among ...

    Perl.org Lists, 10 results.
    Searched: site:nntp.x.perl.org -inurl:show_headers Crypt::CBC

    [1] nntp.perl.org - perl.crypto (49)
    http://nntp.x.perl.org/group/perl.crypto/49
    ... 08:08:51 -0400 To: Toby Stuart
    <toby.stuart[at]figtreesys.com.au> CC: "'perl-crypto[at]perl.org'"
    <perl-crypto[at]perl.org> Subject: Re: FW: Crypt::CBC w/Crypt ...

    [2] nntp.perl.org - perl.crypto (4)
    http://nntp.x.perl.org/group/perl.crypto/4
    ... pair.com> <B6F5428D.92BC%ben@rhumba.pair.com>
    <20010407172636.B557@tranceport.vipul.net> From:
    dparis[at]w3works.com (Dave Paris) Actually, Crypt::CBC uses a ...

    [3] nntp.perl.org - perl.crypto (5)
    http://nntp.x.perl.org/group/perl.crypto/5
    ... ID: <B6F60EE2.9304%ben@rhumba.pair.com> From:
    ben[at]rhumba.pair.com (Benjamin Trott) References:
    <3AD074F6.4F02F412@w3works.com> > Actually, Crypt::CBC uses a ...

    [4] nntp.perl.org - perl.daily.news (681)
    http://nntp.x.perl.org/group/perl.daily.news/681
    ... Allopass-1.04 -- A class for micro-payment system from
    Allopass * [9]Config-IniFiles-Import-0.901 *
    [10]Crypt-Anubis-1.0.4 -- Crypt::CBC-compliant block cipher ...

    [5] nntp.perl.org - perl.crypto (48)
    http://nntp.x.perl.org/group/perl.crypto/48
    ... Message-ID:
    <E07986D6888BD4118A150010B5045A5406AF81@figtree8.figsyd> To:
    "'perl-crypto[at]perl.org'" <perl-crypto[at]perl.org> Subject: FW:
    Crypt::CBC w/Crypt ...

    [6] nntp.perl.org - perl.crypto (3)
    http://nntp.x.perl.org/group/perl.crypto/3
    ... One > thing is that Crypt::CBC takes the last byte of the last
    block in the > decrypted data and treats it as an integer telling
    it how much of the last ...

    [7] nntp.perl.org - perl.crypto (46)
    http://nntp.x.perl.org/group/perl.crypto/46
    ... Erik #!/usr/bin/perl -w use IO::Socket; use Crypt::CBC; my
    $key = $ARGV[0]; $sock = new IO::Socket::INET (PeerAddr =>
    'localhost', PeerPort => 1200, Proto ...

    [8] nntp.perl.org - perl.crypto
    http://nntp.x.perl.org/group/perl.crypto
    ... 0800, 89. 49, Re: FW: Crypt::CBC w/Crypt-DES,
    dparis#w3works.com, Wed, 23 Oct 2002 08:08:51 -0400, 105. 48, FW:
    Crypt::CBC w/Crypt-DES, toby ...

    [9] nntp.perl.org - perl.crypto (25)
    http://nntp.x.perl.org/group/perl.crypto/25
    ... Previous | Next | Toggle headers Newsgroups: perl.crypto
    Subject: Crypt::CBC 2.02 not using supplied init vector To: Perl
    Asymmetric Cryptography List <pac[at ...

    [10] nntp.perl.org - perl.cpan.testers (32399)
    http://nntp.x.perl.org/group/perl.cpan.testers/32399
    ... effort. -- Crypt::CBC and some other Crypt modules (this is
    also the case with Crypt::DES) seem to be having problems
    inter-relating. ...

    search.cpan.org, 10 results.
    Searched: site:search.cpan.org Crypt::CBC

    [1] search.cpan.org: Lincoln D. Stein / Crypt-CBC
    http://search.cpan.org/search?dist=Crypt-CBC
    Lincoln D. Stein > Crypt-CBC. Crypt-CBC. This Release,
    Crypt-CBC-2.08, ... Modules.Crypt::CBC, Encrypt Data with Cipher
    Block Chaining Mode, 2.08.

    [2] search.cpan.org: Crypt::CBC - Encrypt Data with Cipher Block ...
    http://search.cpan.org/search%3Fmodule=Crypt::CBC
    Lincoln D. Stein > Crypt-CBC-2.08 > Crypt::CBC. Module Version:
    2.08 Source: ...

    [3] search.cpan.org: Crypt::Loki97 - Crypt::CBC compliant block ...
    http://search.cpan.org/search%3Fmodule=Crypt::Loki97
    ... NAME ^. Crypt::Loki97 - Crypt::CBC compliant block cipher.
    SYNOPSIS ^. ... This module supports the Crypt::CBC interface,
    with the following functions. Functions. ...

    [4] search.cpan.org: Crypt::Rainbow - Crypt::CBC-compliant block ...
    http://search.cpan.org/search%3Fmodule=Crypt::Rainbow
    ... NAME ^. Crypt::Rainbow - Crypt::CBC-compliant block cipher.
    ABSTRACT ^. ... This module supports the Crypt::CBC interface,
    with the following functions. Functions. ...

    [5] search.cpan.org: Crypt::Square - Crypt::CBC-compliant block ...
    http://search.cpan.org/search%3Fmodule=Crypt::Square
    ... NAME ^. Crypt::Square - Crypt::CBC-compliant block cipher.
    SYNOPSIS ^. ... This module supports the Crypt::CBC interface,
    with the following functions. Functions. ...

    [6] search.cpan.org: Crypt::Anubis - Crypt::CBC-compliant block ...
    http://search.cpan.org/search%3Fmodule=Crypt::Anubis
    ... NAME ^. Crypt::Anubis - Crypt::CBC-compliant block cipher.
    ABSTRACT ^. ... This module supports the Crypt::CBC interface,
    with the following functions. Functions. ...

    [7] search.cpan.org: Crypt::Twofish2 - Crypt::CBC compliant Twofish ...
    http://search.cpan.org/search%3Fmodule=Crypt::Twofish2
    ... NAME ^. Crypt::Twofish2 - Crypt::CBC compliant Twofish
    encryption module. SYNOPSIS ^. use Crypt::Twofish2; # keysize() is
    32, but 24 ...

    [8] Index of /src/LDS/Crypt-CBC-2.08
    http://search.cpan.org/src/LDS/Crypt-CBC-2.08/
    Index of /src/LDS/Crypt-CBC-2.08. Name Last modified Size Parent
    Directory - CBC.pm 11-Sep-2002 07:13 16K Changes 11-Sep-2002 07:13
    ...

    [9] search.cpan.org: Crypt::Rijndael - Crypt::CBC compliant Rijndael ...
    http://search.cpan.org/search%3Fmodule=Crypt::Rijndael
    ... NAME ^. Crypt::Rijndael - Crypt::CBC compliant Rijndael
    encryption module. SYNOPSIS ^. use Crypt::Rijndael; # keysize() is
    32, but ...

    [10] Index of /src/LDS/Crypt-CBC-2.02
    http://search.cpan.org/src/LDS/Crypt-CBC-2.02/
    Index of /src/LDS/Crypt-CBC-2.02. Name Last modified Size Parent
    Directory - CBC.pm 23-Jan-2002 23:24 16K Changes 23-Jan-2002 23:16
    ...

    Google Search, 10 results.
    Searched: Perl Crypt::CBC

    [1] RPM Search perl-Crypt-CBC-2.08-0.n0i.i386.rpm
    http://rpm.pbone.net/index.php3/idpl/712821/stat/4/com/perl-Crypt-CBC-2.08-0.n0i.i386.rpm.html
    Name : perl-Crypt-CBC, Version : 2.08, Vendor : Lincoln Stein <
    lstein_cshl_org>. ... Group : Applications/CPAN, Source RPM :
    perl-Crypt-CBC-2.08-0.n0i.src.rpm. ...

    [2] RPM Search perl-Crypt-CBC-2.08-3.noarch.rpm
    http://rpm.pbone.net/index.php3/stat/4/idpl/747245/com/perl-Crypt-CBC-2.08-3.noarch.rpm.html
    Name : perl-Crypt-CBC, Version : 2.08, Vendor : PLD. ... Group :
    Development/Languages/perl, Source RPM :
    perl-Crypt-CBC-2.08-3.src.rpm. Size : 27621, ...

    [3] perl-Crypt-CBC-2.07-23.i586 RPM
    http://rpmfind.net/linux/RPM/suse/8.1/i386/suse/i586/perl-Crypt-CBC-2.07-23.i586.html
    perl-Crypt-CBC-2.07-23 RPM for i586. ... Name: perl-Crypt-CBC,
    Distribution: SuSE Linux 8.1 (i386). ... Size: 27485, Source RPM:
    perl-Crypt-CBC-2.07-23.src.rpm. ...

    [4] perl-Crypt-CBC-2.07-66.i586 RPM
    http://rpmfind.net/linux/RPM/suse/8.2/i386/suse/i586/perl-Crypt-CBC-2.07-66.i586.html
    perl-Crypt-CBC-2.07-66 RPM for i586. ... Name: perl-Crypt-CBC,
    Distribution: SuSE Linux 8.2 (i586). ... Size: 27434, Source RPM:
    perl-Crypt-CBC-2.07-66.src.rpm. ...

    [5] Perl-Crypt-CBC - Crypt-CBC module for perl
    http://linux.maruhn.com/sec/perl-crypt-cbc.html
    Perl-Crypt-CBC - Crypt-CBC module for perl. / Linux Software
    Directory / Tool / CPAN / Perl-Crypt-CBC ... Filter list:
    *|*|perl-Crypt-CBC*. ...

    [6] Gentoo Linux -- Package listing: dev-perl/crypt-cbc
    http://www.gentoo.org/dyn/pkgs/dev-perl/crypt-cbc.xml
    dev-perl/crypt-cbc. Package name, crypt-cbc. ... View CVS
    Repository,
    http://www.gentoo.org/cgi-bin/viewcvs.cgi/dev-perl/crypt-cbc/.
    Updated Tue Nov 11 01:38:29 2003. ...

    [7] Bugtraq: Perl Crypt::CBC concern
    http://lists.insecure.org/lists/bugtraq/2000/Jun/0268.html
    Bugtraq: Perl Crypt::CBC concern. From: Darryl Miles
    (darryl_at_NETBAUDS.NET) Date: Jun 17 2000. Next message: Jerome
    ALET: "Re: XFree86 ...

    [8] Perl Crypt::CBC concern
    http://cert.uni-stuttgart.de/archive/bugtraq/2000/06/msg00296.html
    ... Perl Crypt::CBC concern. To: BUGTRAQ@SECURITYFOCUS.COM;
    Subject:Perl Crypt::CBC concern; From: Darryl Miles
    <darryl@NETBAUDS.NET>; ...

    [9] Index of /mirrors/reb00t.com/redhat-9/perl-Crypt-CBC
    http://ftp.iasi.rdsnet.ro/mirrors/reb00t.com/redhat-9/perl-Crypt-CBC/
    Index of /mirrors/reb00t.com/redhat-9/perl-Crypt-CBC. Name Last
    modified Size Parent Directory 11-Oct-2003 23:36 - perl-Crypt-CBC
    ...

    [10] perl-Crypt-CBC-2.07-66.i586 RPM
    http://rpmfind.rediris.es/rpm2html/suse-8.2/perl-Crypt-CBC-2.07-66.i586.html
    perl-Crypt-CBC-2.07-66 RPM for i586. De SuSE 8.2. Nombre:
    perl-Crypt-CBC, Distribución: SuSE Linux 8.2 (i586). Versión:
    2.07, Distribuidor ...

    --
    Automated Google Searches from Casey West
    Questions or Problems? casey@geeknest.com
  • Wiggins d'Anconia at Dec 4, 2003 at 12:58 am

    Phil Schaechter wrote:
    What am I doing wrong? I encrypt a tar file and immediatly decrypt it (in a
    different function, however) and it is a totally borked file upon decryption.
    I've basically copy-pasted the example from Crypt:CBC. The only clue I have
    is this warning:

    Use of uninitialized value in pack at
    /usr/local/lib/perl5/site_perl/5.8.0/Crypt/CBC.pm line 213, <STDIN> line 3.

    using this:

    ----------- encryption ------------
    $cipher = Crypt::CBC->new( {'key' => $password,
    'cipher' => 'Blowfish',
    'padding' => 'standard',
    });

    open(in, "$ws/$$.new/$$.tar") || die;
    open(out, ">$newname") || die;

    $cipher->start('encrypting');

    while (read(in, $buf, 1024 ) )
    {
    print out $cipher->crypt($buf);
    }

    print out $cipher->finish;

    close(in);
    close(out);

    -------------------------- decryption --------------------

    $cipher = Crypt::CBC->new( {'key' => $password,
    'cipher' => 'Blowfish',
    'padding' => 'standard',
    });

    open (in, $cryptfile) || die;
    open (out, ">$workspace/$$") || die;

    $cipher->start('decrypting');

    while (read(in, $buf, 1024 ) )
    {
    print out $cipher->decrypt($buf);
    }

    print out $cipher->finish;
    close(in);
    close(out);


    The warning that is given comes from the "finish" call while decrypting in the
    Crypt:CBC module:

    sub finish (\$) {
    my $self = shift;
    my $bs = $self->{'blocksize'};
    my $block = $self->{'buffer'};

    $self->{civ} ||= '';

    my $result;
    if ($self->{'decrypt'}) { #decrypting
    $block = pack("a$bs",$block); # pad and truncate to block size

    *snip*

    I just don't see what (if anything) I'm doing wrong. Since the comment
    appears to be talking about padding, I've tried a few different padding
    options with crypt:cbc, all with the same result.
    I agree that seems baffling, code looks right. I am curious how the
    'read' and in particular the size of the tar might be affecting things.
    It appears that 'read' will buffer whatever is being read (at least that
    is my understanding of the perldoc for it), if that buffer were then
    encrypted/decrypted and tacked back onto the tar file it seems that it
    might be corrupted by the padding?? So some tests (if you haven't
    already), try to just encrypt/decrypt a string of text, then a plain
    text file, then try without doing the 1024 buffered read, slurp the file
    or a smaller version tar file into a single scalar and see if that
    works. The only thing odd to me is the warning message you provided,
    which would indicate that something still thinks there is data to
    decrypt/encrypt when there really isn't since we know the $bs is set
    otherwise it would have croak'd earlier. The way CBC uses pack to build
    its block list has me curious how it would interact with any padding
    'read' does.....

    HTH, suppose its good *and* bad that I couldn't point out something
    obvious, sorry....

    http://danconia.org
  • Zentara at Dec 4, 2003 at 3:40 pm

    On Wed, 3 Dec 2003 15:21:24 -0800, pls@datadomain.com (Phil Schaechter) wrote:

    What am I doing wrong? I encrypt a tar file and immediatly decrypt it (in a
    different function, however) and it is a totally borked file upon decryption.
    open(in, "$ws/$$.new/$$.tar") || die;
    open(out, ">$newname") || die;
    I took your example and "tightened it up" a bit with use
    warnings; and use strict; and avoided using your $$ weirdness
    and it works fine.
    The following works:
    ###################################################
    #!/usr/bin/perl
    use warnings;
    use strict;
    use Crypt::CBC;

    ##----------- encryption ------------
    my $cipher = Crypt::CBC->new( {'key' => 'secretfoo',
    'cipher' => 'Blowfish',
    'padding' => 'standard',
    });

    open(INF, "< wtest" ) || die;
    open(OUTF, ">$0.crypt") || die;

    $cipher->start('encrypting');

    while (read(INF,my $buf, 1024 ) )
    {
    print OUTF $cipher->crypt($buf);
    }

    print OUTF $cipher->finish;

    close(INF);
    close(OUTF);

    ##-------------------------- decryption --------------------

    my $cipher1 = Crypt::CBC->new( {'key' => 'secretfoo',
    'cipher' => 'Blowfish',
    'padding' => 'standard',
    });

    open (INF1, "< $0.crypt") || die;
    open (OUTF1, ">$0.decrypt") || die;

    $cipher->start('decrypting');

    while (read(INF1,my $buf, 1024 ) )
    {
    print OUTF1 $cipher->decrypt($buf);
    }

    print OUTF1 $cipher->finish;
    close(INF1);
    close(OUTF1);

    __END__


    --
    When life conspires against you, and no longer floats your boat,
    Don't waste your time with crying, just get on your back and float.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupbeginners @
categoriesperl
postedDec 3, '03 at 11:21p
activeDec 4, '03 at 3:40p
posts4
users4
websiteperl.org

People

Translate

site design / logo © 2021 Grokbase