Encryption questions **Suspected Bug**

Question

Hey,
Has anyone played much with encryption of files? I'm having success on my test file, but a failure on my actual file... I've been experimenting on this for 2 days...

Here is my test file:


Hello World!
This is a test of BrightScript encryption...
I hope I can get it to work!
-Kevin

Here's the command I run from my linux web server & it's response:


-bash-3.1$ openssl bf -a -A -in test.txt -out test.b64 -k RokuRocks -nosalt -p
key=7B1CB530521E7554D623E1412A2CF29F
iv =785BC65A9D7850FD

And here is my code:


    html = CreateObject("roUrlTransfer")
    ba = CreateObject("roByteArray")
    result = CreateObject("roByteArray")
    html.SetUrl("http://myserver.com/roku/test.txt")
    test = html.GetToString()
    html.SetUrl("http://myserver.com/roku/test.b64")
    b64 = html.GetToString()
    print b64
    print test
    ba.fromBase64String(b64)
'    ba.fromAsciiString(test)
    enc = CreateObject("roEVPCipher")
    ret = enc.Setup(false, "bf", "7B1CB530521E7554D623E1412A2CF29F", "785BC65A9D7850FD", 1)
    print ret
    result = enc.Process(ba)
    if result <> invalid then
        print result.toAsciiString()
'        print result.toBase64String()
    else
        print "Invalid"
    end if

Running that works perfectly both ways, setup for encryption or decryption.

When I run it with my real file, I have problems. Encryption works, and appears to match. (*EDIT* I added code, and confirmed an exact match on encrypting.) Yet decryption fails, and simply prints "Invalid". I don't know if it makes any difference, but the real file is a .brs script. Also, the real file is 745 bytes, and the real encrypted file is 1004 bytes.

Ideas anyone?

-Kevin

YungBlood · Answer

Here's a little more info that I find quite interesting... I added one period after my name in the test file, and it still worked perfectly. Yet if I add two periods after my name in the test file, it fails...

Yes, I re-encrypted the file each time to test...

Bug?

If requested, I can put these files on one of my public servers...

-Kevin

*EDIT*
Upon further testing, I've confirmed that the problem exists in the decrypting. I took my actual file that I want to use, and simply base64 encoded it, and BrightScript decoded that just fine. I have tried breaking the file into pieces, using multiple Process's, and a Final... but still no luck.

Although I could write my own encrypt/decrypt routines, they wouldn't be fast enough... The only other option I see is break the original file into 95byte chunks... (128bytes once encrypted & encoded) which is the biggest file size I've gotten to decrypt correctly... but that seems excessive...

kbenson · Answer

Have you tried doing a byte-by-byte comparison of the files?  Could it be that the GetToString() method is somehow altering it slightly, in a non-visible way (CR/LF change)?  Have you tried GetToFile and worked on the downloaded file instead?

YungBlood · Answer

To further test, I now get both the encrypted file & unencrypted file to strings.

I first take the unencrypted file, and encrypt it. Then I compare the result to the encrypted file. It matches perfectly every time.

Then I take the encrypted file, and try to decrypt it. If the original file is 95 bytes or smaller, the encrypted file will decrypt just fine. The encrypted file is 128 bytes or smaller. If it is larger, the result is Invalid.

So far, I've only been testing bf encryption.
-Kevin

YungBlood · Answer

I'm giving up on the built in decryption for now... I've tried bf & des3, and I've gotten no where. Des3 gives me more problems than bf. At least bf gives me matching encryption.

I'm including the current version of my code. And I've posted my test files on my public site. I hope someone can either find my error, or confirm this is a bug.


Sub getFiles()
    html = CreateObject("roUrlTransfer")
    ba = CreateObject("roByteArray")
    result = CreateObject("roByteArray")
    html.SetUrl("http://www.yungblood.com/roku/bad.txt")
    test = html.GetToString()
    html.SetUrl("http://www.yungblood.com/roku/bad.b64")
    b64 = html.GetToString()
    html.SetUrl("http://www.yungblood.com/roku/bad.des3")
    des3 = html.GetToString()
    print b64
    print test
    ba.fromAsciiString(test)
    enc = CreateObject("roEVPCipher")
    ret = enc.Setup(true, "bf", "7B1CB530521E7554D623E1412A2CF29F", "785BC65A9D7850FD", 1)
    print ret
    result = enc.Process(ba)
    if result <> invalid then
        if result.toBase64String() = b64 then
            print "Good Encrypt"
        else
            print "Bad Encrypt"
        end if
    else
        print "Invalid Encrypt"
    end if
    ba.fromBase64String(b64)
    enc = CreateObject("roEVPCipher")
    ret = enc.Setup(false, "bf", "7B1CB530521E7554D623E1412A2CF29F", "785BC65A9D7850FD", 1)
    print ret
    result = enc.Process(ba)
    if result <> invalid then
        if result.toAsciiString() = test then
            print "Good Decrypt"
        else
            print "Bad Decrypt"
        end if
    else
        print "Invalid Decrypt"
    end if
    ba.fromAsciiString(test)
    enc = CreateObject("roEVPCipher")
    ret = enc.Setup(true, "des3", "7B1CB530521E7554D623E1412A2CF29F785BC65A9D7850FD", "4A74A7EC4B95842A", 1)
    print ret
    result = enc.Process(ba)
    if result <> invalid then
        if result.toBase64String() = des3 then
            print "Good Encrypt"
        else
            print "Bad Encrypt"
' Can't even get Encrypt's to match... Close, but not quite.
            print des3
            print result.toBase64String()
        end if
    else
        print "Invalid Encrypt"
    end if
    ba.fromBase64String(des3)
    enc = CreateObject("roEVPCipher")
    ret = enc.Setup(false, "des3", "7B1CB530521E7554D623E1412A2CF29F785BC65A9D7850FD", "4A74A7EC4B95842A", 1)
    print ret
    result = enc.Process(ba)
    if result <> invalid then
        if result.toAsciiString() = test then
            print "Good Decrypt"
        else
            print "Bad Decrypt"
        end if
    else
        print "Invalid Decrypt"
    end if
End Sub

My set of test files are:

http://www.yungblood.com/roku/bad.txt

http://www.yungblood.com/roku/bad.b64

http://www.yungblood.com/roku/bad.des3

http://www.yungblood.com/roku/good.txt

http://www.yungblood.com/roku/good.b64

For now, I will use my own home-brew encryption/decryption...
-Kevin

RokuKevin · Answer

I just did a simple test using your "bf" cipher, key, IV, and padding setting. Works just fine for me.


Function crypto_decrypt(decryptKey As String, IV As String, text As String) As String

	crypto = CreateObject("roEVPCipher")
	crypto.Setup(false, "bf",decryptKey,IV,1)
	ba = CreateObject("roByteArray")
	ba.FromHexString(text)
	return crypto.Process(ba).ToAsciiString()

End function


Function crypto_encrypt(encryptKey As String, IV As String, text As String) As String

	crypto = CreateObject("roEVPCipher")
	crypto.Setup(true, "bf",encryptKey,IV,1)
	ba = CreateObject("roByteArray")
	ba.FromAsciiString(text)

	return lcase(crypto.Process(ba).ToHexString())
	
End function
  
    print "**************************"
    print test
    print "**************************"

    encryptKey = "7B1CB530521E7554D623E1412A2CF29F"
    IV = "785BC65A9D7850FD"
    encResult = crypto_encrypt(encryptKey, IV, test)

    print "**************************"
    print encResult
    print "**************************"

    decResult = crypto_decrypt(encryptKey, IV, encResult)

    print "**************************"
    print decResult
    print "**************************"

--Kevin

Forum Discussion

Encryption questions Suspected Bug

6 Replies

Recent Discussions

Anyone experiencing trouble adding new products?

Consumable Product?

Bif file creator

Trouble On Managing Products Page

DoRecovery API