roEVPCipher

I tried & failed as well. I used openssl on my web server to encrypt, and tried having roku decrypt. It worked on tiny files. But anything over about 100 bytes failed. You can read more on my previous post: http://forums.roku.com/viewtopic.php?f=34&t=31055&start=0

Once the contest is over, I'll go back & revisit it when I can update the base code in my channel.

I have to stop working at 3am. Now I remember your original thread and the trouble you had. Thanks for reminding me. Years ago I wrote my own blowfish encrypt/decrypt. Maybe I'll try to dig it up and see what it would take to implement in Brightscript.

-JT

Yes, roEVPCipher works and my post on the old thread viewtopic.php?f=34&t=31055&start=0#p191480 shows an implementation of encrypting and decrypting using the blowfish cipher.

You should be able to directly run the code sample there and prove to yourself the encryption/decryption is working.

--Kevin

Yes, I was able to encrypt/decrypt using blowfish on the Roku, but trying to send an encrypted packet elsewhere and decrypting it failed. Of course that doesn't prove that there is a problem with the Roku, but I didn't want to spend too much time on it. By the way, something that doesn't give me much confidence is that the IV for bf-cbc can be set to anything and the encrypted data is the same. Encryption is one of those things I know just enough to be dangerous, but I'm hardly an expert, so the IV thing is something I don't expect, but can't say if it's incorrect.

-JT

I went ahead and tried the functions with different IV values, and did get different encrypted results that also decrypted fine....

--Kevin

    
    print "**************************"
    print test
    print "**************************"

    encryptKey = "7B1CB530521E7554D623E1412A2CF29F"
    IV = "785BC65A9D7850FD"
    encResult = crypto_encrypt(encryptKey, IV, test)

    print "**************************"
    print encResult
    print "**************************"

    decResult = crypto_decrypt(encryptKey, IV, encResult)

    print "**************************"
    print decResult
    print "**************************"


    print "**************************"
    print "New IV Value"
    print "**************************"

    IV = "83CD38AFF8901238"
    encResult = crypto_encrypt(encryptKey, IV, test)

    print "**************************"
    print encResult
    print "**************************"

    decResult = crypto_decrypt(encryptKey, IV, encResult)

    print "**************************"
    print decResult
    print "**************************"

Kevin, thanks for looking into this. Although I couldn't find my initial test code, I suspect I know what my problem was. I was probably using IVs that were not exactly 8 bytes. I was probably thinking that "1" would be extended to 64 bits, but it looks like you have to give all the leading zeroes (i.e., "0000000000000001"). I must not have ever tried an IV that was the right length. It looks like giving an IV of an improper length is the same as just using an empty string for the IV, so that's why it looked like the encrypted data was always the same.

On the php side, it's a little bit of a pain because it expects keys and vectors to be regular strings whereas the Roku uses hex strings. For anyone interested, use pack() in php to transform the hex string you use on the Roku into a key for php. For example:
rokuKey = "7B1CB530521E7554D623E1412A2CF29F"
In php:
$key = pack("H*","7B1CB530521E7554D623E1412A2CF29F");

Do the same thing with your IV.

I haven't sent any significant amount of data, but I was able to encrypt a short string on the Roku and decrypt using the php mcrypt functions.

Thanks again,
-JT