Phil Schaechter wrote:
What am I doing wrong? I encrypt a tar file and immediatly decrypt it (in a different function, however) and it is a totally borked file upon decryption. I've basically copy-pasted the example from Crypt:CBC. The only clue I have is this warning:
Use of uninitialized value in pack at /usr/local/lib/perl5/site_perl/5.8.0/Crypt/CBC.pm line 213, <STDIN> line 3.
using this:
----------- encryption ------------ $cipher = Crypt::CBC->new( {'key' => $password, 'cipher' => 'Blowfish', 'padding' => 'standard', });
open(in, "$ws/$$.new/$$.tar") || die; open(out, ">$newname") || die;
$cipher->start('encrypting');
while (read(in, $buf, 1024 ) ) { print out $cipher->crypt($buf); }
print out $cipher->finish;
close(in); close(out);
-------------------------- decryption --------------------
$cipher = Crypt::CBC->new( {'key' => $password, 'cipher' => 'Blowfish', 'padding' => 'standard', });
open (in, $cryptfile) || die; open (out, ">$workspace/$$") || die;
$cipher->start('decrypting');
while (read(in, $buf, 1024 ) ) { print out $cipher->decrypt($buf); }
print out $cipher->finish; close(in); close(out);
The warning that is given comes from the "finish" call while decrypting in the Crypt:CBC module:
sub finish (\$) { my $self = shift; my $bs = $self->{'blocksize'}; my $block = $self->{'buffer'};
$self->{civ} ||= '';
my $result; if ($self->{'decrypt'}) { #decrypting $block = pack("a$bs",$block); # pad and truncate to block size
*snip*
I just don't see what (if anything) I'm doing wrong. Since the comment appears to be talking about padding, I've tried a few different padding options with crypt:cbc, all with the same result.
I agree that seems baffling, code looks right. I am curious how the 'read' and in particular the size of the tar might be affecting things. It appears that 'read' will buffer whatever is being read (at least that is my understanding of the perldoc for it), if that buffer were then encrypted/decrypted and tacked back onto the tar file it seems that it might be corrupted by the padding?? So some tests (if you haven't already), try to just encrypt/decrypt a string of text, then a plain text file, then try without doing the 1024 buffered read, slurp the file or a smaller version tar file into a single scalar and see if that works. The only thing odd to me is the warning message you provided, which would indicate that something still thinks there is data to decrypt/encrypt when there really isn't since we know the $bs is set otherwise it would have croak'd earlier. The way CBC uses pack to build its block list has me curious how it would interact with any padding 'read' does.....
HTH, suppose its good *and* bad that I couldn't point out something obvious, sorry....
http://danconia.org
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
