blowfish in ecb mode false ciphertext

Tue, 23 Oct 2007 07:58:19 -0700 

One of my applications broke just after i upgraded Openssl from 0.9.8d.
After several hours of debugging I realized, something is fishy around
the blowfish cipher: it just doesnt produces the same ciphertext as it
did using the 0.9.8d.

You can find the really small and stupid source code which produces
the error:

gcc -I /foobar/openssl0.9.8g/include/  y.c -c
gcc y.o -o y-0.9.8g /foobar/openssl-0.9.8g/lib/libssl.a 
/foobar/openssl-0.9.8g/ssl/lib/libcrypto.a -ldl

# ./y-0.9.8g
Input:  0x68 0x65 0x6c 0x6c 0x6f 0x20 0x77 0x6f
Output: 0x16 0x9c 0x9c 0xb6 0x4a 0x33 0xec 0xd4

Same on Windows:
Input:  0x68 0x65 0x6c 0x6c 0x6f 0x20 0x77 0x6f
Output: 0xf8 0x70 0x6a 0xca 0x9b 0xf8 0x4c 0xa1

I experienced the same behavior on linux between versions 0.9.8d and
0.9.8e, while output of 0.9.8g equals output of 0.9.8d on linux...
So its really strange.

Has anything changed in blowfish's implenetation in Openssl versions
above 0.9.8d?

#include <stdio.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

#define uint unsigned int


EVP_CIPHER_CTX * CreateEncipher(char *key, const EVP_CIPHER *c)
{
  EVP_CIPHER_CTX * ctx;
  unsigned char ivec[8];

  memset(ivec, 0, 8);
  ctx = (EVP_CIPHER_CTX *) malloc(sizeof(EVP_CIPHER_CTX));
  EVP_CIPHER_CTX_init(ctx);
  EVP_EncryptInit_ex(ctx, c, NULL, NULL, NULL );
  EVP_CIPHER_CTX_set_key_length(ctx, strlen(key));
  EVP_EncryptInit_ex(ctx, NULL, NULL, (unsigned char*)key, ivec );
  
  return ctx;
}
EVP_CIPHER_CTX * DestroyCipher(EVP_CIPHER_CTX * ctx)
{
    if (ctx != NULL)
    {
          EVP_CIPHER_CTX_cleanup(ctx);
      free(ctx);
    }
    return NULL;
}
int myencryptctx(EVP_CIPHER_CTX *ctx,unsigned char *datain,unsigned char 
*dataout,int s)
{
        int outlen = s;
    if(!EVP_EncryptUpdate(ctx, dataout, &outlen, datain, s))
        {
                return 0;
        }
        return 1;
}


/* ez a buta, egyszer hasznalatos verzioja az enkriptnek 
 * UDP csomagokhoz lesz jo. */
int myencrypt_f(char * key,unsigned char *datain,unsigned char *dataout,int s, 
const EVP_CIPHER *c)
{
    int re;
    EVP_CIPHER_CTX *ctx;

        ctx = CreateEncipher(key, c);
    re = myencryptctx(ctx, datain, dataout, s);
    
        ctx = DestroyCipher(ctx);
        
    return re;
}





int main()
{

unsigned char key[8] = "JKpsfROI";
unsigned char input[8] = "hello wo";
unsigned char output[8];
int j;

        SSL_load_error_strings();
        SSL_library_init();
        OpenSSL_add_all_ciphers();

  
        myencrypt_f(key, input, output, 8, EVP_bf_ecb());

                printf ("Input:  ");
                for (j = 0; j < 8; j++) {
           printf ("0x%02x ", input[j]);
                }
                printf ("\n");
                printf ("Output: ");
                for (j = 0; j < 8; j++) {
           printf ("0x%02x ", output[j]);
                }
                printf ("\n");


  return 0;
}

Reply via email to