LinuxQuestions.org - mcrypt: what options do I have to use to be able to decrypt with libmcrypt example?

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - mcrypt: what options do I have to use to be able to decrypt with libmcrypt example? (https://www.linuxquestions.org/questions/programming-9/mcrypt-what-options-do-i-have-to-use-to-be-able-to-decrypt-with-libmcrypt-example-4175418835/)

mcrypt: what options do I have to use to be able to decrypt with libmcrypt example?

Hi!

I'm trying to figure out how to use libmcrypt. In libmcript's man page there's an example to encrypt/decrypt.

I'm trying to encrypt something with mcrypt to then try to use the decryption example to get the original content.

This is the decryption code:

Code:

/* First example: Encrypts stdin to stdout using TWOFISH with 128 bit key and CFB */



#include <mcrypt.h>

#include <stdio.h>

#include <stdlib.h>

/* #include <mhash.h> */



main() {



  MCRYPT td;

  int i;

  char *key;

  char password[20];

  char block_buffer;

  char *IV;

  int keysize=16; /* 128 bits */



  key=calloc(1, keysize);

  strcpy(password, "A_large_key");



/* Generate the key using the password */

/*  mhash_keygen( KEYGEN_MCRYPT, MHASH_MD5, key, keysize, NULL, 0, password, strlen(password));

*/

  memmove( key, password, strlen(password));



  td = mcrypt_module_open("twofish", NULL, "cfb", NULL);

  if (td==MCRYPT_FAILED) {

    return 1;

  }

  IV = malloc(mcrypt_enc_get_iv_size(td));



/* Put random data in IV. Note these are not real random data,

* consider using /dev/random or /dev/urandom.

*/



  /*  srand(time(0)); */

  for (i=0; i< mcrypt_enc_get_iv_size( td); i++) {

    IV[i]=rand();

  }



  i=mcrypt_generic_init( td, key, keysize, IV);

  if (i<0) {

    mcrypt_perror(i);

    return 1;

  }



  /* Encryption in CFB is performed in bytes */

  while ( fread (&block_buffer, 1, 1, stdin) == 1 ) {

      mdecrypt_generic (td, &block_buffer, 1);  



      fwrite ( &block_buffer, 1, 1, stdout);

  }



/* Deinit the encryption thread, and unload the module */

  mcrypt_generic_end(td);



  return 0;



}

So, I try to encrypt with mcrypt like this:

Code:

$ mcrypt -b -a twofish -m cfb -s 16 Net_URL2-2.0.0.tgz

mcrypt: Net_URL2-2.0.0.tgz.nc already exists; do you wish to overwrite (y or n)?y

Enter the passphrase (maximum of 512 characters)

Please use a combination of upper and lower case letters and numbers.

Enter passphrase: 

Enter passphrase: 



File Net_URL2-2.0.0.tgz was encrypted.

First thing I notice is that the file size of the encrypted result is not the same of the original file. If I encrypt it with the equivalent example from libmcrypts man page, the result has the same length.

Then, when I try to decrypt it with the example decryption algorithm (as I said) I don't get the original content.

I'm not sure about this but I think that mcrypt includes at the end of the encrypted file a hash that is not being handled correctly by the example decryption code? How can I skip it from being included by mcrypt?

Thanks in advance.

Quote:

This is the decryption code:
...
/* Put random data in IV.
...

That won't work: you have to use same IV as the encryption.

Quote:

From what I can see in the mcrypt code it puts the IV at the front of the file, it's unfortunate that the man page example doesn't do this.

Code:

encrypt_general(char *algorithm, char *fromfile, char *tofile, char *key)

{

...

    if (_mcrypt_iv_is_needed(td, mode, noiv) != 0) {

      if (write_iv(TOF, IV, mcrypt_enc_get_iv_size(td)) != 0) {

          err_crit("Error writing file\n");

          return -1;

      }

    }

...

}



decrypt_general(char *algorithm, char *fromfile, char *tofile, char *key)

{

...

    if (_mcrypt_iv_is_needed(td, mode, noiv) != 0) {

      IV = read_iv(FROMF, mcrypt_enc_get_iv_size(td));

    }

...

}