mcrypt: what options do I have to use to be able to decrypt with libmcrypt example?

eantoranz · 07-26-2012, 02:56 PM

Hi!

I'm trying to figure out how to use libmcrypt. In libmcript's man page there's an example to encrypt/decrypt.

I'm trying to encrypt something with mcrypt to then try to use the decryption example to get the original content.

This is the decryption code:

Code:

/* First example: Encrypts stdin to stdout using TWOFISH with 128 bit key and CFB */

#include <mcrypt.h>
#include <stdio.h>
#include <stdlib.h>
/* #include <mhash.h> */

main() {

  MCRYPT td;
  int i;
  char *key;
  char password[20];
  char block_buffer;
  char *IV;
  int keysize=16; /* 128 bits */

  key=calloc(1, keysize);
  strcpy(password, "A_large_key");

/* Generate the key using the password */
/*  mhash_keygen( KEYGEN_MCRYPT, MHASH_MD5, key, keysize, NULL, 0, password, strlen(password));
*/
  memmove( key, password, strlen(password));

  td = mcrypt_module_open("twofish", NULL, "cfb", NULL);
  if (td==MCRYPT_FAILED) {
    return 1;
  }
  IV = malloc(mcrypt_enc_get_iv_size(td));

/* Put random data in IV. Note these are not real random data,
* consider using /dev/random or /dev/urandom.
*/

  /*  srand(time(0)); */
  for (i=0; i< mcrypt_enc_get_iv_size( td); i++) {
    IV[i]=rand();
  }

  i=mcrypt_generic_init( td, key, keysize, IV);
  if (i<0) {
    mcrypt_perror(i);
    return 1;
  }

  /* Encryption in CFB is performed in bytes */
  while ( fread (&block_buffer, 1, 1, stdin) == 1 ) {
      mdecrypt_generic (td, &block_buffer, 1);  

      fwrite ( &block_buffer, 1, 1, stdout);
  }

/* Deinit the encryption thread, and unload the module */
  mcrypt_generic_end(td);

  return 0;

}

So, I try to encrypt with mcrypt like this:

Code:

$ mcrypt -b -a twofish -m cfb -s 16 Net_URL2-2.0.0.tgz
mcrypt: Net_URL2-2.0.0.tgz.nc already exists; do you wish to overwrite (y or n)?y
Enter the passphrase (maximum of 512 characters)
Please use a combination of upper and lower case letters and numbers.
Enter passphrase: 
Enter passphrase: 

File Net_URL2-2.0.0.tgz was encrypted.

First thing I notice is that the file size of the encrypted result is not the same of the original file. If I encrypt it with the equivalent example from libmcrypts man page, the result has the same length.

Then, when I try to decrypt it with the example decryption algorithm (as I said) I don't get the original content.

I'm not sure about this but I think that mcrypt includes at the end of the encrypted file a hash that is not being handled correctly by the example decryption code? How can I skip it from being included by mcrypt?

Thanks in advance.

ntubski · 07-26-2012, 04:56 PM

Quote:

This is the decryption code:
...
/* Put random data in IV.
...

That won't work: you have to use same IV as the encryption.

Quote:

First thing I notice is that the file size of the encrypted result is not the same of the original file. If I encrypt it with the equivalent example from libmcrypts man page, the result has the same length.

Then, when I try to decrypt it with the example decryption algorithm (as I said) I don't get the original content.

I'm not sure about this but I think that mcrypt includes at the end of the encrypted file a hash that is not being handled correctly by the example decryption code? How can I skip it from being included by mcrypt?

From what I can see in the mcrypt code it puts the IV at the front of the file, it's unfortunate that the man page example doesn't do this.

Code:

encrypt_general(char *algorithm, char *fromfile, char *tofile, char *key)
{
...
    if (_mcrypt_iv_is_needed(td, mode, noiv) != 0) {
       if (write_iv(TOF, IV, mcrypt_enc_get_iv_size(td)) != 0) {
          err_crit("Error writing file\n");
          return -1;
       }
    }
...
}

decrypt_general(char *algorithm, char *fromfile, char *tofile, char *key)
{
...
    if (_mcrypt_iv_is_needed(td, mode, noiv) != 0) {
       IV = read_iv(FROMF, mcrypt_enc_get_iv_size(td));
    }
...
}