LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   NCrypt - unable to use Serpent (?) (https://www.linuxquestions.org/questions/linux-security-4/ncrypt-unable-to-use-serpent-4175510380/)

paziulek 07-07-2014 10:26 AM
NCrypt - unable to use Serpent (?)
 
Hi all,

I have been using ncrypt ( 0.5.5, 0.6.11, 0.7.0 ) with Rijndael/aes.
After en-/de-crypting using Serpent the contents of the file turns into garbage:

Code:

$ ncrypt -e -s -i NEWS -o NEWS.ncr
$ ncrypt -d -s -i NEWS.ncr -o NEWS.dec

$ md5sum NEWS*
2ca37b5f91a097415ab4a9cf35034039  NEWS
2ac5e53cdc14166e2106d2a319858337  NEWS.dec
b401ee66fd6e08091f36ea4a27dd916c  NEWS.ncr
I tried to do the same on a 32bit box, same result. I also imported the key ( -k ) from a file... no difference.

Any ideas?

Mike

paziulek 07-07-2014 10:56 AM
I did recompile 0.6.11 on a 32bit box ( statically ) and moved it to the 64bit... it en- & de-crypts properly...

I got no idea what is going on...


gcc on 64bit:
Quote:
$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.2/gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-pc-linux-gnu/4.5.2/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /var/tmp/portage/sys-devel/gcc-4.5.2/work/gcc-4.5.2/configure --prefix=/usr --bindir=/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.2 --includedir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.2/include --datadir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.2 --mandir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.2/man --infodir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.2/info --with-gxx-include-dir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.2/include/g++-v4 --host=x86_64-pc-linux-gnu --build=x86_64-pc-linux-gnu --disable-altivec --disable-fixed-point --without-ppl --without-cloog --disable-lto --enable-nls --without-included-gettext --with-system-zlib --disable-werror --enable-secureplt --enable-multilib --enable-libmudflap --disable-libssp --enable-libgomp --enable-cld --with-python-dir=/share/gcc-data/x86_64-pc-linux-gnu/4.5.2/python --enable-checking=release --disable-libgcj --enable-languages=c,c++,fortran --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu --with-bugurl=http://bugs.gentoo.org/ --with-pkgversion='Gentoo 4.5.2 p1.1, pie-0.4.5'
Thread model: posix
gcc version 4.5.2 (Gentoo 4.5.2 p1.1, pie-0.4.5)

and 32:
Quote:
$ gcc -v
Using built-in specs.
Target: i686-pc-linux-gnu
Configured with: /var/tmp/portage/sys-devel/gcc-4.4.3-r2/work/gcc-4.4.3/configure --prefix=/usr --bindir=/usr/i686-pc-linux-gnu/gcc-bin/4.4.3 --includedir=/usr/lib/gcc/i686-pc-linux-gnu/4.4.3/include --datadir=/usr/share/gcc-data/i686-pc-linux-gnu/4.4.3 --mandir=/usr/share/gcc-data/i686-pc-linux-gnu/4.4.3/man --infodir=/usr/share/gcc-data/i686-pc-linux-gnu/4.4.3/info --with-gxx-include-dir=/usr/lib/gcc/i686-pc-linux-gnu/4.4.3/include/g++-v4 --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --disable-altivec --disable-fixed-point --without-ppl --without-cloog --enable-nls --without-included-gettext --with-system-zlib --disable-werror --enable-secureplt --disable-multilib --enable-libmudflap --disable-libssp --enable-libgomp --with-python-dir=/share/gcc-data/i686-pc-linux-gnu/4.4.3/python --enable-checking=release --disable-libgcj --with-arch=i686 --enable-languages=c,c++,fortran --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu --with-bugurl=http://bugs.gentoo.org/ --with-pkgversion='Gentoo 4.4.3-r2 p1.2'
Thread model: posix
gcc version 4.4.3 (Gentoo 4.4.3-r2 p1.2)

metaschima 07-07-2014 11:01 AM
ncrypt was last updated in 2005. You may want to migrate to something else.

I can confirm that the ncrypt serpent implementation is broken. I suppose I could try to fix it, but it is better just to find another program.

paziulek 07-07-2014 11:10 AM
Quote:
Originally Posted by metaschima (Post 5200026)
ncrypt was last updated in 2005. You may want to migrate to something else.

I can confirm that the ncrypt serpent implementation is broken. I suppose I could try to fix it, but it is better just to find another program.
Thank you very much!
I thought the system hardware is broken....

Well, the 32bit static works fine(if there is a need for that) - otherwise I will find an alternative...

Thanks again!

Mike

metaschima 07-07-2014 11:48 AM
I fixed it, but let me clean the code up a bit and I'll post the solution.

They used 'unsigned long' which is 4 bytes on 32-bit systems and 8-bytes on 64-bit systems. So, I removed all 'unsigned long' and replaced them with 'uint32_t' from the stdint.h standard library definition. This fixes the problem.

metaschima 07-07-2014 12:37 PM
1 Attachment(s)
Ok, I attached a working version of ncrypt. Change the ending to '.txz' and extract it. It should compile and work now.

I couldn't fix all the type conversion warnings, but they're not serious.

paziulek 07-08-2014 10:19 AM
Quote:
Originally Posted by metaschima (Post 5200069)
Ok, I attached a working version of ncrypt. Change the ending to '.txz' and extract it. It should compile and work now.

I couldn't fix all the type conversion warnings, but they're not serious.


Perfect! Thank you metaschima !

EDIT:

There is one problem with the modified code: it does not accept passwords imported from a file...

ncrypt: unable to find a password in file ./a


All times are GMT -5. The time now is 01:39 AM.