Bug #60705 [Com]: rijndael iv problem

2012-10-02 Thread miha dot vrhovnik at domenca dot com 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: miha dot vrhovnik at domenca dot com
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

Or maybe just the docs are foobar.
http://www.chilkatsoft.com/p/php_aes.txt


Previous Comments:

[2012-10-02 10:01:56] miha dot vrhovnik at domenca dot com

I have the same problem as the reporter of this bug.
However the library used to decode the data is openssl 1.0.1c and I'd really 
doubt that they messed this up.


[2012-02-26 21:30:37] erno dot kovacs at freemail dot hu

AES blocksize is constant 16 bytes, so is the IV.


[2012-02-26 21:27:16] erno dot kovacs at freemail dot hu

it seems you dont recognize the difference between the cipher block size and 
the input plaintext data...


[2012-02-26 21:25:24] erno dot kovacs at freemail dot hu

you are absolutly wrong. the iv must have the same size as the ciphers block 
size.

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation


[2012-02-26 20:11:02] a...@php.net

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.




The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

https://bugs.php.net/bug.php?id=60705


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1

Bug #60705 [Com]: rijndael iv problem

2012-10-02 Thread miha dot vrhovnik at domenca dot com 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: miha dot vrhovnik at domenca dot com
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

I have the same problem as the reporter of this bug.
However the library used to decode the data is openssl 1.0.1c and I'd really 
doubt that they messed this up.


Previous Comments:

[2012-02-26 21:30:37] erno dot kovacs at freemail dot hu

AES blocksize is constant 16 bytes, so is the IV.


[2012-02-26 21:27:16] erno dot kovacs at freemail dot hu

it seems you dont recognize the difference between the cipher block size and 
the input plaintext data...


[2012-02-26 21:25:24] erno dot kovacs at freemail dot hu

you are absolutly wrong. the iv must have the same size as the ciphers block 
size.

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation


[2012-02-26 20:11:02] a...@php.net

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.


[2012-01-10 23:08:05] erno dot kovacs at freemail dot hu

Description:

Cryptography basics: IV is always the same as the block size, which is 16 bytes 
(128 bits) in case of AES(Rijndael). However, when you use RIJNDAEL_192 or 
RIJNDAEL_256 with an IV of 16 bytes in CBC mode, you got a warning 
"mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; 
supplied length: 16, needed: 32". This is bullshit.

This way if you try to decrypt data encrypted by a 32 byte (256 bit) key with 
16 byte (128 bit) IV with RIJNDAEL_256 in CBC mode, the decrypted data is 
WRONG. Even worse, if you modify the constant to RIJNDAEL_128, it decrypts the 
ciphertext correctly. This is a major failure.

Tested with PHP 5.3.4 Win32 and 5.3.8 Linux.


Test script:
---
http://pastebin.com/X1S7bUXV

Expected result:

decrypted : hello world

decrypted : *garbage*



Actual result:
--
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size 
incorrect; supplied length: 16, needed: 32 in ...
decrypted : ц2‘в АЭ/(ѕвy7YЃƒ0z=/оч|µ8„0Г£

decrypted : hello world






-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1

Bug #60705 [Com]: rijndael iv problem

2012-02-26 Thread erno dot kovacs at freemail dot hu 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: erno dot kovacs at freemail dot hu
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

AES blocksize is constant 16 bytes, so is the IV.


Previous Comments:

[2012-02-26 21:27:16] erno dot kovacs at freemail dot hu

it seems you dont recognize the difference between the cipher block size and 
the input plaintext data...


[2012-02-26 21:25:24] erno dot kovacs at freemail dot hu

you are absolutly wrong. the iv must have the same size as the ciphers block 
size.

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation


[2012-02-26 20:11:02] a...@php.net

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.


[2012-01-10 23:08:05] erno dot kovacs at freemail dot hu

Description:

Cryptography basics: IV is always the same as the block size, which is 16 bytes 
(128 bits) in case of AES(Rijndael). However, when you use RIJNDAEL_192 or 
RIJNDAEL_256 with an IV of 16 bytes in CBC mode, you got a warning 
"mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; 
supplied length: 16, needed: 32". This is bullshit.

This way if you try to decrypt data encrypted by a 32 byte (256 bit) key with 
16 byte (128 bit) IV with RIJNDAEL_256 in CBC mode, the decrypted data is 
WRONG. Even worse, if you modify the constant to RIJNDAEL_128, it decrypts the 
ciphertext correctly. This is a major failure.

Tested with PHP 5.3.4 Win32 and 5.3.8 Linux.


Test script:
---
http://pastebin.com/X1S7bUXV

Expected result:

decrypted : hello world

decrypted : *garbage*



Actual result:
--
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size 
incorrect; supplied length: 16, needed: 32 in ...
decrypted : ц2‘в АЭ/(ѕвy7YЃƒ0z=/оч|µ8„0Г£

decrypted : hello world






-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1

Bug #60705 [Com]: rijndael iv problem

2012-02-26 Thread erno dot kovacs at freemail dot hu 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: erno dot kovacs at freemail dot hu
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

it seems you dont recognize the difference between the cipher block size and 
the input plaintext data...


Previous Comments:

[2012-02-26 21:25:24] erno dot kovacs at freemail dot hu

you are absolutly wrong. the iv must have the same size as the ciphers block 
size.

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation


[2012-02-26 20:11:02] a...@php.net

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.


[2012-01-10 23:08:05] erno dot kovacs at freemail dot hu

Description:

Cryptography basics: IV is always the same as the block size, which is 16 bytes 
(128 bits) in case of AES(Rijndael). However, when you use RIJNDAEL_192 or 
RIJNDAEL_256 with an IV of 16 bytes in CBC mode, you got a warning 
"mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; 
supplied length: 16, needed: 32". This is bullshit.

This way if you try to decrypt data encrypted by a 32 byte (256 bit) key with 
16 byte (128 bit) IV with RIJNDAEL_256 in CBC mode, the decrypted data is 
WRONG. Even worse, if you modify the constant to RIJNDAEL_128, it decrypts the 
ciphertext correctly. This is a major failure.

Tested with PHP 5.3.4 Win32 and 5.3.8 Linux.


Test script:
---
http://pastebin.com/X1S7bUXV

Expected result:

decrypted : hello world

decrypted : *garbage*



Actual result:
--
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size 
incorrect; supplied length: 16, needed: 32 in ...
decrypted : ц2‘в АЭ/(ѕвy7YЃƒ0z=/оч|µ8„0Г£

decrypted : hello world






-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1

Bug #60705 [Com]: rijndael iv problem

2012-02-26 Thread erno dot kovacs at freemail dot hu 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: erno dot kovacs at freemail dot hu
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

you are absolutly wrong. the iv must have the same size as the ciphers block 
size.

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation


Previous Comments:

[2012-02-26 20:11:02] a...@php.net

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.


[2012-01-10 23:08:05] erno dot kovacs at freemail dot hu

Description:

Cryptography basics: IV is always the same as the block size, which is 16 bytes 
(128 bits) in case of AES(Rijndael). However, when you use RIJNDAEL_192 or 
RIJNDAEL_256 with an IV of 16 bytes in CBC mode, you got a warning 
"mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; 
supplied length: 16, needed: 32". This is bullshit.

This way if you try to decrypt data encrypted by a 32 byte (256 bit) key with 
16 byte (128 bit) IV with RIJNDAEL_256 in CBC mode, the decrypted data is 
WRONG. Even worse, if you modify the constant to RIJNDAEL_128, it decrypts the 
ciphertext correctly. This is a major failure.

Tested with PHP 5.3.4 Win32 and 5.3.8 Linux.


Test script:
---
http://pastebin.com/X1S7bUXV

Expected result:

decrypted : hello world

decrypted : *garbage*



Actual result:
--
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size 
incorrect; supplied length: 16, needed: 32 in ...
decrypted : ц2‘в АЭ/(ѕвy7YЃƒ0z=/оч|µ8„0Г£

decrypted : hello world






-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1

Bug #60705 [Com]: rijndael iv problem

2012-02-26 Thread a...@php.net 
Edit report at https://bugs.php.net/bug.php?id=60705&edit=1

 ID: 60705
 Comment by: a...@php.net
 Reported by:erno dot kovacs at freemail dot hu
 Summary:rijndael iv problem
 Status: Open
 Type:   Bug
 Package:mcrypt related
 Operating System:   linux/windows
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

After looking at the mcrypt implementation it turns out, that the way you're 
doing 
that in perl is non standard. The init vector SHOULD have the same size the 
block 
does. In your case 32 bytes. Looking at some other libs, for instance 
http://msdn.microsoft.com/en-
us/library/system.security.cryptography.symmetricalgorithm.iv.aspx
the stuff is handled the same way - vi size = block size.


Previous Comments:

[2012-01-10 23:08:05] erno dot kovacs at freemail dot hu

Description:

Cryptography basics: IV is always the same as the block size, which is 16 bytes 
(128 bits) in case of AES(Rijndael). However, when you use RIJNDAEL_192 or 
RIJNDAEL_256 with an IV of 16 bytes in CBC mode, you got a warning 
"mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; 
supplied length: 16, needed: 32". This is bullshit.

This way if you try to decrypt data encrypted by a 32 byte (256 bit) key with 
16 byte (128 bit) IV with RIJNDAEL_256 in CBC mode, the decrypted data is 
WRONG. Even worse, if you modify the constant to RIJNDAEL_128, it decrypts the 
ciphertext correctly. This is a major failure.

Tested with PHP 5.3.4 Win32 and 5.3.8 Linux.


Test script:
---
http://pastebin.com/X1S7bUXV

Expected result:

decrypted : hello world

decrypted : *garbage*



Actual result:
--
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size 
incorrect; supplied length: 16, needed: 32 in ...
decrypted : ц2‘в АЭ/(ѕвy7YЃƒ0z=/оч|µ8„0Г£

decrypted : hello world






-- 
Edit this bug report at https://bugs.php.net/bug.php?id=60705&edit=1