search

binref / refinery

High Octane Triage Analysis
Other
635 stars 63 forks source link

rc5 and rc6: Add --segment-size option for CFB mode #25

Closed nmantani closed 1 year ago

nmantani commented 1 year ago

rc5 and rc6 commands fail to decrypt ciphertext encrypted by other cryptographic tools such as OpenSSL with CFB mode and vice versa because the commands does not have --segment-size (-S) option to set segment size and the default segment size value 0 (it is set in refinery/units/crypto/cipher/init.py) is incompatible with other cryptograpic tools.

The following examples are executed with Binary Refinery 0.5.9 and OpenSSL 1.1.1t on FreeBSD 13.2-stable (I used FreeBSD this time because OpenSSL 1.1.1f on Ubuntu 20.04.6 LTS does not support RC5).

Decryption with OFB mode (success):

$ echo "This is a secret message." | openssl enc -e -rc5-ofb -K 30313233343536373839616263646566 -iv 3031323334353637 | rc5 -m ofb -i 01234567 0123456789abcdef | xxd
00000000: 5468 6973 2069 7320 6120 7365 6372 6574  This is a secret
00000010: 206d 6573 7361 6765 2e0a                  message..
$

Decryption with CFB mode without --segment-size option (failure):

$ echo "This is a secret message." | openssl enc -e -rc5-cfb -K 30313233343536373839616263646566 -iv 3031323334353637 | rc5 -m cfb -i 01234567 0123456789abcdef | xxd
00000000: 540b 5e94 cdd1 316a 61ec 2cc9 a875 9355  T.^...1ja.,..u.U
00000010: 2017 ebfc 5893 3970 2edf                  ...X.9p..
$

Decryption with CFB mode and proper segment size value setting (success):

$ echo "This is a secret message." | openssl enc -e -rc5-cfb -K 30313233343536373839616263646566 -iv 3031323334353637 | rc5 -m cfb -i 01234567 --segment-size 64 0123456789abcdef | xxd
00000000: 5468 6973 2069 7320 6120 7365 6372 6574  This is a secret
00000010: 206d 6573 7361 6765 2e0a                  message..
$

The following examples are executed on the same environment above with the ciphertext encrypted with RC6 Encryption and Decryption Online with the following setting (I used the online tool because OpenSSL 1.1.1t on FreeBSD 13.2-stable does not support RC6): Input Content: This is a secret message. Mode: OFB or CFB Padding: nopadding Password: 0123456789abcdef IV: 0123456789abcdef In-Format: string Out-Format: hex Charset: UTF-8

Output Result with OFB mode: bf96632c806f49a72e8d1ebed739768934d5b62a1d9c33b310 Output Result with CFB mode: bf96632c806f49a72e8d1ebed7397689034b05da2be0b3f0a7

Decryption with OFB mode (success):

$ echo bf96632c806f49a72e8d1ebed739768934d5b62a1d9c33b310 | hex | rc6 -m ofb -i 0123456789abcdef 0123456789abcdef | xxd
00000000: 5468 6973 2069 7320 6120 7365 6372 6574  This is a secret
00000010: 206d 6573 7361 6765 2e                    message.
$

Decryption with CFB mode without --segment-size option (failure):

$ echo bf96632c806f49a72e8d1ebed7397689034b05da2be0b3f0a7 | hex | rc6 -m cfb -i 0123456789abcdef 0123456789abcdef | xxd
00000000: 5435 e7fb c7cc 53c8 9fdb 33ff 7c97 3169  T5....S...3.|.1i
00000010: 2032 e504 d53d 5521 f4                    2...=U!.
$

Decryption with CFB mode and proper segment size value setting (success):

$ echo bf96632c806f49a72e8d1ebed7397689034b05da2be0b3f0a7 | hex | rc6 -m cfb -i 0123456789abcdef --segment-size 128 0123456789abcdef | xxd
00000000: 5468 6973 2069 7320 6120 7365 6372 6574  This is a secret
00000010: 206d 6573 7361 6765 2e                    message.
$
codecov-commenter commented 1 year ago

Codecov Report

Merging #25 (a83831c) into master (6e8f408) will not change coverage. The diff coverage is 100.00%.

:mega: This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

@@           Coverage Diff           @@
##           master      #25   +/-   ##
=======================================
  Coverage   82.50%   82.50%           
=======================================
  Files         320      320           
  Lines       23570    23570           
=======================================
  Hits        19446    19446           
  Misses       4124     4124
Impacted Files Coverage Δ
refinery/units/crypto/cipher/rc5.py 96.84% <100.00%> (ø)
refinery/units/crypto/cipher/rc6.py 96.93% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

huettenhain commented 1 year ago

I added tests in cf66f722b9872b9883bd71b4354b20f5c700b895 and will now merge this, thank you for the contribution!

huettenhain commented 1 year ago

Let me know if you need a new version pushed to PyPi for this.

nmantani commented 1 year ago

It is not necessary to release a new version this time. Thank you so much for the quick merge!