0

I have difficulties decrypting a blowfish encrypted string in a .net environment, that was encrypted by the mcrypt php library.

Here is the script I use to encrypt some data

<?php

function encrypt_blowfish($data, $key) {
    $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $crypttext = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $data, MCRYPT_MODE_CBC,    $iv);
    echo 'IV:   ' . bin2hex($iv) . "\n";
    echo 'DATA: ' . bin2hex($crypttext) ."\n" ;
}

$secretKey = 'somekey'; 
$data = 'Hello World this is an encryptiontest!';

encrypt_blowfish($data, $secretKey);

I decided to use the bouncingcastle library since it seemed to be the default choice for encryption and they had a PCL version (which I need). For testing purpose I just copy/pasted the echo'd values into my C# code.

var ivString = "34c33fed0386dda1";
var iv = Hex.Decode (ivString);

var dataString = "ced4ed218d7a1fd228f8c43ca6b83f097648811661d5510678a26953729ceccdf6d78a7695cbfe43";
var data = Hex.Decode (dataString);

var keyString = "somekey";
var key = System.Text.Encoding.UTF8.GetBytes (keyString);

var engine = new BlowfishEngine();
var cipher =new PaddedBufferedBlockCipher(new CbcBlockCipher(engine));

var keyParam = new KeyParameter(key);
cipher.Init (false, keyParam);

var outBytes = new byte[data.Length];
var len = cipher.ProcessBytes (data, 0, data.Length, outBytes, 0);

cipher.DoFinal(outBytes, len);

Console.WriteLine(System.Text.Encoding.UTF8.GetString(outBytes));

When I run this code DoFinal explodes with a "Corrupt padding block" exception. So I read about pcks7 padding which essentially fills the bytes of the original string. I calculated that for my input string and the blowfish cbc algorithm block size of 8, I would need two bytes of padding so I added "22" at the end of the string. This however yielded the same result.

Also, I don't see any point where I can insert the IV into the blowfish decryption. It feels like I am completely lacking/not understanding a vital point here. Any1 any ideas on what goes wrong here? Also if possible I would like to skip on the padding part in my php and simply decrypt with iv/passphrase in c#, is that even possible?

Cheers and thanks

Tom

Tom
  • 3,807
  • 4
  • 33
  • 58

2 Answers2

0

I ended up using a simpler library which supperts cbc mode in a very simple fashion.

http://jaryl-lan.blogspot.de/2014/07/openfire-blowfish-encryptiondecryption.html

Tom
  • 3,807
  • 4
  • 33
  • 58
0

@Tom, your decryption problem was probably due to the '\0' padding that the PHP mcrypt library uses when it needs to make a block of text congruent to its fixed block length (64 bits, or 8 bytes). I hear .Net uses something different? Moreover, does mcrypt_create_iv() produce a binary data? Out of curisoity, why would you use bin2hex() on the IV.

The way to send the IV with with the cipher text is simply $cipherText = $iv . $cipherText. Then, they say, you can use substr() (possibly, mb_substr()) to recover the IV and the true cipher text from the composite. Use the recovered IV and your key to decrypt the cipher text.

The last step is to remove any padding that may have been added to the plain text by mcrypt.

I created a Blowfish diagnostic page here. I am on PHP 5.6.20, and I cannot get mcrypt to decrypt my data because I have a strange IV problem. The same technique I described to you does not seem to work. I posted the text of the diagnostic script on this question:

Blowfish IV Recovery Problem

Here is a working on-line version on my domain:

Blowfish Diganositc Webpage

I guess it is a good thing you tried something else. Ecryption with Blowfish seems to work fine, but even when using native PHP, there appears to be an issue with the decryption process. But, it could just be me! ;-)

Community
  • 1
  • 1
Anthony Rutledge
  • 6,980
  • 2
  • 39
  • 44