Giters

reidmorrison / symmetric-encryption

Symmetric Encryption for Ruby Projects using OpenSSL

Home Page:https://logger.rocketjob.github.io/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Using a key version of 5 or higher in conjunction with a random IV is corrupting the header

reidmorrison opened this issue · comments

commented

The decrypt fails because the header contains the wrong version number.

e = SymmetricEncryption.cipher(5).encrypt("hello world", true)
SymmetricEncryption.decrypt(e)

Results in

OpenSSL::Cipher::CipherError: bad decrypt
	from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/cipher.rb:576:in `final'
	from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/cipher.rb:576:in `binary_decrypt'
	from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/symmetric_encryption.rb:121:in `decrypt'

Extracting the header:

e = SymmetricEncryption.cipher(5).encrypt("hello world", true)
encoder = SymmetricEncryption.cipher(5).encoder
SymmetricEncryption::Cipher.parse_header!(encoder.decode(e))

Returns the following header which has the wrong version number:

#<SymmetricEncryption::Cipher::HeaderStruct:0x7ff7dc861f60
    cipher_name = nil,
    compressed = false,
    decryption_cipher = #<SymmetricEncryption::Cipher:0x3ffbeb3413a0 @key="[FILTERED]" @iv="ABCDEF1234567890" @cipher_name="aes-256-cbc", @version=2, @encoding=:base64strict, @always_add_header=true,
    iv = "}\xA9k\xB2i\x91pJ\xE9\xAA\x99@\x9F\x84x\x8D",
    key = nil,
    version = 2
>