Re: Padding Problem UPDATE (Still broken)

In article <r_adnYren7jDkWDfRVn-uw@xxxxxxxxxxx>, Hal Vaughan
<hal@xxxxxxxxxxxxxxxxxxxx> wrote:

> Hal Vaughan wrote:
>
>
[problem description snipped]

> I found the "padding" setting, and now use this to encrypt:
>
> $cipher = Crypt::CBC->new( { 'key' => $key, iv => $vector,
> prepend_iv => 0, 'cipher' => 'Blowfish', 'regenerate_key' => 0,
> padding => 'standard' });
> $data = $cipher->encrypt($rawdata);
>
> And now I get a different error on the Java end:
>
> javax.crypto.BadPaddingException: Given final block not properly padded
>
> So now it's padding properly (which is should have done anyway, since it is
> supposed to default to "standard") but the last block is not being padded
> properly. At first I thought I had to change and use the sequence of
> "start, crypt, finish" for encoding, but according to the docs, encrypt()
> does it all. So is there something I can do to make sure the last block is
> padded? Apparently Crypt::CBC isn't doing that.

Have you tried the other values of the padding setting ('space',
'onesandzeroes', 'null')?

Padding applies only to the last block. Block cipher algorithms like
Blowfish work on blocks of bits. Blowfish uses blocks of size 64 bits.
If the last block is short, padding is added to make it a full block.
The 'standard' padding method is to add 1 to 8 bytes, depending upon
the length of the original data, each byte containing the number of
bytes being added. That way the padding bytes may be unambiguously
removed from the decrypted message. Note that if your message is a
multiple of 64 bits, an extra block of '0808080808080808' will be
added. All of this is explained in the documentation for Crpyt::CBC and
in the references below.

You might try 'null' or 'spaces' on the Perl side and
'Blowfish/CBC/Nopadding' on the Java side. I have not used either
Crypt::CBC nor javax.crypto, so can't give much additional help.

References:

<http://www.faqs.org/rfcs/rfc1423.html>
<http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html
#AppA>


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---
.

Relevant Pages

  • Re: [2.6.0-test1-mm1] TCP connections over ipsec hang after a few seconds
    ... # "padding" defines some parameter of padding. ... # Specification of default various timer. ... # These value can be changed per remote node. ... encryption_algorithm blowfish 448; ...
    (Linux-Kernel)
  • Re: Java: Cramer-Shoup 98 Crypto System
    ... I have not been following the discussion on good padding in this group. ... The crypto part does not know about what the bits mean, ... block padding is shorter than your TERMINATOR string. ... that earlier Java dialects on Unix/Linux just treat this bit as part ...
    (sci.crypt)
  • Re: Padding Problem UPDATE (Still broken)
    ... > problem on the Perl end, and any encrypted e-mail I create I can retrieve ... > The problem comes when my Java program tries to decrypt the file created ... but I'm assuming Padding is just the padding of data on the end. ... and now use this to encrypt: ...
    (comp.lang.perl.misc)
  • Padding Problem with Blowfish and Crypt::CBC and Java Cipher
    ... Then I have a Java program that ... problem on the Perl end, and any encrypted e-mail I create I can retrieve ... but I'm assuming Padding is just the padding of data on the end. ... and I don't see a way to specify the padding in CBC. ...
    (comp.lang.perl.misc)
  • Re: padding scheme
    ... > Schnier's original Blowfish paper does not specify how the K-Array is ... > K-Array in conjunction with the P-Array. ... There is no such padding in Blowfish. ...
    (sci.crypt)