Re: Emptying the buffer
On 2/15/08, Joel Christner [EMAIL PROTECTED] wrote: Anyone have any ideas? Thanks does it still happen after you changed your code? -jb __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Emptying the buffer
Hi DS, I corrected the strings issue (a mistake I shouldn't have missed, also thanks to Jimmy's earlier email). I've leveled it down to a simple, small piece of code that does nothing more than take data from stdin, encrypt it, display the ciphertext, decrypt it, display the cleartext. Problem is that the cleartext continues to appear in subsequent runs (I'm doing this in a while(1) loop) - even though I'm doing an EVP_EncryptFinal and EVP_DecryptFinal as part of my methods for encryption and decryption. Would you be willing to take a look at this code if I unicast it to you? Thanks, Joel On Fri, Feb 15, 2008 at 11:14 AM, David Schwartz [EMAIL PROTECTED] wrote: Joel Christner wrote: dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { Umm, you just stored the number of bytes read in 'dataRead'. Why are you passing 'readBuffer' to strlen? The 'readBuffer' contains the array of bytes read from the link, it is not a C-style string. Only a C-style string may be passed to 'strlen'. readBufferClear=decrypt(context,readBuffer+i,1); You are passing characters one-at-a-time to your decryption function. Depending on exactly what this function does, this may indicate that you are not getting the security you expected. if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen (readBufferClear)); } Your 'decrypt' function takes as input a single character and returns a C-style string? Either your code is *truly* weird, or you have some basic misunderstandings about C-style strings. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Emptying the buffer
Joel Christner wrote: dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { Umm, you just stored the number of bytes read in 'dataRead'. Why are you passing 'readBuffer' to strlen? The 'readBuffer' contains the array of bytes read from the link, it is not a C-style string. Only a C-style string may be passed to 'strlen'. readBufferClear=decrypt(context,readBuffer+i,1); You are passing characters one-at-a-time to your decryption function. Depending on exactly what this function does, this may indicate that you are not getting the security you expected. if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen (readBufferClear)); } Your 'decrypt' function takes as input a single character and returns a C-style string? Either your code is *truly* weird, or you have some basic misunderstandings about C-style strings. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Emptying the buffer
Joel Christner wrote: Hello, I have a simple client-server program and am using blowfish. I'm using the EVP_* routines to initialize, encrypt, and decrypt. Variable-length data is taken in from the client through stdin and sent to the server socket after encryption. One question I have is how I clear what's already been decrypted on the server-side from the buffer. It appears that the data I've already read out of the buffer (post-decryption) is not being discarded, thus when data is received, it starts back at the beginning and I get the same data back. Any insight would be much appreciated! On my client side, my code is (simplified) EVP_EncryptInit(context,EVP_bf_cbc(),key,iv): while(1) { fgets(buffer,sizeof(buffer),stdin); padBuffer(buffer,paddedBuffer); (my own routine just to pad to length that is multiplier of 8-bytes) writeBuffer=encrypt(context,paddedBuffer,strlen(paddedBuffer),i); writeData=sendto(connfd,writeBuffer,strlen(writeBuffer),0,(struct sockaddr *)serveraddress,sizeof(serveraddress)); } and on the server side, my code is (simplified): EVP_DecryptInit(context,EVP_bf_cbc(),key,iv); while(1) { dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { readBufferClear=decrypt(context,readBuffer+i,1); if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen(readBufferClear)); } unpadBuffer(readBufferFinal,readBufferPadded); printf(cleartext=%s\n,readBufferPadded); } Major problem with your code - _do_not_ use strlen() or other string functions on binary data (encrypted buffers don't necessarily follow the C-string rule of null-termination and can have '\0' anywhere in between). -jb -- I used to think I was indecisive, but now I'm not so sure. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Emptying the buffer
Ok, I will change that. Can you provide any guidance on how to empty the buffer? Thanks On Thu, Feb 14, 2008 at 2:50 AM, jimmy bahuleyan [EMAIL PROTECTED] wrote: Joel Christner wrote: Hello, I have a simple client-server program and am using blowfish. I'm using the EVP_* routines to initialize, encrypt, and decrypt. Variable-length data is taken in from the client through stdin and sent to the server socket after encryption. One question I have is how I clear what's already been decrypted on the server-side from the buffer. It appears that the data I've already read out of the buffer (post-decryption) is not being discarded, thus when data is received, it starts back at the beginning and I get the same data back. Any insight would be much appreciated! On my client side, my code is (simplified) EVP_EncryptInit(context,EVP_bf_cbc(),key,iv): while(1) { fgets(buffer,sizeof(buffer),stdin); padBuffer(buffer,paddedBuffer); (my own routine just to pad to length that is multiplier of 8-bytes) writeBuffer=encrypt(context,paddedBuffer,strlen(paddedBuffer),i); writeData=sendto(connfd,writeBuffer,strlen(writeBuffer),0,(struct sockaddr *)serveraddress,sizeof(serveraddress)); } and on the server side, my code is (simplified): EVP_DecryptInit(context,EVP_bf_cbc(),key,iv); while(1) { dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { readBufferClear=decrypt(context,readBuffer+i,1); if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen(readBufferClear)); } unpadBuffer(readBufferFinal,readBufferPadded); printf(cleartext=%s\n,readBufferPadded); } Major problem with your code - _do_not_ use strlen() or other string functions on binary data (encrypted buffers don't necessarily follow the C-string rule of null-termination and can have '\0' anywhere in between). -jb -- I used to think I was indecisive, but now I'm not so sure. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Emptying the buffer
Anyone have any ideas? Thanks On Wed, Feb 13, 2008 at 6:44 PM, Joel Christner [EMAIL PROTECTED] wrote: Hello, I have a simple client-server program and am using blowfish. I'm using the EVP_* routines to initialize, encrypt, and decrypt. Variable-length data is taken in from the client through stdin and sent to the server socket after encryption. One question I have is how I clear what's already been decrypted on the server-side from the buffer. It appears that the data I've already read out of the buffer (post-decryption) is not being discarded, thus when data is received, it starts back at the beginning and I get the same data back. Any insight would be much appreciated! On my client side, my code is (simplified) EVP_EncryptInit(context,EVP_bf_cbc(),key,iv): while(1) { fgets(buffer,sizeof(buffer),stdin); padBuffer(buffer,paddedBuffer); (my own routine just to pad to length that is multiplier of 8-bytes) writeBuffer=encrypt(context,paddedBuffer,strlen(paddedBuffer),i); writeData=sendto(connfd,writeBuffer,strlen(writeBuffer),0,(struct sockaddr *)serveraddress,sizeof(serveraddress)); } and on the server side, my code is (simplified): EVP_DecryptInit(context,EVP_bf_cbc(),key,iv); while(1) { dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { readBufferClear=decrypt(context,readBuffer+i,1); if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen(readBufferClear)); } unpadBuffer(readBufferFinal,readBufferPadded); printf(cleartext=%s\n,readBufferPadded); }
Emptying the buffer
Hello, I have a simple client-server program and am using blowfish. I'm using the EVP_* routines to initialize, encrypt, and decrypt. Variable-length data is taken in from the client through stdin and sent to the server socket after encryption. One question I have is how I clear what's already been decrypted on the server-side from the buffer. It appears that the data I've already read out of the buffer (post-decryption) is not being discarded, thus when data is received, it starts back at the beginning and I get the same data back. Any insight would be much appreciated! On my client side, my code is (simplified) EVP_EncryptInit(context,EVP_bf_cbc(),key,iv): while(1) { fgets(buffer,sizeof(buffer),stdin); padBuffer(buffer,paddedBuffer); (my own routine just to pad to length that is multiplier of 8-bytes) writeBuffer=encrypt(context,paddedBuffer,strlen(paddedBuffer),i); writeData=sendto(connfd,writeBuffer,strlen(writeBuffer),0,(struct sockaddr *)serveraddress,sizeof(serveraddress)); } and on the server side, my code is (simplified): EVP_DecryptInit(context,EVP_bf_cbc(),key,iv); while(1) { dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL); for (i=0;istrlen(readBuffer);i++) { readBufferClear=decrypt(context,readBuffer+i,1); if (readBufferClear!=0) strncat(readBufferFinal,readBufferClear,strlen(readBufferClear)); } unpadBuffer(readBufferFinal,readBufferPadded); printf(cleartext=%s\n,readBufferPadded); }