Mirrors/CyberChef
2
0
Fork 0
mirror of https://github.com/gchq/CyberChef synced 2025-01-12 04:28:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix: Blowfish - ignore IV length in ECB mode

Browse source 
Fixes https://github.com/gchq/CyberChef/issues/1895.
This commit is contained in:
Francisco Pombal 2024-09-15 22:18:49 +01:00
parent d635cca210
commit 1fce8e5112
3 changed files with 21 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/core/operations/BlowfishDecrypt.mjs
View file

@ -76,8 +76,8 @@ class BlowfishDecrypt extends Operation {
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`); Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
} }
if (iv.length !== 8) { if (mode !== "ECB" && iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`); throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
} }
input = Utils.convertToByteString(input, inputType); input = Utils.convertToByteString(input, inputType);

4
src/core/operations/BlowfishEncrypt.mjs
View file

@ -76,8 +76,8 @@ class BlowfishEncrypt extends Operation {
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`); Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
} }
if (iv.length !== 8) { if (mode !== "ECB" && iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`); throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
} }
input = Utils.convertToByteString(input, inputType); input = Utils.convertToByteString(input, inputType);

20
tests/operations/tests/Crypt.mjs
View file

@ -1579,19 +1579,31 @@ DES uses a key length of 8 bytes (64 bits).`,
from Crypto.Cipher import Blowfish from Crypto.Cipher import Blowfish
import binascii import binascii
input_data = b"The quick brown fox jumps over the lazy dog." # Blowfish cipher parameters - key, mode, iv, segment_size, nonce
key = binascii.unhexlify("0011223344556677") key = binascii.unhexlify("0011223344556677")
iv = binascii.unhexlify("0000000000000000")
mode = Blowfish.MODE_CBC mode = Blowfish.MODE_CBC
kwargs = {}
iv = binascii.unhexlify("ffeeddccbbaa9988")
if mode in [Blowfish.MODE_CBC, Blowfish.MODE_CFB, Blowfish.MODE_OFB]:
kwargs = {"iv": iv}
if mode == Blowfish.MODE_CFB:
kwargs["segment_size"] = 64
if mode == Blowfish.MODE_CTR:
nonce = binascii.unhexlify("0000000000000000")
nonce = nonce[:7]
kwargs["nonce"] = nonce
cipher = Blowfish.new(key, mode, **kwargs)
# Input data and padding
input_data = b"The quick brown fox jumps over the lazy dog."
if mode == Blowfish.MODE_ECB or mode == Blowfish.MODE_CBC: if mode == Blowfish.MODE_ECB or mode == Blowfish.MODE_CBC:
padding_len = 8-(len(input_data) & 7) padding_len = 8-(len(input_data) & 7)
for i in range(padding_len): for i in range(padding_len):
input_data += bytes([padding_len]) input_data += bytes([padding_len])
cipher = Blowfish.new(key, mode) # set iv, nonce, segment_size etc. here # Encrypted text
cipher_text = cipher.encrypt(input_data) cipher_text = cipher.encrypt(input_data)
cipher_text = binascii.hexlify(cipher_text).decode("UTF-8") cipher_text = binascii.hexlify(cipher_text).decode("UTF-8")
print("Encrypted: {}".format(cipher_text)) print("Encrypted: {}".format(cipher_text))