blowfish crypto++ / cryptopp compatibility #191
Comments
|
The blowfish cipher itself hasn't been implemented in forge yet, so there's considerable work to be done there. Details on how to implement it can be found here: https://www.schneier.com/paper-blowfish-fse.html Blowfish works in a similar way to the other ciphers that are already implemented in forge. So in order to get it working, most of the work is in implementing the algorithm itself. Then it can be integrated into forge's common cipher API. The other details (dealing with salts/hashes/password-derived keys, etc) can likely be solved fairly easily. You won't be able to get to those issues and test what's going on though -- until the cipher is implemented. |
|
Hey, no changes since 2014? |
|
Hi, I'm using https://github.com/wouldgo/twofish for my solution to work with the cryptopp C++ lib. This shows how I use the twofish.js lib (I'm using const cbcCryptData = ba2str(
new Uint8Array(
twofish(
str2ba(iv)
).encryptCBC(
str2ba(key), str2ba(paddedData)
)
)
);This function is used to convert a export function str2ba(str) {
const buf = new ArrayBuffer(str.length); // 2 bytes for each char
let bufView = new Uint8Array(buf);
for (let i = 0, strLen = str.length; i < strLen; i++) {
bufView[i] = str.charCodeAt(i);
}
return bufView;
}This function is used to convert a export function ba2str(u8a) {
const CHUNK_SZ = 0x8000;
let c = [];
for (let i = 0; i < u8a.length; i += CHUNK_SZ) {
c.push(String.fromCharCode.apply(null, u8a.subarray(i, i + CHUNK_SZ)));
}
return c.join('');
}My C++ application expects padded data with PKCS7 padding, which I create this way: const data = 'your data as a string';
let paddingLength = 16 - data.length % 16;
if (paddingLength === 0) paddingLength = 16;
let padding = '';
for (let i = 0; i < paddingLength; i++) {
padding += forge.util.hexToBytes(paddingLength.toString(16));
}
const paddedData = data + padding; |
|
@TimKraemer thanks, but I need blowfish cbc decryption in js, not twofish. |
Hi,
I want to decrypt a blowfish encrypted file created by the cryptopp C++ lib in JS. Do you got some experiences with that?
My analysis so far: the resulting files of cryptopp are 16byte + data, padded to 8byte - so 1 byte of data will return 16+8 = 24bytes.
I'm not a C++ guy, but as far as I understand the cryptopp lib, it's taking the key for blowfish encryption, but salts it before it encrypts the data.
To decrypt, it saves the salt into the first 8 bytes of the resulting file. Furthermore it has a kind of build-in key-validator (probably a hash of salt+key) which is probably saved to the other 8 bytes. After that the blowfish encrypted (with the new salted key), padded data is appended.
First of all, I'm interested if somebody already did this and is kind enough to provide her solution?
But in case I have to reproduce the behavior by myself, I'm thankful for any hints how to create the right key with salt + passphrase (which operation is used).
Thanks,
Tim
The text was updated successfully, but these errors were encountered: