<div class="gmail_quote">Hi ownClouders,<div><br></div><div>I'm not an encryption guru but I went further.</div><div>Blowfish<b> encrypt </b>method pads the input data with <b>0x00</b> in order to make their length multiple of 8.</div>
<div>Then it packs them into unsigned long:</div>
<div> pack("N2", $Xl, $Xr);</div><div><br></div><div> *.exe files are already aligned that's why removing rtrim has no effect on their decryption. </div><div>From the other hand, trimming is required for any text file or string as it is padded with 0x00 and corrupted if it's length is not multiple of 8.</div>
<div><br></div><div>I'm not sure how to solve this puzzle right now.</div><div>Is it worth to store the original file size before encryption and trim the excessive bytes for the decrypted file to match this size?</div>
<div class="HOEnZb"><div class="h5">
<div><br></div><div>---</div><div>Victor Dubiniuk</div><div><br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br><div class="gmail_quote">
<div>On Wed, Jun 13, 2012 at 7:05 PM, Frank Karlitschek <span dir="ltr"><<a href="mailto:frank@owncloud.org" target="_blank">frank@owncloud.org</a>></span> wrote:<br>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>Wow.<br>
Very good catch.<br>
<br>
Now the question is why was the rtrim here in the first place. I canīt remember if this is my code from last summer ob from someone else :-)<br>
<span><font color="#888888"><br>
<br>
Frank<br>
</font></span></div><div><div><div><br>
<br>
On 13.06.2012, at 17:18, Victor Dubiniuk <<a href="mailto:victor.dubiniuk@gmail.com" target="_blank">victor.dubiniuk@gmail.com</a>> wrote:<br>
<br>
> My apologies for sending the incomplete message.<br>
><br>
> I used 4.0.2 to debug the encryption and found that the problem is in the OC_Crypt::decrypt - it strips all 0x00 characters at the 8KB block boundary.<br>
> Please check the encryption with the attached files. One has 32 of 0x00 inside and another one is the same but has 0x05 at the 7th position.<br>
><br>
> When I change apps/files_encryption/lib/crypt.php line #136<br>
> return rtrim($data, "\0");<br>
> to<br>
> return $data;<br>
><br>
> the file is decrypted correctly except the fact that it's last block is padded with 0x00. (Tested on *.exe ~ 7MB)<br>
><br>
> ---<br>
> Victor Dubiniuk<br>
><br>><br></div><div><div>
> On Wed, Jun 13, 2012 at 4:45 AM, Michael Gapczynski <<a href="mailto:mtgap@owncloud.com" target="_blank">mtgap@owncloud.com</a>> wrote:<br>
> On Tuesday, June 12, 2012 12:52:06 PM Klaas Freitag wrote:<br>
> > On 04.06.2012 18:33, Klaas Freitag wrote:<br>
> > > On 04.06.2012 18:13, Frank Karlitschek wrote:<br>
> > >> Hi,<br>
> > >><br>
> > >> we have a very evil bug report about corrupted files together with the<br>
> > >> encryption app.<br>
> > >><br>
> > >> <a href="http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-912" target="_blank">http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-912</a><br>
> > >> <a href="http://forum.owncloud.org/viewtopic.php?f=3&t=2726" target="_blank">http://forum.owncloud.org/viewtopic.php?f=3&t=2726</a><br>
> > >><br>
> > >> Everything works for me and I canīt find the problem<br>
> > >> Can someone help me with reproducing it?<br>
> > ><br>
> > > I can reproduce it with a Firefox on Linux and on Windows 7. I have<br>
> > > master running from this morning.<br>
> ><br>
> > Frank, do you think that<br>
> > <a href="http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-669" target="_blank">http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-669</a><br>
> > can be related to this problem? Is there a fix already for #912?<br>
> ><br>
> > Thanks,<br>
> ><br>
> > Klaas<br>
><br>
> It seems that binary data has problems going through the encryption. I did<br>
> some research and read that base64_encode()/decode() should allow binary files<br>
> to be encrypted. My attempts to encode and decode the data with base64 still<br>
> result in corrupted binary files.<br>
><br>
> <a href="http://bytes.com/topic/php/answers/8958-binary-encryption" target="_blank">http://bytes.com/topic/php/answers/8958-binary-encryption</a><br>
><br>
> <a href="http://stackoverflow.com/questions/6033972/encrypting-files-with-php-mcrypt-" target="_blank">http://stackoverflow.com/questions/6033972/encrypting-files-with-php-mcrypt-</a><br>
> is-corrupting-docx-and-other-microsoft-office<br>
><br>
> <a href="http://www.itnewb.com/tutorial/PHP-Encryption-Decryption-Using-the-MCrypt-" target="_blank">http://www.itnewb.com/tutorial/PHP-Encryption-Decryption-Using-the-MCrypt-</a><br>
> Library-libmcrypt<br>
><br>
><br>
><br>
> Michael<br>
> _______________________________________________<br>
> Owncloud mailing list<br>
> <a href="mailto:Owncloud@kde.org" target="_blank">Owncloud@kde.org</a><br>
> <a href="https://mail.kde.org/mailman/listinfo/owncloud" target="_blank">https://mail.kde.org/mailman/listinfo/owncloud</a><br>
><br>
><br>
> _______________________________________________<br>
> Owncloud mailing list<br>
> <a href="mailto:Owncloud@kde.org" target="_blank">Owncloud@kde.org</a><br>
> <a href="https://mail.kde.org/mailman/listinfo/owncloud" target="_blank">https://mail.kde.org/mailman/listinfo/owncloud</a><br>
<br>
</div></div></div></div></blockquote></div><br></div>
</blockquote></div><br></div>
</div></div></div><br>