[Owncloud] help needed with encryption and corruped files

Thu Jun 14 23:29:48 UTC 2012

Hi ownClouders,

I'm not an encryption guru but I went further.
Blowfish* encrypt *method pads the input data with *0x00* in order to make
their length multiple of 8.
Then it packs them into unsigned long:
    pack("N2", $Xl, $Xr);

 *.exe files are already aligned that's why removing rtrim has no effect on
their decryption.
>From the other hand, trimming is required for any text file or string as it
is padded with 0x00 and corrupted if it's length is not multiple of 8.

I'm not sure how to solve this puzzle right now.
Is it worth to store the original file size before encryption and trim the
excessive bytes for the decrypted file to match this size?

---
Victor Dubiniuk

> On Wed, Jun 13, 2012 at 7:05 PM, Frank Karlitschek <frank at owncloud.org>wrote:
>
>> Wow.
>> Very good catch.
>>
>> Now the question is why was the rtrim here in the first place. I can´t
>> remember if this is my code from last summer ob from someone else :-)
>>
>>
>> Frank
>>
>>
>> On 13.06.2012, at 17:18, Victor Dubiniuk <victor.dubiniuk at gmail.com>
>> wrote:
>>
>> > My apologies for sending the incomplete message.
>> >
>> > I used 4.0.2 to debug the encryption and found that the problem is in
>> the OC_Crypt::decrypt  - it strips all 0x00 characters at the 8KB block
>> boundary.
>> > Please check the encryption with the attached files. One has 32 of 0x00
>> inside and another one is the same but has 0x05 at the 7th position.
>> >
>> > When I change apps/files_encryption/lib/crypt.php  line #136
>> >               return rtrim($data, "\0");
>> > to
>> >               return $data;
>> >
>> > the file is decrypted correctly except the fact that it's last block is
>> padded with 0x00. (Tested on *.exe ~ 7MB)
>> >
>> > ---
>> > Victor Dubiniuk
>> >
>> >
>> > On Wed, Jun 13, 2012 at 4:45 AM, Michael Gapczynski <mtgap at owncloud.com>
>> wrote:
>> > On Tuesday, June 12, 2012 12:52:06 PM Klaas Freitag wrote:
>> > > On 04.06.2012 18:33, Klaas Freitag wrote:
>> > > > On 04.06.2012 18:13, Frank Karlitschek wrote:
>> > > >> Hi,
>> > > >>
>> > > >> we have a very evil bug report about corrupted files together with
>> the
>> > > >> encryption app.
>> > > >>
>> > > >> http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-912
>> > > >> http://forum.owncloud.org/viewtopic.php?f=3&t=2726
>> > > >>
>> > > >> Everything works for me and I can´t find the problem
>> > > >> Can someone help me with reproducing it?
>> > > >
>> > > > I can reproduce it with a Firefox on Linux and on Windows 7. I have
>> > > > master running from this morning.
>> > >
>> > > Frank, do you think that
>> > > http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-669
>> > > can be related to this problem? Is there a fix already for #912?
>> > >
>> > > Thanks,
>> > >
>> > > Klaas
>> >
>> > It seems that binary data has problems going through the encryption. I
>> did
>> > some research and read that base64_encode()/decode() should allow
>> binary files
>> > to be encrypted. My attempts to encode and decode the data with base64
>> still
>> > result in corrupted binary files.
>> >
>> > http://bytes.com/topic/php/answers/8958-binary-encryption
>> >
>> >
>> http://stackoverflow.com/questions/6033972/encrypting-files-with-php-mcrypt-
>> > is-corrupting-docx-and-other-microsoft-office
>> >
>> >
>> http://www.itnewb.com/tutorial/PHP-Encryption-Decryption-Using-the-MCrypt-
>> > Library-libmcrypt
>> >
>> >
>> >
>> > Michael
>> > _______________________________________________
>> > Owncloud mailing list
>> > Owncloud at kde.org
>> > https://mail.kde.org/mailman/listinfo/owncloud
>> >
>> >
>> > _______________________________________________
>> > Owncloud mailing list
>> > Owncloud at kde.org
>> > https://mail.kde.org/mailman/listinfo/owncloud
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20120615/4a3ef2cf/attachment.html>