Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Blowfish - ignore IV length in ECB mode #1902

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/core/operations/BlowfishDecrypt.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,8 @@ class BlowfishDecrypt extends Operation {
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
}

if (iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`);
if (mode !== "ECB" && iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
}

input = Utils.convertToByteString(input, inputType);
Expand Down
6 changes: 3 additions & 3 deletions src/core/operations/BlowfishEncrypt.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -72,12 +72,12 @@ class BlowfishEncrypt extends Operation {

if (key.length < 4 || key.length > 56) {
throw new OperationError(`Invalid key length: ${key.length} bytes

Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
}

if (iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`);
if (mode !== "ECB" && iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
}

input = Utils.convertToByteString(input, inputType);
Expand Down
20 changes: 16 additions & 4 deletions tests/operations/tests/Crypt.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -1579,19 +1579,31 @@ DES uses a key length of 8 bytes (64 bits).`,
from Crypto.Cipher import Blowfish
import binascii

input_data = b"The quick brown fox jumps over the lazy dog."
# Blowfish cipher parameters - key, mode, iv, segment_size, nonce
key = binascii.unhexlify("0011223344556677")
iv = binascii.unhexlify("0000000000000000")
mode = Blowfish.MODE_CBC
kwargs = {}
iv = binascii.unhexlify("ffeeddccbbaa9988")
if mode in [Blowfish.MODE_CBC, Blowfish.MODE_CFB, Blowfish.MODE_OFB]:
kwargs = {"iv": iv}
if mode == Blowfish.MODE_CFB:
kwargs["segment_size"] = 64
if mode == Blowfish.MODE_CTR:
nonce = binascii.unhexlify("0000000000000000")
nonce = nonce[:7]
kwargs["nonce"] = nonce

cipher = Blowfish.new(key, mode, **kwargs)

# Input data and padding
input_data = b"The quick brown fox jumps over the lazy dog."
if mode == Blowfish.MODE_ECB or mode == Blowfish.MODE_CBC:
padding_len = 8-(len(input_data) & 7)
for i in range(padding_len):
input_data += bytes([padding_len])

cipher = Blowfish.new(key, mode) # set iv, nonce, segment_size etc. here
# Encrypted text
cipher_text = cipher.encrypt(input_data)

cipher_text = binascii.hexlify(cipher_text).decode("UTF-8")

print("Encrypted: {}".format(cipher_text))
Expand Down
Loading