Using a key version of 5 or higher in conjunction with a random IV is corrupting the header
reidmorrison opened this issue · 0 comments
reidmorrison commented
The decrypt fails because the header contains the wrong version number.
e = SymmetricEncryption.cipher(5).encrypt("hello world", true)
SymmetricEncryption.decrypt(e)Results in
OpenSSL::Cipher::CipherError: bad decrypt
from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/cipher.rb:576:in `final'
from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/cipher.rb:576:in `binary_decrypt'
from /Users/rmorrison/.rvm/gems/ruby-2.3.4/gems/symmetric-encryption-3.9.0/lib/symmetric_encryption/symmetric_encryption.rb:121:in `decrypt'
Extracting the header:
e = SymmetricEncryption.cipher(5).encrypt("hello world", true)
encoder = SymmetricEncryption.cipher(5).encoder
SymmetricEncryption::Cipher.parse_header!(encoder.decode(e))Returns the following header which has the wrong version number:
#<SymmetricEncryption::Cipher::HeaderStruct:0x7ff7dc861f60
cipher_name = nil,
compressed = false,
decryption_cipher = #<SymmetricEncryption::Cipher:0x3ffbeb3413a0 @key="[FILTERED]" @iv="ABCDEF1234567890" @cipher_name="aes-256-cbc", @version=2, @encoding=:base64strict, @always_add_header=true,
iv = "}\xA9k\xB2i\x91pJ\xE9\xAA\x99@\x9F\x84x\x8D",
key = nil,
version = 2
>