-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Different keys can be used to decrypt the same message #5
Comments
@kv109 and your write up on Medium (https://blog.elpassion.com/simple-and-terrifying-encryption-story-c1f1d6707c07#.py588ygyh) |
Saw your post on Medium on the issue, and I'm of two minds. First off, the documented use of the library is to use the keys that the library generates for you, as shown in the README: # Generate a random key
key = AES.key
=> "290c3c5d812a4ba7ce33adf09598a462"
# Encrypt a string. Default output is base_64 encoded, init_vector and cipher_text are joined with "$"
b64 = AES.encrypt("A super secret message", key)
=> "IJjbgbv/OvPIAf4R5qAWyg==$fy0v7JwRX4kyAWflgouQlt9XGmiDKvbQMRHmQ+vy1fA=" Your post indicates you were setting up some repeatable testing, perhaps you could generate a valid key like above and place it in your test code. Second, If you want the behavior of the library to change, what behavior would you prefer to see? |
@StephenWeber I think that it would make sense to at least raise an error if the key contains any non-HEX symbols, which would be the simple fix. I guess the expected behaviour is instead of assuming the key is a HEX number (since it's a String and can be anything), assume it's a string and get the byte-code for each of the characters instead. Happy to help with implementing this. |
Hey gang! This is an AMAZING catch, and frankly a bit embarrassing! This gem has a great namespace, and it deserves a more active maintainer - my ruby coding days are few and far between. Does anyone want to take this over? I'm happy to pass along responsibility in whatever way makes sense. Loved the writeup on medium, btw! |
I have a PR incoming that will properly error out if given an invalid input for the key (a string that is not a valid hex representation) |
I should mention though that even a cursory security audit reveals several other major problems:
Should I move to try and fix them all? |
@chicks With all due respect, this gem does not need a new maintainer. It needs to be retired. There are plenty of good cryptographic libraries out there with good Ruby implementations written by people with a solid background in crypto (full disclosure: the author, Tony, is a former coworker of mine on the Information Security team at Square). Nobody should be using this gem in its current state. Any changes that would bring it up to modern standards would inevitably break the existing API heavily. In my opinion, a 1.0 release of this gem should be rolled out that removes all preexisting modules and methods, warns anyone installing it that the gem is no longer recommended, and points to a suitable replacement (e.g., cryptosphere/rbnacl). If someone is currently relying on it, they can pin to the previous version using a Gemfile. |
Totally agree - I was more thinking if there's a better gem that wants the "aes" name we can probably work that out. |
a good options would be point them to the official ruby implementations : https://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html |
Or, release a new version of this gem that is just a wrapper around the built-in OpenSSL methods. This way anybody using this library can update and not need to worry about refactoring code. Then this repository can be marked as deprecated, and deprecation warnings can be added to the wrapper code. |
@mtrpcic this was the original intent - the AES encryption is delegated to OpenSSL and the gem provides a nice wrapper to make it easier to use. Most everything comes down to: https://github.com/chicks/aes/blob/master/lib/aes/aes.rb#L151 It's also worth noting that the other goal was an AES lib that didn't require a lot of setup or dependent libraries. FasterAES was the standard at the time, but it required the compilation of ruby extensions which turned a 5 minute gem install into a much longer activity as everyone scrambled to compile and package the dependencies properly. It's not as performant, but the heavy lifting is still handled by OpenSSL. That being said, the way I wrote the key handling routines wasn't vetted thoroughly enough and is severely damaging the credibility of the whole approach :) |
See https://gist.github.com/kv109/42289aa65f81e819910005f4773215a1
The text was updated successfully, but these errors were encountered: