mIRC Home    About    Download    Register    News    Help

Print Thread
#261893 07/12/17 07:40 PM
Joined: Jan 2004
Posts: 2,127
maroon Offline OP
Hoopy frood
OP Offline
Hoopy frood
Joined: Jan 2004
Posts: 2,127
Suggesting new encryption switches for $encode, enabling the key and salt/iv parameters to be binary variables, as well as preventing switches from being ignored in some situations.

1) Capitalized switches KSI could indicate the key/salt/IV are &binary instead of text/%variable, or updating the 'b' parameter to continue having 'b' continue refer to the text field and allow b3/b4/b5 to indicate whether the 3rd or 4th (or 5th) parameters are binary, without violating backwards compatibility by changing &key or &SaltVar from no longer being literal string.

KSI switches would allow key, salt, and IV to be defined with binary strings difficult or impossible to create by using %variables, and also makes it easier to evade the UTF-8 issue mentioned in the related bug report.

2) From reading about OpenSSL, I can't find anything that says a salt and IV cannot both be used at the same time, so perhaps $encode could find a way to allow both Salt and IV be used at the same time while maintaining backwards compatibility. One way is a 5th parameter that's used only by an IV switch only when both 's' and an IV switch are used at the same time.

3) Allowing a salt and IV switch to be used at the same time avoids the issue of how 'csi' silently ignores the 's', and doesn't user the default random salt either.

4) Current behavior of 'cir' should remain, where it's the same as 'ci' except adding a 16-byte header of "RandomIV" followed by the 4th parameter:

Quote:
//echo -a $decode($encode(text,cir,key,12345678))


However it's probably not appropriate that substituting 'csr' in place of 'cir' generates identical output, even though it does't use a Salt. Allowing a Salt and IV at the same time also avoids this issue.

5) Current behavior silently ignores the 'csir' switches when 'e' is used. I don't see the need to start having any of 'csir' do anything when used alongside 'e', but it might be a good idea to display a warning note to the status window, such as when someone uses 'es' thinking they were affecting output with a salt. Perhaps OpenSSL's ECB doesn't allow a Salt in ECB mode, but the term ECB doesn't mean there can never be a salt, it just means there's no feedback between blocks.

Joined: Jan 2004
Posts: 2,127
maroon Offline OP
Hoopy frood
OP Offline
Hoopy frood
Joined: Jan 2004
Posts: 2,127
From Khaled's reply to the bug report of $encode(data,cr,key,string), I see the optional N is also available for the encryption switches, so adding ability to use Salt and IV needs to adjust for that, and this gives the contents of the 5th UUencode block:

//echo -a $encode($regsubex($str(x,100),/x/g,$asc(\n)),e,key,5)

Since current syntax when either 'e' or 'c' switches are used is:

Quote:
$encode( %var | &binvar, switches, key [, [salt | iv] if s|i|r used] [,optional N] )


Allowing Salt and IV at the time could make this:

Quote:
$encode( %var | &binvar, switches, %key|&key [, salt when 's|S' used ] [, IV when 'i|I' used ] [,optional N] )


Link Copied to Clipboard