- Posts: 103
- Thank you received: 5
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
LSEncrypt - How to (decrypt?)
- socius
- Topic Author
- Offline
- Premium Member
Less
More
6 years 1 month ago #166701
by socius
Replied by socius on topic LSEncrypt - How to (decrypt?)
Hi,
Just a short note: I tried again with shorter keys of length 512 bit and 1024 bit (with 2048 bit length I unsuccessfully tried before - s. above).
With 512 bit there is this message:
With length 1024 bit an error message pops up quickly before the terminal window closes.
I made a screenrecording, but the quality is bad unfortunately - but: it seems that somethings working here - at least the warning message points to something new:
Does that help to solve this?
Thanks for your time!
Best, G
Just a short note: I tried again with shorter keys of length 512 bit and 1024 bit (with 2048 bit length I unsuccessfully tried before - s. above).
With 512 bit there is this message:
With length 1024 bit an error message pops up quickly before the terminal window closes.
I made a screenrecording, but the quality is bad unfortunately - but: it seems that somethings working here - at least the warning message points to something new:
Code:
Call to undefined function mcrypt_get_iv_size()
Does that help to solve this?
Thanks for your time!
Best, G
Attachments:
The topic has been locked.
- socius
- Topic Author
- Offline
- Premium Member
Less
More
- Posts: 103
- Thank you received: 5
6 years 1 month ago #166710
by socius
Replied by socius on topic LSEncrypt - How to (decrypt?)
Hi again,
I also tried to avoid the built-in decryption via the decrypt.php inside encrypted.cmd. I tried to do the decryption with the openssl function in R ( cran.r-project.org/web/packages/openssl/ ). This seems promising ( cran.r-project.org/web/packages/openssl/openssl.pdf#page=7 )
I just cut out the encrypted responses from encrypted.cmd and tried to decrypt them - but as you can see in the specification of the command, I'm missing
since I did not encrypt with the function in the R package, but with LSencrypt. How can I get this information? The decrypt.php uses the IV
How could we get these into R - and would this work? Here comes a small reproducible example for encryption/decryption with R:
Thanks for reading - and for all hints that lead to the decryption - be it via the LSEncryption Plugin or with an R function - everythings welcome!
Best, G
I also tried to avoid the built-in decryption via the decrypt.php inside encrypted.cmd. I tried to do the decryption with the openssl function in R ( cran.r-project.org/web/packages/openssl/ ). This seems promising ( cran.r-project.org/web/packages/openssl/openssl.pdf#page=7 )
I just cut out the encrypted responses from encrypted.cmd and tried to decrypt them - but as you can see in the specification of the command, I'm missing
- IV, a "16 byte raw vector returned by encrypt_envelope" and
- session, a "raw vector with encrypted session key as returned by encrypt_envelope"
since I did not encrypt with the function in the R package, but with LSencrypt. How can I get this information? The decrypt.php uses the IV
Code:
$iv = substr($encryptedKey, 0, mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC));
How could we get these into R - and would this work? Here comes a small reproducible example for encryption/decryption with R:
Code:
#install.packages("openssl") # https://cran.r-project.org/web/packages/openssl library(openssl) key.priv <- rsa_keygen(bits = 1024) # Generate RSA keypair key.publ <- key.priv$pubkey # Extract the public key # The respective functions for encryption and decryption s. https://cran.r-project.org/web/packages/openssl/openssl.pdf#page=7 text <- charToRaw("Hello world!") # This is the text we want to encrypt encrypted <- encrypt_envelope(text, pubkey = key.publ) # We encrypt using the public key decrypted <- decrypt_envelope(encrypted$data, encrypted$iv, encrypted$session, key = key.priv) # That's how we decrypt again, using the encrypted data, IV and the encrypted session (I just pretend to know what the latter are). text <- rawToChar(decrypted) # This is the text we want to encrypt text # Yes: it's "Hello world!" again
Thanks for reading - and for all hints that lead to the decryption - be it via the LSEncryption Plugin or with an R function - everythings welcome!
Best, G
Attachments:
The topic has been locked.