Discussion:
[Cryptlib] Error: CRYPT_ERROR_INTERNAL
Линда Кайе
2021-04-10 08:13:39 UTC
Permalink
Hi!

I use cryptlib to store password encrypted data. Code is just like in the manual (in simplified form):

cryptCreateEnvelope
cryptSetAttributeString (with password)
cryptPushData (in loop with smaller chunks)
cryptFlushData
cryptPopData (also in loop)

Everything works great on version 3.4.3 but when I upgrade to more recent versions, everything brokes. On small ammount of data it still works but when I try to encrypt large blocks of data (like 1.5Mb), on some of calls of cryptPushData() I get CRYPT_ERROR_INTERNAL error.

Is anyone know what's going on?
_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
Peter Gutmann
2021-04-10 14:19:41 UTC
Permalink
Линда Кайе <***@gmail.com> writes:

>Everything works great on version 3.4.3 but when I upgrade to more recent
>versions, everything brokes. On small ammount of data it still works but when
>I try to encrypt large blocks of data (like 1.5Mb), on some of calls of
>cryptPushData() I get CRYPT_ERROR_INTERNAL error.

Can you provide more information on this, e.g. code to reproduce it, or build
in debug mode which will provide more information on the issue?

Peter.



_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to pre
Линда Кайе
2021-04-10 22:40:53 UTC
Permalink
> Can you provide more information on this, e.g. code to reproduce it, or build
> in debug mode which will provide more information on the issue?

Yes. There is complete sample:

https://github.com/Linda-chan/cryptlib-test

The class working with cryptlib is here:

https://github.com/Linda-chan/cryptlib-test/blob/master/CCryptLibSupprt.CLS

The error occurs when calling cryptPushData() in PushData() function. The program survives few calls and then error happens.

I thought this error may be related to some issues with strings in DLL calls (especially with binary data) but modified code have same error.


_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
Peter Gutmann
2021-04-11 08:58:15 UTC
Permalink
Линда Кайе <***@gmail.com> writes:

>There is complete sample:
>
>https://github.com/Linda-chan/cryptlib-test

That's all Visual Basic which unfortunately I can't do much with... it looks
like it's in EncryptDecryptData() in CCryptLibSupprt.CLS, the cryptXXX() calls
are obvious but it's not clear what data that loop is processing... are you
able to recreate it using some fixed data string like '******' and a series of
cryptPushData()/cryptPopData() calls? For encryption you should be able to
replace the call to PushData() with just cryptPushData() and the same for
PopData(), since you're not doing anything with passwords as you would for
decryption. Knowing what values like 'Mid(Text, CharIndex, PUSH_BUFFER_SIZE)'
and 'Len(Text)' are would be good...

Peter.



_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order
Линда Кайе
2021-04-11 19:19:16 UTC
Permalink
> That's all Visual Basic which unfortunately I can't do much with... it looks
> like it's in EncryptDecryptData() in CCryptLibSupprt.CLS, the cryptXXX() calls
> are obvious but it's not clear what data that loop is processing... are you
> able to recreate it using some fixed data string like '******' and a series of
> cryptPushData()/cryptPopData() calls? For encryption you should be able to
> replace the call to PushData() with just cryptPushData() and the same for
> PopData(), since you're not doing anything with passwords as you would for
> decryption. Knowing what values like 'Mid(Text, CharIndex, PUSH_BUFFER_SIZE)'
> and 'Len(Text)' are would be good...

I'm trying to figure out how to provide you debug info. Can you run it in Word or any other Office app?

As far as I see, the error happens right after second cycle of cryptPopData(). I've tried different buffer sizes but when the code retrive encrypted data second time and then try to push data, error occurs.

Source data doesn't matter: I can try JPEG file, pure random data, string filled with "*" only or even cl32.dll itself, error still occur.

PopData() is a separate function because cryptPopData() called in cycle while it returns something. When the object is empty, program continues to push data.

// And FlushData() is another separate function just for company and for some debug code added in the past.


_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
Peter Gutmann
2021-04-12 03:06:00 UTC
Permalink
Линда Кайе <***@gmail.com> writes:

>As far as I see, the error happens right after second cycle of
>cryptPopData(). I've tried different buffer sizes but when the code retrive
>encrypted data second time and then try to push data, error occurs.

All I really need is the sequence of push/pop operations to reproduce it, e.g:

cryptPushData: 1024 bytes
cryptPushData: 1024 bytes
cryptPushData: 1024 bytes
cryptFlushData
cryptPopData: 2048 bytes

or whatever the data quantities are. In other words an indication of what
data quantities, and in what order of operation, the loop at line 120 is
handling.

Also the version of cryptlib that you're using...

Peter.



_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in
Линда Кайе
2021-04-12 11:09:50 UTC
Permalink
Okay. Here are results for 2Kb buffer and 20Kb buffer:

https://github.com/Linda-chan/cryptlib-test/blob/master/NOTES-2Kb.TXT
https://github.com/Linda-chan/cryptlib-test/blob/master/NOTES-20Kb.TXT

cryptlib version is 3.4.5, prebuild binary from site.

_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
Peter Gutmann
2021-04-12 11:59:22 UTC
Permalink
Линда Кайе <***@gmail.com> writes:

>Okay. Here are results for 2Kb buffer and 20Kb buffer:

Thanks! So the fix is in envelope/encode.c, line 897, change:

REQUIRES( boundsCheck( envelopeInfoPtr->bufPos, bytesToCopy,
envelopeInfoPtr->bufSize ) );

to:

REQUIRES( boundsCheckZ( envelopeInfoPtr->bufPos, bytesToCopy,
envelopeInfoPtr->bufSize ) );

Peter.



_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in o
Линда Кайе
2021-04-12 19:52:45 UTC
Permalink
Yes! It works. Thank you!


_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
Loading...