Adaptation problem with the Blowfish Encryption in C

Question

I'm writing a program that implements the Boneh-Franklin Identity Based Encryption. For the actual encryption methods, I use Blowfish which I got from (https://voltar.org/). I'm trying to adapt the blowfish encryption/decryption code to my program. The difference in my program is that I read the message from the standard input, encrypt it and print the encryption, then decrypt it and print the decryption (which should be the original message). Currently, I read the input message up to a "?" character and then try to follow the code from the site. However, the decryption is printed as unreadable characters. I tried to solve this problem but I got stuck. Can you please help me?

//initializations

BF_KEY s_key;       //shared key of the blowfish encryption
char plain[1000000];    //the plaintext of the message
char cipher[1000000];   //the ciphertext of the message  
char byte;          //to hold the byte of the msg
char *token;        //points to tokens of the msg
char IV[8]="MY*IV000";  //the initialization vector
int offset = 0;     //the offset of encryption
int b_count = 0;        //number of bytes in d_buf
char block[8];      //blocks of encryption
char msg[1000000];      //the input msg from the user
int j;          //used to read input in a loop with getchar
int i;          //for-loop value
int len;            //used to calculate lengths different variables
int f;          //flag for the setup stage
int q;    //used to read input in a loop with getchar
q=0;    //reset the index reader
char in;    //to read characters
printf("Please enter the message you wish to send:\n");

************ This is my code to read the input message: ***************

//this loop reads the input from the user since C does not 
//provide a safe function to read strings with white spaces

while (in != '?'){   
in=getchar();
if(in != '?')    //dont include the delim character in the string
         msg[q++]=in;
}
msg[q]='\0';    //truncate the string by the null character

************ Then I used the code (cited and referenced) for encryption ***************

Of course I modified it as message read from stdin not program args

for(i=0; i<strlen(msg); i++)    //copy the input message to plain
    plain[i] = msg[i];

//set up the shared key of the BF encryption

BF_set_key(&s_key, strlen(ekey_buf), ekey_buf);    

while(1){
    for(i=0; i<8; i++)    //reinitiate the block of 8 characters each time

        block[i] = 0;
    strncpy(block, plain+offset, 8);
    BF_cbc_encrypt(plain+offset, cipher, 8, &s_key, IV, BF_ENCRYPT);   
    for(i=0; i<strlen(cipher); i++){
    printf("%02x", (unsigned char) cipher[i]);
}
if( strlen(plain+offset)>8 ){    //if there is still more characters
     offset += 8;         //process the next block of 8 characters
} else
       break;       
}
//the cipher is correctly printed

************ Then I used the code (cited and referenced) for decryption ***************

Here, I excluded the part where it tokenized the cipher and created the plain char array for decryption, I simply passed the cipher array to be decrypted (as it is output from the encryption function), and stored in the plain char array with length = strlen(cipher)

//set up the shared key of the BF encryption

BF_set_key(&s_key, strlen(dkey_buf), dkey_buf);        
BF_cbc_encrypt(cipher, plain, strlen(cipher), &s_key, IV, BF_DECRYPT);  

printf("plain after decryption: %s\n", plain);
//HERE IS THE PROBLEM: I get unreadable characters as output of this line

Any help is appreciated. Sorry for the inconvenience and many thanks in advance.

Answer 1

I have a hunch it's a dirty IV, but it's just a guess.

for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_ENCRYPT);

// won't decrypt right:
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_DECRYPT);
// without resetting the ivec to all 'i's, the decryption will fail.

// This would work though:

for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_ENCRYPT);

for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_DECRYPT);

My guess is only correct if every block after the first decrypts correctly though.

Another big problem with strlen(inputz) is that if the strlen() doesn't fall exactly on an 8byte boundary, your decrypt will ultimately fail. I have addressed the problem rather completely as a gist on github.

Answer 2

Check your encoding.

Answer 3

You need to null terminate plain i.e. something like plain[ strlen(dkey_buf) ] = 0 is needed.

Answer 4

Aren't there patent restrictions on using/distributing programs that leverage the IBE algorithm?