Method: RepoInternal::MyAES.is_string_encrypted

Defined in:
lib/lenc/aes.rb

.is_string_encrypted(key, test_str) ⇒ Object

Determines if a string is the start of an encrypted sequence

Returns true iff the start of the string seems to decrypt correctly for the given password

Parameters:

  • key

    password to use (string)

  • test_str

    the string to test



440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
 
# File 'lib/lenc/aes.rb', line 440

def self.is_string_encrypted(key, test_str) 
  db = warndb  0
  
  !db || hex_dump(test_str, "is_string_encrypted?")
  
  simple_str(test_str)
  
  lnth = test_str.size
  lnth -= NONCE_SIZE_SMALL
  if lnth < AES_BLOCK_SIZE || lnth % AES_BLOCK_SIZE != 0
    !db || pr("  bad # bytes\n")
    return false
  end
  
  hdr_size = AES_BLOCK_SIZE
  
  # This method is failing, I suspect because with the mode of AES we're using (CRC?) we can't
  # decrypt only a single block, and must instead decrypt a complete chunk.
  
  # No, now I think it's interpreting a bad 'padding' value (due to only decrypting partially)
  # as indication of bad decryption
  
  if false
    warn("using full chunk size")
    hdr_size = [lnth,CHUNK_SIZE_ENCR].min
  end
  
  begin
      de = MyAES.new(false, key)  
      
      # Put this decryptor into prefix mode, so that we are only interested
      # in whether the header verifies correctly
      de.prefix_mode = true
           
      de.finish(test_str[0...hdr_size + NONCE_SIZE_SMALL])
      de.flush()
  rescue LEnc::DecryptionError => e
    !db || pr(" (caught DecryptionError #{e})\n")
    return false
  end
    
  true
end