From 1db425f8883febe38b08e4fd0c130725e049b1de Mon Sep 17 00:00:00 2001 From: viraladmin <00purple@gmail.com> Date: Fri, 3 Jul 2026 12:29:57 -0600 Subject: [PATCH] Fix encryption key normalization --- Cargo.toml | 2 +- src/decryption/text.rs | 7 ++----- src/encryption/text.rs | 15 +++++++++------ src/lib.rs | 18 ++++++++++++++++++ 4 files changed, 30 insertions(+), 12 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 61702e7..1711a9b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "encrypted_images" -version = "1.4.0" +version = "1.4.1" edition = "2021" description = "Encrypt Text to Images and decrypt text from images." authors = ["Bruce Bates | https://www.linkedin.com/in/bruce-bates/"] diff --git a/src/decryption/text.rs b/src/decryption/text.rs index fcde7be..27c2621 100644 --- a/src/decryption/text.rs +++ b/src/decryption/text.rs @@ -30,16 +30,13 @@ /// ``` use subtle::ConstantTimeEq; use openssl::symm::{decrypt, Cipher}; - use crate::encryption::text::hmac::calculate_hmac; + use crate::encryption::text::{hmac::calculate_hmac, normalize_key}; use base64::{Engine as _, engine::{self, general_purpose}, alphabet}; const CUSTOM_ENGINE: engine::GeneralPurpose = engine::GeneralPurpose::new(&alphabet::STANDARD, general_purpose::PAD); pub fn decrypts(encoded_result: &str, key: Option<&str>) -> Option { let key = key.unwrap_or("welovenfts"); - let mut padded_key = key.as_bytes().to_vec(); - while padded_key.len() < 16 { - padded_key.push(b'\0'); - } + let padded_key = normalize_key(key); let result_bytes = CUSTOM_ENGINE.decode(encoded_result).ok()?; let iv = &result_bytes[..16]; let hmac = &result_bytes[16..48]; diff --git a/src/encryption/text.rs b/src/encryption/text.rs index ca7b8b9..18b06d9 100644 --- a/src/encryption/text.rs +++ b/src/encryption/text.rs @@ -65,6 +65,14 @@ const CUSTOM_ENGINE: engine::GeneralPurpose = engine::GeneralPurpose::new(&alphabet::STANDARD, general_purpose::PAD); + pub(crate) fn normalize_key(key: &str) -> Vec { + let mut padded_key = key.as_bytes().to_vec(); + while padded_key.len() < 16 { + padded_key.push(b'\0'); + } + padded_key.truncate(16); + padded_key + } pub fn encrypts(input: &str, key: Option<&str>, strength: Option<&str>) -> Option { let cipher = Cipher::aes_128_cbc(); @@ -79,11 +87,7 @@ let random_bytes = generate_random_bytes(num_bytes); iv = CUSTOM_ENGINE.encode(random_bytes); } - let mut padded_key = key.as_bytes().to_vec(); - while padded_key.len() < 16 { - padded_key.push(b'\0'); - } - padded_key.truncate(16); + let padded_key = normalize_key(key); let ciphertext = encrypt(cipher, &padded_key, Some(iv.as_bytes()), input.as_bytes()).unwrap(); let hmac = calculate_hmac(&ciphertext, &padded_key); if hmac.ct_eq(&calculate_hmac(&ciphertext, &padded_key)).unwrap_u8() == 1 { @@ -114,4 +118,3 @@ rng.fill(&mut random_bytes[..]); random_bytes } - diff --git a/src/lib.rs b/src/lib.rs index a554a26..2827194 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -50,6 +50,24 @@ assert_eq!(decrypted, Some(input.to_string())); } + #[test] + fn test_encrypts_decrypts_with_long_key() { + let input = "ThisIsJustaTestString"; + let key = Some("this_key_is_longer_than_sixteen_bytes"); + let encrypted = encrypts(input, key.clone(), None); + let decrypted = decrypts(encrypted.as_ref().unwrap(), key); + assert_eq!(decrypted, Some(input.to_string())); + } + + #[test] + fn test_encrypts_decrypts_with_unicode_key() { + let input = "ThisIsJustaTestString"; + let key = Some("密码密码密码密码"); + let encrypted = encrypts(input, key.clone(), None); + let decrypted = decrypts(encrypted.as_ref().unwrap(), key); + assert_eq!(decrypted, Some(input.to_string())); + } + #[test] fn test_encrypts_decrypts_without_key() { // Input data to encrypt