AES Encryption - ComputerCraft Forums (archive)

SquidDev #1

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 29 May 2014 - 11:33 AM

Inspired by Sha-256 in Lua I chose to implement AES. If you are happy to wait a second or two for almost guaranteed security then this is the program for you!

Usage:


os.loadAPI("aeslua")
local iv = {}
for i = 1, 16 do iv[i] = math.random(1, 255) end
aeslua.encrypt("MyKey", "My Message", aealua.AES128, aeslua.CBCMODE, iv)
aeslua.decrypt("MyKey", "My Encrypted Message", aealua.AES128, aeslua.CBCMODE, iv)

There are some more examples at the tests directory.

Stuff I've based this on: AES for Lua

Getting It:
Its on Github if you want to read all the code. You can fetch the raw file through wget or the HTTP API.

You can also use pastebin to download it: wget https://git.io/aeslua aeslua or pastebin run LYAxmSby get 86925e07cbabd70773e53d781bd8b2fe/aeslua.min.lua aeslua

Edit:
Unknown to me this has already been implemented before, by KleinRefrigerator and KillaVanilla. This implementation gives you access to 128, 192 and 265 bit versions and ECB, CBC, CFB, OFB and CTR modes and so is more flexible.

Edited on 15 March 2018 - 09:41 AM

skwerlman #2

163 posts

Location Pennsylvania

Posted 29 May 2014 - 11:51 AM

Were you aware of the bit API? It's a CC builtin.

theoriginalbit #3

7508 posts

Location Australia

Posted 29 May 2014 - 12:06 PM

skwerlman, on 29 May 2014 - 11:51 AM said:
Were you aware of the bit API? It's a CC builtin.

The CC bit API doesn't have to_bits anymore, and the shift operations don't work the same as in that external API.

SquidDev #4

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 29 May 2014 - 12:21 PM

theoriginalbit, on 29 May 2014 - 12:06 PM said:
skwerlman, on 29 May 2014 - 11:51 AM said:
Were you aware of the bit API? It's a CC builtin.
The CC bit API doesn't have to_bits anymore, and the shift operations don't work the same as in that external API.

Quite. The CC Bit API doesn't work with numbers greater than 2³²-1. I had the same issue as GravityScore did and so had to use an external Bit API.

Retriever #5

7 posts

Location UK

Posted 31 May 2014 - 05:44 PM

Nice and simple API, been trying to get RSA working in CC but i don't understand the math enough to get it fully working and the encryption times were hugely impractical so this will do very nicely :)/>

SquidDev #6

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 31 May 2014 - 05:48 PM

Retriever, on 31 May 2014 - 05:44 PM said:
Nice and simple API, been trying to get RSA working in CC but i don't understand the math enough to get it fully working and the encryption times were hugely impractical so this will do very nicely :)/>

Thanks, nice to know that its helping someone. :)/>

Magik6k #7

Magik6k's profile picture

29 posts

Posted 02 June 2014 - 03:41 PM

Awesome API! I probably see one pretty interesting use to this :D/> .

Anavrins #8

Anavrins's profile picture

756 posts

Posted 03 June 2014 - 02:26 AM

SquidDev, on 29 May 2014 - 11:33 AM said:
Unknown to me this has already been implemented before, by KleinRefrigerator and KillaVanilla. This implimentation gives you access to 128, 192 and 265 bit versions and ECB, CBC, CFB, OFB modes and so is more flexible.

What about CTR mode?
Would be nice to have it too :P/>
Killa's implementation of CTR is broken…

SquidDev #9

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 03 June 2014 - 08:24 AM

Anavrins, on 03 June 2014 - 02:26 AM said:
SquidDev, on 29 May 2014 - 11:33 AM said:
Unknown to me this has already been implemented before, by KleinRefrigerator and KillaVanilla. This implimentation gives you access to 128, 192 and 265 bit versions and ECB, CBC, CFB, OFB modes and so is more flexible.
What about CTR mode?
Would be nice to have it too :P/>
Killa's implementation of CTR is broken…

I'll have a look in to it, looks quite interesting.

GreenByteSoftware #10

127 posts

Location Kaunas, Lithuania

Posted 05 June 2014 - 11:42 AM

Could I use this implementation in my PockyOS (I will give credit)

SquidDev #11

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 05 June 2014 - 11:46 AM

thediamondgames, on 05 June 2014 - 11:42 AM said:
Could I use this implementation in my PockyOS (I will give credit)

Sure, I'm not fussed what happens with it. Thanks for asking though.

GreenByteSoftware #12

127 posts

Location Kaunas, Lithuania

Posted 05 June 2014 - 12:49 PM

SquidDev, on 05 June 2014 - 11:46 AM said:
thediamondgames, on 05 June 2014 - 11:42 AM said:
Could I use this implementation in my PockyOS (I will give credit)

Sure, I'm not fussed what happens with it. Thanks for asking though.

But just noticed problem: When I encrypt my password with the same key as password is, write those symbols to file. While trying to decrypt password by accessing the same symbols from the same file with the same key it doesn't decrypt, tried doing with lua shell and while setting for example x as decrypted text from the file and when I type print(x) it leaves an empty line + everytime I encrypt with the same text I noticed that the symbols are always different.

theoriginalbit #13

7508 posts

Location Australia

Posted 05 June 2014 - 01:02 PM

thediamondgames, on 05 June 2014 - 12:49 PM said:
When I encrypt my password -snip- While trying to decrypt password -snip-

Don't use encryption for passwords, use hashing. I've written up reasons for this a lot, so I'll just link any I can quickly find instead of typing it out again.
An explanation.
Links to SHA256 algorithm implementations.
User Accounts w/ Hashing Code Examples.

Edited on 05 June 2014 - 11:02 AM

GreenByteSoftware #14

127 posts

Location Kaunas, Lithuania

Posted 05 June 2014 - 01:05 PM

theoriginalbit, on 05 June 2014 - 01:02 PM said:
thediamondgames, on 05 June 2014 - 12:49 PM said:
When I encrypt my password -snip- While trying to decrypt password -snip-
Don't use encryption for passwords, use hashing. I've written up reasons for this a lot, so I'll just link any I can quickly find instead of typing it out again.
An explanation.
Links to SHA256 algorithm implementations.
User Accounts w/ Hashing Code Examples.

Well yes, after this problem I quickly fitted in gravityscore's sha256 implementation, it works the way better without bugs

DiamondTNT #15

DiamondTNT's profile picture

8 posts

Location Gallifrey

Posted 06 June 2014 - 09:36 PM

What mode of AES does this implementation use?

SquidDev #16

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 07 June 2014 - 09:12 AM


This implimentation gives you access to 128, 192 and 265 bit versions and ECB, CBC, CFB, OFB modes and so is more flexible.

Don't use Electronic Cookbook mode (ECB) as it is insecure when encrypting large amounts of data. For more information use see Wikipedia and StackOverflow.

lebalusch #17

50 posts

Posted 29 June 2014 - 06:11 PM

Hi not really following where I am going wrong. So i download your file and store it as AES.

Spoiler

os.loadAPI("AES")
key = "TheKey"
original = "My message Goes here"

E = AES.encrypt( key, original)
D = AES.decrypt( key, E)

–encrypt
print("original: ", original)
print("key: ",key)
print("encrypted: ", E)
print("then back decrypted: ", D)

–decrypt last message This was the last out put of code from above when previously run.
key = "TheKey"
AEScode = "??~ ??? ;?@Ve???;???2?M??????9??"

A = AES.decrypt(key, AEScode)
print("and back: ", A)

print("END")

How do I decrypt the text at a later date? I know the key "TheKey"

SquidDev #18

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 29 June 2014 - 09:04 PM

lebalusch, on 29 June 2014 - 06:11 PM said:
Hi not really following where I am going wrong. So i download your file and store it as AES.

Spoiler
os.loadAPI("AES")
key = "TheKey"
original = "My message Goes here"

E = AES.encrypt( key, original)
D = AES.decrypt( key, E)

–encrypt
print("original: ", original)
print("key: ",key)
print("encrypted: ", E)
print("then back decrypted: ", D)

–decrypt last message This was the last out put of code from above when previously run.
key = "TheKey"
AEScode = "??~ ??? ;?@Ve???;???2?M??????9??"

A = AES.decrypt(key, AEScode)
print("and back: ", A)

print("END")

How do I decrypt the text at a later date? I know the key "TheKey"


os.loadAPI("AES")
local enc = AES.encrypt("MyKey", "My Message")
print(AES.decrypt("MyKey", enc))

This is the basic way of doing it. If you want to save/load the encrypted data to/from a file you will have to use binary mode as normal files don't support characters > 127.

lebalusch #19

50 posts

Posted 29 June 2014 - 09:12 PM

SquidDev, on 29 June 2014 - 09:04 PM said:
lebalusch, on 29 June 2014 - 06:11 PM said:
Hi not really following where I am going wrong. So i download your file and store it as AES.

Spoiler
os.loadAPI("AES")
key = "TheKey"
original = "My message Goes here"

E = AES.encrypt( key, original)
D = AES.decrypt( key, E)

–encrypt
print("original: ", original)
print("key: ",key)
print("encrypted: ", E)
print("then back decrypted: ", D)

–decrypt last message This was the last out put of code from above when previously run.
key = "TheKey"
AEScode = "??~ ??? ;?@Ve???;???2?M??????9??"

A = AES.decrypt(key, AEScode)
print("and back: ", A)

print("END")

How do I decrypt the text at a later date? I know the key "TheKey"
os.loadAPI("AES")
local enc = AES.encrypt("MyKey", "My Message")
print(AES.decrypt("MyKey", enc))
This is the basic way of doing it. If you want to save/load the encrypted data to/from a file you will have to use binary mode as normal files don't support characters > 127.

Is this not effectively what I have done here?


os.loadAPI("AES")
key = "TheKey"
AEScode = "??~ ??? ;?@Ve???;???2?M??????9??"
A = AES.decrypt(key, AEScode)
print("and back: ", A)

theoriginalbit #20

7508 posts

Location Australia

Posted 30 June 2014 - 01:52 AM

if you've manually typed that string based off what the terminal has shown, then you've typed it wrong, any non-displaying character in ComputerCraft is drawn with a '?'

SquidDev #21

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 30 June 2014 - 11:40 AM

theoriginalbit, on 30 June 2014 - 01:52 AM said:
if you've manually typed that string based off what the terminal has shown, then you've typed it wrong, any non-displaying character in ComputerCraft is drawn with a '?'

That never actually occurred to me. You can always escape the string (local AESCode = string.format("%q", enc) - from memory so I might be wrong) if you need to store it in the code.

lebalusch #22

50 posts

Posted 30 June 2014 - 04:26 PM

All i have been trying to do is Encrypt a string. From there save the cipher message in a file. then at a later date take the cipher text and decrypt. Yes i was printing to screen as a quick and easy way of getting to the cipher text.

theoriginalbit #23

7508 posts

Location Australia

Posted 01 July 2014 - 02:01 AM

well you definitely cannot do that, the cypher text will contain characters that cannot display, so putting the '?' that you see into your program will not be the same as what it may have been trying to print, for example '\245'

lebalusch #24

50 posts

Posted 01 July 2014 - 04:55 PM

Would printing to and loading from a file be the same? Or is it just the ComputerCraft monitor or terminal cant display all the characters?

theoriginalbit #25

7508 posts

Location Australia

Posted 01 July 2014 - 05:02 PM

no definitely not, writing to a file and then using that would function correctly, it is only the terminal that cannot display the characters, and for good reason too, how do you display a character that doesn't have a graphical representation? well most systems do a ☐ or a ¿ in ComputerCraft's case dan decided to have it render just a normal ?

Lyqyd #26

Lyqyd's profile picture

8543 posts

Posted 01 July 2014 - 05:34 PM

Writing to and reading from files will work correctly in binary mode, but not in textual mode.

lebalusch #27

50 posts

Posted 01 July 2014 - 06:05 PM

Thank you guys this has help explain it a lot.

So if i am getting this right you would take a file you want to encrypt. convert it all to a string. Encrypt it then convert to binary and save to file. When it comes to Decrypting you load file into a string, convert back to textual from binary then Decrypt. Leaving you with a readable file again.

This seems a lot of work to do and loads of coding.

theoriginalbit #28

7508 posts

Location Australia

Posted 01 July 2014 - 06:32 PM

using this API definitely not lots of coding. however if you plan on using this for the server/client architecture you discussed in the PM with me, then sadly you'll quickly find a LuaJ bug with strings that will bring this idea to a grinding halt.

Edited on 01 July 2014 - 04:32 PM

lebalusch #29

50 posts

Posted 01 July 2014 - 07:17 PM

theoriginalbit, on 01 July 2014 - 06:32 PM said:
using this API definitely not lots of coding. however if you plan on using this for the server/client architecture you discussed in the PM with me, then sadly you'll quickly find a LuaJ bug with strings that will bring this idea to a grinding halt.

Thank you for the heads up on that. No i think im just going to make a Network wide loging on program with the passwords SHA256'ed. I was looking at the AES as i was also thinking about files being sent over the network. Luckily I only play with friends on a server so encryption isn't a NEED but if i was to be building programs that i might want to release one day i might as well have a look at how its all done and implement early.

theoriginalbit #30

7508 posts

Location Australia

Posted 02 July 2014 - 12:20 AM

yeah okay so you'll still have the problem unfortunately; sadly if a string comes in contact with the event system is where it gets problematic, any value >127 just becomes 127, it's very annoying. anyway to mitigate against it just use a base64 script; encrypt, convert to base64, send, convert to base10, decrypt.

Anavrins #31

Anavrins's profile picture

756 posts

Posted 02 July 2014 - 07:51 AM

Or you could use tables to store all the bytes of a string and then send the seriallized table over rednet…

Spoiler


function stringToByteArray(sString)
if type(sString) ~= "string" then error("bad argument #1: string expected, got "..type(sString), 2) end
local byteArray = {}
for i = 1, #sString do
  byteArray[i] = sString:sub(i,i):byte()
end
return byteArray
end

function byteArrayToString(byteArray)
if type(byteArray) ~= "table" then error("bad argument #1: table expected, got "..type(byteArray), 2) end
local s = {}
for i = 1, #byteArray do
  s[i] = string.char(byteArray[i])
end
return table.concat(s)
end

Edited on 02 July 2014 - 05:54 AM

theoriginalbit #32

7508 posts

Location Australia

Posted 02 July 2014 - 07:56 AM

Anavrins, on 02 July 2014 - 07:51 AM said:

Or you could use tables to store all the bytes of a string…

Spoiler


function stringToByteArray(sString)
if type(sString) ~= "string" then error("bad argument #1: string expected, got "..type(sString), 2) end
local byteArray = {}
for i = 1, #sString do
  byteArray[i] = sString:sub(i,i):byte()
end
return byteArray
end

function byteArrayToString(byteArray)
if type(byteArray) ~= "table" then error("bad argument #1: table expected, got "..type(byteArray), 2) end
local s = {}
for i = 1, #byteArray do
  s[i] = string.char(byteArray[i])
end
return table.concat(s)
end

that wouldn't fix anything. the LuaJ bug would still exist on the chars as they're passing through the event system.

lebalusch #33

50 posts

Posted 02 July 2014 - 04:29 PM

I'm starting to think a one time key is a far simpler way to go. Anavrins idea of break it into bits, send it then recompile into a string kind of makes sense but you are then left with a far to big string to encrypt/ decrypt.

But lets consider that for one sec could you not break it into chunks encrypt them all individually and then send. at the other end decrypt all the chunks then stick them all back together? Rather than treating it as a document you treat it as a load of sentences?

do you also have a link so i can read about this lua j bug please. This is clearly why i cant find a all in one package to sending and receiving files while encrypting on route.

theoriginalbit #34

7508 posts

Location Australia

Posted 03 July 2014 - 03:35 AM

lebalusch, on 02 July 2014 - 04:29 PM said:
do you also have a link so i can read about this lua j bug please.

I could only find two, there were another two around somewhere that dove slightly deeper into it, but I couldn't find them again. Link 1 Link 2

Edited on 03 July 2014 - 01:35 AM

Goof #35

Goof's profile picture

767 posts

Posted 26 August 2014 - 04:49 PM

Bump;

I just tried this with a 2¹⁶ long string, however it just shutdown the computer.
Is it possible to make it Yield every so often,
The compressed version is quite hard to read, so if possible, how / where do i add it?

Thanks in Advance

Edited on 26 August 2014 - 02:49 PM

jaredallard #36

jaredallard's profile picture

124 posts

Location Seattle, WA

Posted 26 November 2014 - 06:00 PM

Just submitted a pull request too the github, which has it use a different bit library, which also dramatically increases performance.

Rougeminner #37

Rougeminner's profile picture

150 posts

Posted 29 November 2014 - 05:59 AM

i am having trouble with decrypting a rednet message. i thought that maybe if i encrypted the message before i sent it an provided the receiver the proper key it would be able to decrypt arg2 back into humanly readable characters that make sense. where was i wrong with this

Edited on 29 November 2014 - 05:31 AM

1lann #38

1lann's profile picture

515 posts

Location Australia

Posted 29 November 2014 - 06:40 AM

Rougeminner, on 29 November 2014 - 05:59 AM said:
i am having trouble with decrypting a rednet message. i thought that maybe if i encrypted the message before i sent it an provided the receiver the proper key it would be able to decrypt arg2 back into humanly readable characters that make sense. where was i wrong with this

You may need to use a base64 encoder so all of the data is ASCII safe. Here's one from KillaVanilla: http://pastebin.com/pp3kpb19
Make sure you encode before sending through rednet, then decode on receiving.

Rougeminner #39

Rougeminner's profile picture

150 posts

Posted 29 November 2014 - 06:57 PM

if i provide the code can you tell me what i am doing wrong after i implemented base64. right now i have transmit code input2 = Base64.encode(input2) input2 = AES.encrypt("XXXX",input2) redness.broadcast(input2,channel) and receive code is if event == "rednet_message" then arg2 = AES.decrypt(arg2) print(arg1,',',arg2) i get a java election thrown error. is it because i am encoding a string

KingofGamesYami #40

3057 posts

Location United States of America

Posted 29 November 2014 - 07:23 PM

Rougeminner, on 29 November 2014 - 06:57 PM said:
i get a java election thrown error. is it because i am encoding a string

This is meant to encode strings, so no

Rougeminner, on 29 November 2014 - 06:57 PM said:
if i provide the code can you tell me what i am doing wrong after i implemented base64

Yes

Rougeminner, on 29 November 2014 - 06:57 PM said:
right now i have transmit code

input2 = Base64.encode(input2)
input2 = AES.encrypt("XXXX",input2)
redness.broadcast(input2,channel)

and receive code is

if event == "rednet_message" then
arg2 = AES.decrypt(arg2)
print(arg1,',',arg2)

Well, considering you never decrypted from base64, that would never work. Also, since you encrypted in base64 before encrypting with AES, it won't protect against event corruption.


input2 = base64.encode( AES.encrypt( "XXX", input2 ) )
rednet.broadcast( input2 )


if event == "rednet_message" then
  arg2 = AES.decrypt( base64.decrypte( arg2 ) ) 
  print(arg1,',',arg2)

Rougeminner #41

Rougeminner's profile picture

150 posts

Posted 30 November 2014 - 01:16 AM

KingofGamesYami, on 29 November 2014 - 07:23 PM said:
Rougeminner, on 29 November 2014 - 06:57 PM said:
i get a java election thrown error. is it because i am encoding a string
This is meant to encode strings, so no
Rougeminner, on 29 November 2014 - 06:57 PM said:
if i provide the code can you tell me what i am doing wrong after i implemented base64
Yes
Rougeminner, on 29 November 2014 - 06:57 PM said:
right now i have transmit code input2 = Base64.encode(input2) input2 = AES.encrypt("XXXX",input2) redness.broadcast(input2,channel) and receive code is if event == "rednet_message" then arg2 = AES.decrypt(arg2) print(arg1,',',arg2)
Well, considering you never decrypted from base64, that would never work. Also, since you encrypted in base64 before encrypting with AES, it won't protect against event corruption.
 input2 = base64.encode( AES.encrypt( "XXX", input2 ) ) rednet.broadcast( input2 ) 
 if event == "rednet_message" then arg2 = AES.decrypt( base64.decrypte( arg2 ) ) print(arg1,',',arg2) 

what do you mean event corruption. i still get a java exception thrown error. Almost forgot heres my code


os.loadAPI("apps/aes/framework/AES")
os.loadAPI('Base64')
print("please enter encryption key/salt")
key = read("*")
print("please enter protocol")
input3 = read()
rednet.host("rougeminner",input3)
term.setCursorPos(1,1)
term.clear()
string1 = "Rougeminner Has left this chat "--id was ",os.getComputerID()
rednet.open("left")
rednet.broadcast("Rougeminner has joined the Chat")
running = true
while running do
event,arg1,arg2,arg3 = os.pullEventRaw()
if event == "mouse_click" then
if arg1 == 1 and arg2 == 1 and arg3 == 1 then
running = false
rednet.broadcast(string1)--,os.getComputerID())
else
end
elseif event == "key" then
--print(arg1)
if arg1 == 29 then
rednet.broadcast(string1)
term.setCursorPos(1,1)
term.clear()
running = false
end
elseif event == "rednet_message" then
arg2 = Base64.decode(AES.decrypt(key,arg2))
print('ID: ',arg1," message ",arg2)
elseif arg2 == nil then
--print("please enter ID")input1 = read()
--term.setCursorPos(1,17)
--term.setCursorPos(1,10)
print("Enter Message")input2 = read()
--print("please Enter Protocol") input3 = read()
--h = tonumber(input3)
--rednet.broadcast(input2,"TCP1")--input3)
--if input2:sub(1,1) == "/" then
--print("Commands are: /List , /leave , /clear")
if input2 == "/clear" then
term.clear()
term.setCursorPos(1,1)
elseif input2 == "/help" then
print("commands are /help , /clear , and you can press left control to leave along with clicking a cords X1,Y1")
elseif input2 == "/List" or input2 == "/list" then
list = rednet.lookup(input3)
print(list)
--rednet.lookup(input3))
--elseif input2 == "/msg" then
--print("Enter ID")input1 = read()
--input1 = 18--"hi there"
--num = tonumber(input1)
--print("Enter Message") input2 = read()
--print(input1)
--rednet.send(input1,input2,input3)
--end
--elseif input2 == "/leave" then
--input3 = read()
--rednet.broadcast(string1)
--rednet.host("rougeminner's cell",input3)
--elseif input2 == not(nil) then
--rednet.broadcast(input2,input3)
--print("<ME>:",input2)
else
rednet.broadcast(input2,input3)
input2 = Base64.encode(AES.encrypt(key,input2))
print("<ME>:",input2)
end
else
end
end

Yes the code is very unorganized and hard to read right now. i have not had the time to fix with more organized code

Edited on 30 November 2014 - 12:19 AM

SquidDev #42

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 30 November 2014 - 01:47 PM

Rougeminner, on 30 November 2014 - 01:16 AM said:
what do you mean event corruption. i still get a java exception thrown error. Almost forgot heres my code

There is a bug in LuaJ which can result in any byte above 127 being corrupted. This is obvious when sending rednet, or saving to files. To prevent this you can base64 encode it.

Instead of doing:


Base64.decode(AES.decrypt(key,arg2))

we do


AES.decrypt(key, Base64.decode(arg2)) -- These should be swapped around

So we convert Hello to sfdhfjshdfjks which we base64 encode to c2ZkaGZqc2hkZmprcw==. We then run the process in reverse(b64 => encrypted => decrypted).

On a style guide, code is easier to read indented and you should really be using locals, but that isn't that important.

SquidDev #43

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 20 December 2014 - 10:03 AM

I've just released a new version. I've rewritten the bit library to use native operations as much as possible. It now runs at 30 kB/s (which means this is now the fastest AES implementation on the forums). Due to better minification and bit library improvements, the code base is less than 12kB.

As ever the pastebin is 9E5UHiqv (DMx8M0LP for the unminfied version).

Edited on 20 December 2014 - 09:05 AM

Rokin05 #44

Rokin05's profile picture

8 posts

Posted 01 January 2015 - 05:14 PM

Hi, thank you for this script !
I'm beginner in CC and i have a problem, i don't know if it's me or the script, can you help me ? :

sample script for testing :

Computer1 (Client) :


os.loadAPI("AES")
os.loadAPI("Base64")

password = "1235"

-- plug monitor
local monitor = peripheral.find("monitor", function(name, object) object.side = name return true end)

-- plug modem
local modem = peripheral.find( "modem", function( name, obj ) return obj.isWireless() end)

msg = "Hello world !"
msg = AES.encrypt(password, msg)
msg = Base64.encode(msg)
           
modem.transmit(3, 1, msg)

Computer2 (Server) :


os.loadAPI("AES")
os.loadAPI("Base64")

password = "1235"

-- plug monitor
local monitor = peripheral.find("monitor", function(name, object) object.side = name return true end)

-- plug modem
local modem = peripheral.find( "modem", function( name, obj ) return obj.isWireless() end)

while true do
  modem.open(3)
  local event, modemSide, senderChannel,
  replyChannel, msg, senderDistance = os.pullEvent("modem_message")

  msg = Base64.decode(msg)
  msg = AES.decrypt(password, msg)
  monitor.write(msg)

  modem.closeAll()
end

So :

Computer 1 : msg -> AES -> Base64 -> ———— channel 3 ————- -> computer 2 -> Base64 -> AES -> read msg

ok if my AES password for crypt/decrypt is the same, its work good
now my problem it's if computer1 password != computer2 password my computer2 program halt and go back to the CC shell with this error : "Java exception thrown"

How can i fix it please ?

I have try with pastebin 9E5UHiqv and (DMx8M0LP for the unminfied version).
Direwolf 1.0.1 (1.7)
ComputerCraft1.65

thank tou !

SquidDev #45

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 02 January 2015 - 04:47 PM

Rokin05, on 01 January 2015 - 05:14 PM said:
-snip-

I've been unable to replicate this, I've updated the pastebin in case I've made changes and not updated it in the past but it should be fine.
Is there anything after "Java exception thrown"? Either a line number or a message.

Also I've written a little script (pastebin get MQ4jFFAQ trace) which can be used like trace myscript. This should provide a traceback or at least an error if something breaks. Can you tell me the output.

Edited on 02 January 2015 - 03:47 PM

Rokin05 #46

Rokin05's profile picture

8 posts

Posted 03 January 2015 - 12:14 PM

Thank you for your reply, my bad, after your post and 2h of try i have found my problem, it's not the AES api my problem it's just a big noob error :
(the trace script dont really help me because i don't return my problem, but after 150 "monitor.write" line per line i found it :D/>)

Client :


-- CLIENT
-- plug monitor
local monitor = peripheral.find("monitor", function(name, object) object.side = name return true end)
-- plug modem
local modem = peripheral.find( "modem", function( name, obj ) return obj.isWireless() end)

local password = "1234"

os.loadAPI("system/api/AES")
os.loadAPI("system/api/base64")

while true do
  write("send : ")
  msg= read()
  msg = AES.encrypt(password, msg)
  msg = base64.encode(msg)
		  
  modem.transmit(3, 1, msg)
end

Server :


-- SERVER1
-- plug monitor
local monitor = peripheral.find("monitor", function(name, object) object.side = name return true end)
-- plug modem
local modem = peripheral.find( "modem", function( name, obj ) return obj.isWireless() end)

local password = "imabadpwd"

os.loadAPI("system/api/AES")
os.loadAPI("system/api/base64")

function newLine()
  local _,cY= monitor.getCursorPos()
  monitor.setCursorPos(1,cY+1)
end

function monclear()
  monitor.clear()
  monitor.setCursorPos(1,1)
end

while true do
  modem.open(3)
 
  local event, modemSide, senderChannel,
  replyChannel, msg, senderDistance = os.pullEventRaw("modem_message")
  monclear()
  monitor.write("Base64: "..msg)
  msg = base64.decode(msg)
 
  newLine()
  monitor.write("AES: "..msg)
  msg = AES.decrypt(password, msg)
 
  newLine()
  if msg == nil then msg = "error" end
 
  monitor.write("MSG : "..msg)
  modem.closeAll()
end

the problem :


msg = AES.decrypt(password, msg)
[color=#FF0000]monitor.write("MSG : "..msg) -- error ([/color][color=#FF0000]msg = nil)[/color]

with script like that, its good :


msg = AES.decrypt(password, msg)
[color=#008000]if msg == nil then msg = "decrypt error (bad pwd)" end[/color]



monitor.write("MSG : "..msg)

:rolleyes:/> thank you !

Phaneron #47

Phaneron's profile picture

3 posts

Posted 11 August 2015 - 05:24 AM

I've tried to load and use the program, but I keep running into odd errors. Could anybody illuminate me as to what I am doing wrong? ComputerCraft 1.73

Edited on 11 August 2015 - 04:37 AM

SquidDev #48

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 11 August 2015 - 07:50 AM

Phaneron, on 11 August 2015 - 05:24 AM said:
I've tried to load and use the program, but I keep running into odd errors. Could anybody illuminate me as to what I am doing wrong? ComputerCraft 1.73

From what I can tell, the issue comes with printing 'unprintable' characters. If you call AES.util.toHexString(AES.encrypt("key", "message")) then it shouldn't error. However, due to changes in the Bit API decryption is currently broken in CC 1.74 so be warned. I'm looking into fixing it but have so many projects on the go right now I haven't got round to fixing it. Sorry.

TheOddByte #49

1852 posts

Location Sweden

Posted 12 September 2015 - 11:25 PM

Hey, just checking here too see if you've updated this for the latest version of CC, if I remember correctly it wasn't working too well with the changes made to the bit API or something right? So yeah, have you updated this? I'm not that active on github so I haven't checked there for any changes recently.

SquidDev #50

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 15 September 2015 - 01:00 PM

TheOddByte, on 12 September 2015 - 11:25 PM said:
Hey, just checking here too see if you've updated this for the latest version of CC, if I remember correctly it wasn't working too well with the changes made to the bit API or something right?

Ahhh, no. What I'll do for the time being is roll back to the old bit API I was using, which is slower but works with CC 1.74, and then try to bugfix. Sorry.

Edited on 15 September 2015 - 11:00 AM

SquidDev #51

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 15 September 2015 - 04:49 PM

SquidDev, on 15 September 2015 - 01:00 PM said:
TheOddByte, on 12 September 2015 - 11:25 PM said:
Hey, just checking here too see if you've updated this for the latest version of CC, if I remember correctly it wasn't working too well with the changes made to the bit API or something right?

Ahhh, no. What I'll do for the time being is roll back to the old bit API I was using, which is slower but works with CC 1.74, and then try to bugfix. Sorry.

Right, fixed. I didn't have to roll back to the old system, though I've dropped from 30kb/s to 26kb/s which isn't ideal. I'm hoping the bit library changes will be fixed, but I'll have to wait and see :)/>.

TheOddByte #52

1852 posts

Location Sweden

Posted 16 September 2015 - 07:33 PM

SquidDev, on 15 September 2015 - 04:49 PM said:
- snip -

Great to hear that it's working atleast.

TrumpetMiner #53

33 posts

Posted 14 December 2015 - 10:48 PM

When I send an encrypted message to another computer it cannot decrypt. Am I doing something wrong?

SquidDev #54

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 15 December 2015 - 01:10 PM

TrumpetMiner, on 14 December 2015 - 10:48 PM said:
When I send an encrypted message to another computer it cannot decrypt. Am I doing something wrong?

You'll have to encode the string in some way - CC cannot send binary data across modems. The easiest way to do it would be to encode it in base64 before sending, and decode before decrypting it.

TrumpetMiner #55

33 posts

Posted 16 December 2015 - 11:29 PM

SquidDev, on 15 December 2015 - 01:10 PM said:
TrumpetMiner, on 14 December 2015 - 10:48 PM said:
When I send an encrypted message to another computer it cannot decrypt. Am I doing something wrong?

You'll have to encode the string in some way - CC cannot send binary data across modems. The easiest way to do it would be to encode it in base64 before sending, and decode before decrypting it.

What would be a good way to encode and decode in base64?

KingofGamesYami #56

3057 posts

Location United States of America

Posted 16 December 2015 - 11:54 PM

I use this. (Or at least, most of that. I don't use the command line part)

Edited on 16 December 2015 - 10:55 PM

TrumpetMiner #57

33 posts

Posted 19 December 2015 - 08:23 PM

KingofGamesYami, on 16 December 2015 - 11:54 PM said:
I use this. (Or at least, most of that. I don't use the command line part)

Thanks, this works great!

SquidDev #58

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 11 April 2016 - 05:16 PM

Just pushed an update to this with several changes:

Allow passing the IV through the main API. I'd recommend this for additional security
Add CTR mode. Almost 2 years after Anavrins asked for it. Sorry :(/>.
143 unit tests! All the NIST test vectors pass.

I've also moved the code to a Gist as it is easier for me to keep up to date. If anyone is pointing this at the pastebin code then please switch to the Gist link.

Edited on 11 April 2016 - 03:23 PM

randomdude999 #59

18 posts

Location Star System Sol, Galactic Sector ZZ9 Plural Z Alpha

Posted 22 May 2016 - 09:40 AM

Hey, I just made installing it even easier:


wget https://git.io/aeslua aeslua

If you don't have wget:


pastebin run xLRDQj9t https://git.io/aeslua aeslua

Edited on 22 May 2016 - 07:49 AM

SquidDev #60

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 22 May 2016 - 10:33 AM

randomdude999, on 22 May 2016 - 09:40 AM said:
-snip-

Whoah, thanks! Didn't know this was a thing. Updated the OP with this.

Restioson #61

Restioson's profile picture

22 posts

Location Secret meeting of the South African Internet Users club

Posted 14 June 2016 - 08:05 AM

Unfortunately, with the latest release by default one cannot connect to GitHub anymore :wacko:/> Please upload it to pastebin.

LoganDark #62

LoganDark's profile picture

239 posts

Location Macintosh HD/Users/LoganDark

Posted 14 June 2016 - 08:18 AM

If you haven't noticed this is not a one-way hash. If you're using it for storing passwords or something that should not be decrypted this is not the system for you. Something that is encrypted can be decrypted by brute force. I recommend a one-way hash function such as SHA256 or PBDKF2 (I got the name right !).

Edited on 14 June 2016 - 06:18 AM

SquidDev #63

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 14 June 2016 - 08:26 AM

Restioson, on 14 June 2016 - 08:05 AM said:
Unfortunately, with the latest release by default one cannot connect to GitHub anymore :wacko:/> Please upload it to pastebin.

What error are you getting? It seems to work OK on my computer so I'm a bit confused. What does http.request("https://gist.githubusercontent.com/SquidDev/86925e07cbabd70773e53d781bd8b2fe/raw/") give you? Sorry about this :(/>.

Edited on 14 June 2016 - 06:27 AM

Restioson #64

Restioson's profile picture

22 posts

Location Secret meeting of the South African Internet Users club

Posted 14 June 2016 - 09:19 AM

Odd… very, very odd! I deleted my ComputerCraft.cfg file under .minecraft/config/ and it worked. Sorry! Must've just been me or my internet. Now it returns true. Pre-delete it returned "false" and "Domain not permitted".

Previously, when I looked in the config, the http whitelist was set like this:

S:http_whitelist=pastebin.com;computercraft.info

or something similar. Now it is set like this:


S:http_whitelist=*

Hmm. That's odd.

Sorry to bother you! :)/>

Edited on 14 June 2016 - 07:32 AM

Bomb Bloke #65

Bomb Bloke's profile picture

7083 posts

Location Tasmania (AU)

Posted 14 June 2016 - 11:00 AM

Used to be that the default CC config indeed limited you to a couple of domains (though you could always change it if you wanted to!). A new default was set quite a long while back, but if you already had a config file in place, you'd of course maintain the old settings.

sloosecannon #66

sloosecannon's profile picture

3 posts

Posted 13 August 2016 - 03:38 AM

LoganDark, on 14 June 2016 - 08:18 AM said:
If you haven't noticed this is not a one-way hash. If you're using it for storing passwords or something that should not be decrypted this is not the system for you. Something that is encrypted can be decrypted by brute force. I recommend a one-way hash function such as SHA256 or PBDKF2 (I got the name right !).

Technically, it's not brute-forcing so much as the fact that you can decrypt it (You're storing the password somewhere, so for anyone with access to the same information your program has or its source code, it's trivial to reverse it). But the point is 100% correct - don't use this for passwords!!!!!

jakejakey #67

96 posts

Posted 21 October 2016 - 12:44 PM

Erm, if I just want to encrypt text and then save it on my local cc computer, will I have the problem with special chars?

Anavrins #68

Anavrins's profile picture

756 posts

Posted 21 October 2016 - 05:30 PM

There's a few solutions for this,
you can either encode the output in hex, unfortunately, this will double the size needed for storage,
or you could encode the output in base64, which would be the most convenient, but again this will take 33% more storage to save,
lastly, you could write the individual bytes with fs.open in binary mode, no storage overhead, but will corrupt if it's opened and saved in a non-binary mode, eg. opened with "edit" then saved.

Edited on 21 October 2016 - 03:31 PM

Dog #69

Dog's profile picture

1220 posts

Location Earth orbit

Posted 22 February 2017 - 05:10 PM

Hey SquidDev,

Thanks for writing this. I'm going to try to implement this in some of my programs to encrypt their communications.

I found what appears to be an oops on line 1134 - you have


assert(password ~= nil, "Empty Data")

Shouldn't that be…


assert(data ~= nil, "Empty Data")