Skip Menu |

This queue is for tickets about the WebService-Pandora CPAN distribution.

Report information
The Basics
Id: 112971
Status: resolved
Priority: 0/
Queue: WebService-Pandora

People
Owner: DEFCON [...] cpan.org
Requestors: SREZIC [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 0.3
Fixed in: (no value)



Subject: Tests fail with recent Crypt::ECB versions
With Crypt::ECB 2.10 or 2.05 all tests fail like this: ... t/critic.t ........ skipped: RELEASE_TESTING not set in environment Bareword "PADDING_AUTO" not allowed while "strict subs" in use at /tmpfs/.cpan-build-cpansand/2016031306/WebService-Pandora-0.3-ogSGoU/blib/lib/WebService/Pandora/Cryptor.pm line 26. Compilation failed in require at t/cryptor.t line 6. BEGIN failed--compilation aborted at t/cryptor.t line 6. # Looks like your test exited with 255 before it could output anything. t/cryptor.t ....... Dubious, test returned 255 (wstat 65280, 0xff00) Failed 10/10 subtests ... It seems that Crypt::ECB does not define the constant PADDING_AUTO anymore.
Haven't been able to figure out how to get it to work with newer Crypt::ECB. Not sure yet how to mimic the PADDING_AUTO behavior it previously supported. I also tried using Crypt::CBC as docs in the code from earlier versions suggested it was doing the same thing it was, but can't get that working either. I may have to ask for help from the Crypt::ECB author. On Sun Mar 13 03:49:23 2016, SREZIC wrote: Show quoted text
> With Crypt::ECB 2.10 or 2.05 all tests fail like this: > > ... > t/critic.t ........ skipped: RELEASE_TESTING not set in environment > Bareword "PADDING_AUTO" not allowed while "strict subs" in use at > /tmpfs/.cpan-build-cpansand/2016031306/WebService-Pandora-0.3- > ogSGoU/blib/lib/WebService/Pandora/Cryptor.pm line 26. > Compilation failed in require at t/cryptor.t line 6. > BEGIN failed--compilation aborted at t/cryptor.t line 6. > # Looks like your test exited with 255 before it could output > anything. > t/cryptor.t ....... > Dubious, test returned 255 (wstat 65280, 0xff00) > Failed 10/10 subtests > ... > > It seems that Crypt::ECB does not define the constant PADDING_AUTO > anymore.
Eight years after the last release I thought it was okay to make a major upgrade. Which makes subtle changes to the API and which I obviously didn't make transparent enough. Sorry for that! As I thought that exporting global constants isn't that nice and also in order to be more compatible with Crypt::CBC I changed the way that padding() is called. I just had a look at your module. To fix it, in Cryptor.pm just change the line with "crypt->padding( PADDING_AUTO )" to "crypt->padding('standard')". Or leave it out altogether, because 'standard' padding is the default since Crypt-ECB-2.00. Hope that helps! Otherwise just give me a shout.
I tried that and it isn't working. I verified my module still works querying Pandora still using the older version of Crypt::ECB. The error I'm getting: belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/search.pl Argument "1457901431^B^B" isn't numeric in int at lib/WebService/Pandora/Method.pm line 82. Your message length is not a multiple of Blowfish's blocksize (8 bytes). Correct this by hand or tell me to handle padding. That's when I have: $crypt->padding( 'standard' ); $crypt->cipher( 'Blowfish' ); On Sun Mar 13 16:28:41 2016, APPEL wrote: Show quoted text
> Eight years after the last release I thought it was okay to make a > major upgrade. Which makes subtle changes to the API and which I > obviously didn't make transparent enough. Sorry for that! > > As I thought that exporting global constants isn't that nice and also > in order to be more compatible with Crypt::CBC I changed the way that > padding() is called. > > I just had a look at your module. To fix it, in Cryptor.pm just change > the line with "crypt->padding( PADDING_AUTO )" to "crypt-
> >padding('standard')". Or leave it out altogether, because 'standard'
> padding is the default since Crypt-ECB-2.00. > > Hope that helps! Otherwise just give me a shout.
Sorry, that was before I installed the latest version again. All I see at the moment is this: belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/search.pl auth.userLogin error 0: An unexpected error occurred at /Users/mrmccrac/search.pl line 25. So the remote API just doesn't like the data I'm sending it. On Sun Mar 13 16:39:24 2016, DEFCON wrote: Show quoted text
> I tried that and it isn't working. I verified my module still works > querying Pandora still using the older version of Crypt::ECB. The > error I'm getting: > > belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/search.pl > Argument "1457901431^B^B" isn't numeric in int at > lib/WebService/Pandora/Method.pm line 82. > Your message length is not a multiple of Blowfish's blocksize (8 > bytes). Correct this by hand or tell me to handle padding. > > That's when I have: > > $crypt->padding( 'standard' ); > $crypt->cipher( 'Blowfish' ); > > On Sun Mar 13 16:28:41 2016, APPEL wrote:
> > Eight years after the last release I thought it was okay to make a > > major upgrade. Which makes subtle changes to the API and which I > > obviously didn't make transparent enough. Sorry for that! > > > > As I thought that exporting global constants isn't that nice and also > > in order to be more compatible with Crypt::CBC I changed the way that > > padding() is called. > > > > I just had a look at your module. To fix it, in Cryptor.pm just > > change > > the line with "crypt->padding( PADDING_AUTO )" to "crypt-
> > > padding('standard')". Or leave it out altogether, because > > > 'standard'
> > padding is the default since Crypt-ECB-2.00. > > > > Hope that helps! Otherwise just give me a shout.
Hm. Do you think the problem comes from Crypt-ECB? I just ran a "make test" for your module using Crypt-ECB-1.45. Then the same with a patched version and using Crypt-ECB-2.10. Both versions pass the test suite, and in both versions "decrypt" and "encrypt" from Cryptor.pm return the same values. Please let me know if and how I can help you!
On Mon Mar 14 05:41:02 2016, APPEL wrote: Show quoted text
> Hm. Do you think the problem comes from Crypt-ECB? I just ran a "make > test" for your module using Crypt-ECB-1.45. Then the same with a > patched version and using Crypt-ECB-2.10. Both versions pass the test > suite, and in both versions "decrypt" and "encrypt" from Cryptor.pm > return the same values. Please let me know if and how I can help you!
Weird. It seems the behavior is different in Crypt::ECB w.r.t. decrypting. The old way "looks wrong", but does actually work successfully with the Pandora API. I wrote a script testing out the old and new code and gave results below. Notice how the decrypted value is different in Crypt::ECB 1.45, but that is actually working with my Pandora account. #!/usr/bin/perl use strict; use warnings; use WebService::Pandora::Cryptor; use Data::Dumper; # taken from iOS partner my $decryption_key = '20zE1E47BE57$51'; my $encryption_key = '721^26xE22776'; my $cryptor = WebService::Pandora::Cryptor->new( encryption_key => $encryption_key, decryption_key => $decryption_key ); my $str = "meow mix"; my $encrypted_hex = $cryptor->encrypt( $str ); my $decrypted_hex = $cryptor->decrypt( $encrypted_hex ); print "Crypt::ECB version: $Crypt::ECB::VERSION\n"; print "str: $str\n"; print "encrypted: $encrypted_hex\n"; print "decrypted: $decrypted_hex\n"; belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/cryptor.pl Crypt::ECB version: 2.10 str: meow mix encrypted: 529a4ad30540c7ea5206166bc674e507 decrypted: meow mix belthasar:WebService-Pandora-0.3 mrmccrac$ perl -Ilib ~/cryptor.pl Crypt::ECB version: 1.45 str: meow mix encrypted: 529a4ad30540c7ea5206166bc674e507 decrypted: Y�F�1��
The patched version of WebService::Pandora I tried is here: https://github.com/defc0n/WebService-Pandora/compare/rt112971?expand=1 On Mon Mar 14 10:46:54 2016, DEFCON wrote: Show quoted text
> On Mon Mar 14 05:41:02 2016, APPEL wrote:
> > Hm. Do you think the problem comes from Crypt-ECB? I just ran a "make > > test" for your module using Crypt-ECB-1.45. Then the same with a > > patched version and using Crypt-ECB-2.10. Both versions pass the test > > suite, and in both versions "decrypt" and "encrypt" from Cryptor.pm > > return the same values. Please let me know if and how I can help you!
> > Weird. It seems the behavior is different in Crypt::ECB w.r.t. > decrypting. The old way "looks wrong", but does actually work > successfully with the Pandora API. I wrote a script testing out the > old and new code and gave results below. Notice how the decrypted > value is different in Crypt::ECB 1.45, but that is actually working > with my Pandora account. > > #!/usr/bin/perl > > use strict; > use warnings; > > use WebService::Pandora::Cryptor; > use Data::Dumper; > > # taken from iOS partner > my $decryption_key = '20zE1E47BE57$51'; > my $encryption_key = '721^26xE22776'; > > my $cryptor = WebService::Pandora::Cryptor->new( encryption_key => > $encryption_key, > decryption_key => > $decryption_key ); > > my $str = "meow mix"; > > my $encrypted_hex = $cryptor->encrypt( $str ); > my $decrypted_hex = $cryptor->decrypt( $encrypted_hex ); > > print "Crypt::ECB version: $Crypt::ECB::VERSION\n"; > print "str: $str\n"; > print "encrypted: $encrypted_hex\n"; > print "decrypted: $decrypted_hex\n"; > > > > > > belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/cryptor.pl > Crypt::ECB version: 2.10 > str: meow mix > encrypted: 529a4ad30540c7ea5206166bc674e507 > decrypted: meow mix > > > belthasar:WebService-Pandora-0.3 mrmccrac$ perl -Ilib ~/cryptor.pl > Crypt::ECB version: 1.45 > str: meow mix > encrypted: 529a4ad30540c7ea5206166bc674e507 > decrypted: Y�F�1��
Here is "proof" that the module works with ECB 1.45 and WebService::Pandora 0.3, running my example search script with my Pandora credentials: belthasar:WebService-Pandora-0.3 mrmccrac$ perl -Ilib ~/search.pl Songs: Audiomatic & Durs - Sub Focus [S2728576] Lazyfish - Selffocus [S1514162] Tayla And Artemis - Soft Focus [S1357959] T.S.O.L. - Soft Focus [S2317101] Wild Moccasins - Soft Focus [S2435737] K.Flay - Stop, Focus [S1915999] The Ettes - Soft Focus [S725209] Iris Leu - Soft Focus [S2340560] Concord Dawn - Soft Focus [S2069826] Guided By Voices - Surgical Focus [S150148] Baron - Squelch (Subfocus Remix) [S275153] Deep East Music - Shadow Focus [S2891638] This Day & Age - A New Focus [S594098] Stylex - Autofocus [S336510] Noisestorm - Full Focus [S1914010] Armin Van Buuren - Full Focus [S1571354] Panama Wedding - Into Focus [S4981509] De La Soul - En Focus [S297371] Getter - Lose Focus [S2180216] Dan Matic - Mind Focus [S2396648] 25 Ta Life - Refocus [S1473965] High Tension Wires - Can't Focus [S936942] The Vandermark 5 - In Focus [S309380] DJ Platurn - En Focus [S199826] The Johnny Starlings - Into Focus [S785567] Tony Tillman - Refocus [S2165441] Cazal Organism - En Focus [S3575728] Artists: Sub Focus [R157587] Sub Focus & TC [R424520] Deep Focus [R317789] On Mon Mar 14 10:48:41 2016, DEFCON wrote: Show quoted text
> The patched version of WebService::Pandora I tried is here: > https://github.com/defc0n/WebService-Pandora/compare/rt112971?expand=1 > > On Mon Mar 14 10:46:54 2016, DEFCON wrote:
> > On Mon Mar 14 05:41:02 2016, APPEL wrote:
> > > Hm. Do you think the problem comes from Crypt-ECB? I just ran a > > > "make > > > test" for your module using Crypt-ECB-1.45. Then the same with a > > > patched version and using Crypt-ECB-2.10. Both versions pass the > > > test > > > suite, and in both versions "decrypt" and "encrypt" from Cryptor.pm > > > return the same values. Please let me know if and how I can help > > > you!
> > > > Weird. It seems the behavior is different in Crypt::ECB w.r.t. > > decrypting. The old way "looks wrong", but does actually work > > successfully with the Pandora API. I wrote a script testing out the > > old and new code and gave results below. Notice how the decrypted > > value is different in Crypt::ECB 1.45, but that is actually working > > with my Pandora account. > > > > #!/usr/bin/perl > > > > use strict; > > use warnings; > > > > use WebService::Pandora::Cryptor; > > use Data::Dumper; > > > > # taken from iOS partner > > my $decryption_key = '20zE1E47BE57$51'; > > my $encryption_key = '721^26xE22776'; > > > > my $cryptor = WebService::Pandora::Cryptor->new( encryption_key => > > $encryption_key, > > decryption_key => > > $decryption_key ); > > > > my $str = "meow mix"; > > > > my $encrypted_hex = $cryptor->encrypt( $str ); > > my $decrypted_hex = $cryptor->decrypt( $encrypted_hex ); > > > > print "Crypt::ECB version: $Crypt::ECB::VERSION\n"; > > print "str: $str\n"; > > print "encrypted: $encrypted_hex\n"; > > print "decrypted: $decrypted_hex\n"; > > > > > > > > > > > > belthasar:WebService-Pandora mrmccrac$ perl -Ilib ~/cryptor.pl > > Crypt::ECB version: 2.10 > > str: meow mix > > encrypted: 529a4ad30540c7ea5206166bc674e507 > > decrypted: meow mix > > > > > > belthasar:WebService-Pandora-0.3 mrmccrac$ perl -Ilib ~/cryptor.pl > > Crypt::ECB version: 1.45 > > str: meow mix > > encrypted: 529a4ad30540c7ea5206166bc674e507 > > decrypted: Y�F�1��
Ok, now I understand. You use different keys for en- and decryption. So, decrypting should never yield the original plaintext. With Crypt-ECB-2.00 a change in the key within the same Crypt::ECB object is no longer recognized, which is why a) your test script yields the plaintext, and b) search.pl isn't working any longer. Please try the attached patched ECB.pm. If it works, I will prepare and upload a new version of Crypt-ECB. Sorry for the inconvenience.
Subject: ECB.pm

Message body is not shown because it is too large.

Subject: Re: [rt.cpan.org #112971] Tests fail with recent Crypt::ECB versions
Date: Mon, 14 Mar 2016 16:10:23 -0400
To: bug-WebService-Pandora [...] rt.cpan.org
From: Mitch McCracken <mrmccrac [...] gmail.com>
this appears to be working fine now using my new branch, thanks. FWIW I doubt anyone actually uses my library for anything, at least not that I've seen :) I'll do another release after you've pushed your changes. On Mon, Mar 14, 2016 at 12:18 PM, Christoph Appel via RT < bug-WebService-Pandora@rt.cpan.org> wrote: Show quoted text
> Queue: WebService-Pandora > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=112971 > > > Ok, now I understand. You use different keys for en- and decryption. So, > decrypting should never yield the original plaintext. > > With Crypt-ECB-2.00 a change in the key within the same Crypt::ECB object > is no longer recognized, which is why a) your test script yields the > plaintext, and b) search.pl isn't working any longer. > > Please try the attached patched ECB.pm. If it works, I will prepare and > upload a new version of Crypt-ECB. Sorry for the inconvenience. >
Crypt-ECB-v2.15 just uploaded to CPAN. I hope, this will work now and won't bring up any new problems. ;-) And just the same for me. I wasn't aware that anybody was actually using my module. Which is why I changed the API with v2.00 without thinking and without providing any notes on upgrading. Well, hopefully everything now works again as expected.
Subject: Re: [rt.cpan.org #112971] Tests fail with recent Crypt::ECB versions
Date: Tue, 15 Mar 2016 08:45:09 -0400
To: "bug-WebService-Pandora [...] rt.cpan.org" <bug-WebService-Pandora [...] rt.cpan.org>
From: Mitch McCracken <mrmccrac [...] gmail.com>
Metacpan has the reverse dependencies feature: https://metacpan.org/requires/distribution/Crypt-ECB?sort=[[2,1]] On Tuesday, March 15, 2016, Christoph Appel via RT < bug-WebService-Pandora@rt.cpan.org> wrote: Show quoted text
> Queue: WebService-Pandora > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=112971 > > > Crypt-ECB-v2.15 just uploaded to CPAN. I hope, this will work now and > won't bring up any new problems. ;-) > > And just the same for me. I wasn't aware that anybody was actually using > my module. Which is why I changed the API with v2.00 without thinking and > without providing any notes on upgrading. Well, hopefully everything now > works again as expected. >
Should be fixed in the 0.4 release, which requires/uses the 2.15 release of Crypt::ECB to fix the problems introduced in 2.00 there.