Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Difference in blowfish encryption between perl and ruby

Tags:

ruby

openssl

encryption

perl

blowfish

Why is there a difference in blowfish encryption between Crypt::CBC (perl) and OpenSSL (ruby)?

Perl

use Crypt::CBC;

my $cipher = Crypt::CBC->new( -key => 'length32length32length32length32', -cipher => 'Blowfish' );
my $ciphertext = $cipher->encrypt_hex('test');

# ciphertext is 53616c7465645f5f409c8b8eb353823c06d9b50537c92e19

Ruby

require "rubygems"
require "openssl"

cipher = OpenSSL::Cipher::Cipher.new("bf-cbc")
cipher.encrypt
cipher.key = "length32length32length32length32"

result = cipher.update("test") << cipher.final
ciphertext = result.unpack("H*").first

# ciphertext is 16f99115a09e0464

Crypt::CBC seems to be prepending Salted__ to the output by default. Can you explain what is going on that is so different between these? Is there a way to make OpenSSL behave in a similar way to Crypt::CBC?

like image 236
joepestro Avatar asked Nov 09 '11 23:11

joepestro

1 Answers

Crypt::CBC (perl) uses its own method to randomize the salt and initialization vector. Plus in the case of Blowfish it uses a key length of 56 as mentioned above.

Using the perl code from your example:

Perl

use Crypt::CBC;

my $cipher = Crypt::CBC->new( -key => 'length32length32length32length32', -cipher =>  'Blowfish' );
my $ciphertext = $cipher->encrypt_hex('test');
# 53616c7465645f5f409c8b8eb353823c06d9b50537c92e19

To decode this using ruby (OpenSSL) requires a little tweaking to extract the key and initialization vector:

Ruby

require 'openssl'

# Hex string to decode(from above)
string = '53616c7465645f5f409c8b8eb353823c06d9b50537c92e19'

# Pack Hex
string = [string].pack('H*')

# Some Config
pass = 'length32length32length32length32'
key_len = 56;
iv_len  = 8;
desired_len = key_len + iv_len;
salt_re = /^Salted__(.{8})/

#Extract salt
salt = salt_re.match(string)
salt = salt.captures[0]
data  = '';
d = '';
while (data.length < desired_len)
  d = Digest::MD5::digest("#{d}#{pass}#{salt}");
  data << d;
end

#Now you have extracted your key and initialization vector
key = data.slice(0..key_len-1)
iv = data.slice(key_len .. -1)

# Trim string of salt
string = string[16..-1]

cipher = OpenSSL::Cipher::Cipher.new "bf-cbc"
cipher.decrypt
cipher.key_len = key_len
cipher.key = key
cipher.iv = iv

puts cipher.update(string) << cipher.final
# test
like image 114
bwicklund Avatar answered Oct 10 '22 08:10

bwicklund
Sign in to Comment

Related questions

How to force a vertical table or limit columns in Hirb?
What do i need to know to contribute to Rails? [closed]
Class vs Module in designing Ruby API?
Write byte to Arduino from Ruby over serial
"uninitialized constant" when included test helper module
How can I input multibyte characters in rails console (or irb)?
How does one quickly access ruby and rails documentation when using vim?
No progress installing ruby via macports. How long should this action take?
Cannot rake db:create:all -- Couldn't create database for {"encoding"=>"utf8", "username"=>"root", "adapter"=>"mysql"
watir-webdriver checking table size rows and columns count
Ruby: JSON.parse returns undefined method `bytesize' for
Running phantomjs from a Ruby on Rails application
How to refer a local gem in ruby?
ruby blocks not first-class
How to configure MongoMapper and ActiveRecord in same Ruby Rails Project
Cannot Login to Amazon with Ruby Mechanize
simple hash merge by array of keys and values in ruby (with perl example)
How to "transform" an array in a sentence?
ways to define a global method in ruby
How does foo(&nil) behave differently than foo(&"not a proc")?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!