Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Crypt CBC with DES3 (from python)

Posted on 2006-11-06
4
Medium Priority
?
1,951 Views
Last Modified: 2012-06-21
I am trying to convert the folowing python code to perl..
------------------------------------------------------
from Crypto.Cipher import DES3

CALC_3DES = 0x6603
iv = 'testtest'
key = 'testtesttesttest'
nonce = 'testtest'
obj = DES3.new(key, DES3.MODE_CBC, iv)
ciph = obj.encrypt(nonce)
print ciph
------------------------------------------------------
But i get a diffrent output with this:
------------------------------------------------------
use Crypt::CBC;
$iv = 'testtest';
$key = 'testtesttesttest';

$cipher = Crypt::CBC->new(
              -cipher      => DES_EDE3,
                        -key         => $key,
                        -iv          => $iv,
                        -header      => 'none');

$ciphertext = $cipher->encrypt("testtest");
print $ciphertext;
------------------------------------------------------
any ideas?
0
Comment
Question by:mattaustin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Author Comment

by:mattaustin
ID: 17883384
I think it has something do to with CALC_3DES = 0x6603, but i dont know what that is or how to use it...?
0
 
LVL 25

Accepted Solution

by:
clockwatcher earned 1160 total points
ID: 17945385
The following seems to work for me:

use MIME::Base64;
use Crypt::CBC;
$iv = "testtest";
$key = "testtesttesttest";
$key = $key.substr($key,0,24-length($key)) if length($key) < 24;  # perl 3DES forces you to use a 112 bit key -- python appears to wrap it

$cipher = Crypt::CBC->new(
                -cipher => DES_EDE3,
                -key    => $key,
                -iv     => $iv,
                -header => 'none',
                -padding => 'null',
                -literal_key => 1
                );

$result = encode_base64($cipher->encrypt("testtest"));
print $result;
print $cipher->decrypt(decode_base64($result)),"\n";

-----
Here's the python side (your script slightly modified to include base64 to get a printable output to compare):

#!/usr/bin/python

from Crypto.Cipher import DES3
import base64

iv = "testtest"
key = "testtesttesttest"
obj = DES3.new(key, DES3.MODE_CBC, iv)

enc = base64.b64encode(obj.encrypt("testtest"))
print enc

dec = DES3.new(key, DES3.MODE_CBC, iv)
print dec.decrypt(base64.b64decode(enc))
0
 
LVL 2

Author Comment

by:mattaustin
ID: 17949466
Thank you, But how exactly did you figure that out?  Did i miss something in a doc or something?
0
 
LVL 25

Expert Comment

by:clockwatcher
ID: 17949582
The python documentation blows to put it mildly.   I just did a bit of experimentation and set some flags based on the Crypt::CBC documentation (http://search.cpan.org/~lds/Crypt-CBC-2.22/CBC.pm) that made sense to set based on the results I was seeing from the python encrypt.  If you have the choice, I'd change your python key to be 24 bytes.   I don't know if it's common practice to reuse the first 8 of the key for the final encrypt (just guessed that it was-- makes sense that it is) but to be on the safe side I'd go with the full key.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question