Crypt CBC with DES3 (from python)

I am trying to convert the folowing python code to perl..
from Crypto.Cipher import DES3

CALC_3DES = 0x6603
iv = 'testtest'
key = 'testtesttesttest'
nonce = 'testtest'
obj =, DES3.MODE_CBC, iv)
ciph = obj.encrypt(nonce)
print ciph
But i get a diffrent output with this:
use Crypt::CBC;
$iv = 'testtest';
$key = 'testtesttesttest';

$cipher = Crypt::CBC->new(
              -cipher      => DES_EDE3,
                        -key         => $key,
                        -iv          => $iv,
                        -header      => 'none');

$ciphertext = $cipher->encrypt("testtest");
print $ciphertext;
any ideas?
Who is Participating?
clockwatcherConnect With a Mentor Commented:
The following seems to work for me:

use MIME::Base64;
use Crypt::CBC;
$iv = "testtest";
$key = "testtesttesttest";
$key = $key.substr($key,0,24-length($key)) if length($key) < 24;  # perl 3DES forces you to use a 112 bit key -- python appears to wrap it

$cipher = Crypt::CBC->new(
                -cipher => DES_EDE3,
                -key    => $key,
                -iv     => $iv,
                -header => 'none',
                -padding => 'null',
                -literal_key => 1

$result = encode_base64($cipher->encrypt("testtest"));
print $result;
print $cipher->decrypt(decode_base64($result)),"\n";

Here's the python side (your script slightly modified to include base64 to get a printable output to compare):


from Crypto.Cipher import DES3
import base64

iv = "testtest"
key = "testtesttesttest"
obj =, DES3.MODE_CBC, iv)

enc = base64.b64encode(obj.encrypt("testtest"))
print enc

dec =, DES3.MODE_CBC, iv)
print dec.decrypt(base64.b64decode(enc))
mattaustinAuthor Commented:
I think it has something do to with CALC_3DES = 0x6603, but i dont know what that is or how to use it...?
mattaustinAuthor Commented:
Thank you, But how exactly did you figure that out?  Did i miss something in a doc or something?
The python documentation blows to put it mildly.   I just did a bit of experimentation and set some flags based on the Crypt::CBC documentation ( that made sense to set based on the results I was seeing from the python encrypt.  If you have the choice, I'd change your python key to be 24 bytes.   I don't know if it's common practice to reuse the first 8 of the key for the final encrypt (just guessed that it was-- makes sense that it is) but to be on the safe side I'd go with the full key.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.