?
Solved

Crypt CBC with DES3 (from python)

Posted on 2006-11-06
4
Medium Priority
?
1,891 Views
Last Modified: 2012-06-21
I am trying to convert the folowing python code to perl..
------------------------------------------------------
from Crypto.Cipher import DES3

CALC_3DES = 0x6603
iv = 'testtest'
key = 'testtesttesttest'
nonce = 'testtest'
obj = DES3.new(key, DES3.MODE_CBC, iv)
ciph = obj.encrypt(nonce)
print ciph
------------------------------------------------------
But i get a diffrent output with this:
------------------------------------------------------
use Crypt::CBC;
$iv = 'testtest';
$key = 'testtesttesttest';

$cipher = Crypt::CBC->new(
              -cipher      => DES_EDE3,
                        -key         => $key,
                        -iv          => $iv,
                        -header      => 'none');

$ciphertext = $cipher->encrypt("testtest");
print $ciphertext;
------------------------------------------------------
any ideas?
0
Comment
Question by:mattaustin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Author Comment

by:mattaustin
ID: 17883384
I think it has something do to with CALC_3DES = 0x6603, but i dont know what that is or how to use it...?
0
 
LVL 25

Accepted Solution

by:
clockwatcher earned 1160 total points
ID: 17945385
The following seems to work for me:

use MIME::Base64;
use Crypt::CBC;
$iv = "testtest";
$key = "testtesttesttest";
$key = $key.substr($key,0,24-length($key)) if length($key) < 24;  # perl 3DES forces you to use a 112 bit key -- python appears to wrap it

$cipher = Crypt::CBC->new(
                -cipher => DES_EDE3,
                -key    => $key,
                -iv     => $iv,
                -header => 'none',
                -padding => 'null',
                -literal_key => 1
                );

$result = encode_base64($cipher->encrypt("testtest"));
print $result;
print $cipher->decrypt(decode_base64($result)),"\n";

-----
Here's the python side (your script slightly modified to include base64 to get a printable output to compare):

#!/usr/bin/python

from Crypto.Cipher import DES3
import base64

iv = "testtest"
key = "testtesttesttest"
obj = DES3.new(key, DES3.MODE_CBC, iv)

enc = base64.b64encode(obj.encrypt("testtest"))
print enc

dec = DES3.new(key, DES3.MODE_CBC, iv)
print dec.decrypt(base64.b64decode(enc))
0
 
LVL 2

Author Comment

by:mattaustin
ID: 17949466
Thank you, But how exactly did you figure that out?  Did i miss something in a doc or something?
0
 
LVL 25

Expert Comment

by:clockwatcher
ID: 17949582
The python documentation blows to put it mildly.   I just did a bit of experimentation and set some flags based on the Crypt::CBC documentation (http://search.cpan.org/~lds/Crypt-CBC-2.22/CBC.pm) that made sense to set based on the results I was seeing from the python encrypt.  If you have the choice, I'd change your python key to be 24 bytes.   I don't know if it's common practice to reuse the first 8 of the key for the final encrypt (just guessed that it was-- makes sense that it is) but to be on the safe side I'd go with the full key.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A year or so back I was asked to have a play with MongoDB; within half an hour I had downloaded (http://www.mongodb.org/downloads),  installed and started the daemon, and had a console window open. After an hour or two of playing at the command …
In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (http://dilbert.com/strips/comic/2007-08…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question