OpenSSL decryption problem

[Roland Schmitt]

Hello,

i have a problem with decryption with the openssl module of ruby.
I try to decrypt a message which is encrypted by another java program.
I have the initialization vector and the key, and I know that the algorithm is Triple-DES with CBC.
What i try is this:

iv = ...
key = ...
cipher = Cipher.new("DES-EDE3-CBC")
cipher.decrypt(key, iv)
cipher.key = key

out = cipher.update(text)

puts("\n\nResult: " + out)

out << cipher.final()

What i get is an exception "final': bad decrypt (OpenSSL::CipherError)" in the cipher.final() line.
But the output from puts() before the cipher.final() is:

"zó‚INý±This is the message number ".

So, there a 8 bytes in front of the cleartext that seem not decrypted, but one byte at the end is missing, e.g. the message number "1".

To me it shows that the key, iv and algorithm is correct, but what i am missing?




Regards,
Roland
________________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt neu bei WEB.DE FreeMail: http://freemail.web.de/?mc=021193

 

[Jamis Buck]

Hello,

i have a problem with decryption with the openssl module of ruby.
I try to decrypt a message which is encrypted by another java program.
I have the initialization vector and the key, and I know that the algorithm is Triple-DES with CBC.
What i try is this:

iv = ...
key = ...
cipher = Cipher.new("DES-EDE3-CBC")
cipher.decrypt(key, iv)
cipher.key = key

out = cipher.update(text)

puts("\n\nResult: " + out)

out << cipher.final()

What i get is an exception "final': bad decrypt (OpenSSL::CipherError)" in the cipher.final() line.
But the output from puts() before the cipher.final() is:

"zó‚INý±This is the message number ".

So, there a 8 bytes in front of the cleartext that seem not decrypted, but one byte at the end is missing, e.g. the message number "1".

To me it shows that the key, iv and algorithm is correct, but what i am missing?

Well, first of all: I'm no OpenSSL guru. So if I say anything stupid or
ignorant, you know why. (Hopefully, if I say anything stupid or ignorant
enough, we can tease the real OpenSSL guru's into the open.)

Second, when I use encrypt/decrypt, I invoke them without any
parameters, and then set both the iv and key explicitly:

cipher.decrypt
cipher.iv = iv
cipher.key = key

Don't know if that makes any difference at all.

Is there any chance you could post an example (complete with iv, key,
and encrypted text) that one could use to duplicate the error? I'd be
happy to hack on it to see if I can help figure out what's going on, but
I can't get an example that gives the same error. Naturally, I don't
want you to compromise your own security, but if you can give use some
bogus iv and key to generate the encrypted text in your Java app, that
would be great.

- Jamis