OpenSSL decryption problem

ruby-talk
1

Hello,

i have a problem with decryption with the openssl module of ruby.
I try to decrypt a message which is encrypted by another java program.
I have the initialization vector and the key, and I know that the algorithm is Triple-DES with CBC.
What i try is this:

      iv = ...
      key = ...
      cipher = Cipher.new("DES-EDE3-CBC")
      cipher.decrypt(key, iv)
      cipher.key = key
  
      out = cipher.update(text)

      puts("\n\nResult: " + out)

      out << cipher.final()

What i get is an exception "final': bad decrypt (OpenSSL::CipherError)" in the cipher.final() line.
But the output from puts() before the cipher.final() is:

"zó‚INý±This is the message number ".

So, there a 8 bytes in front of the cleartext that seem not decrypted, but one byte at the end is missing, e.g. the message number "1".

To me it shows that the key, iv and algorithm is correct, but what i am missing?

Regards,
Roland

···

________________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt neu bei WEB.DE FreeMail: http://freemail.web.de/?mc=021193

2

Roland Schmitt wrote:

Hello,

i have a problem with decryption with the openssl module of ruby.
I try to decrypt a message which is encrypted by another java program. I have the initialization vector and the key, and I know that the algorithm is Triple-DES with CBC.
What i try is this:

      iv = ...
      key = ...
      cipher = Cipher.new("DES-EDE3-CBC")
      cipher.decrypt(key, iv)
      cipher.key = key
        out = cipher.update(text)

      puts("\n\nResult: " + out)

      out << cipher.final()

What i get is an exception "final': bad decrypt (OpenSSL::CipherError)" in the cipher.final() line.
But the output from puts() before the cipher.final() is:

"zó‚INý±This is the message number ".

So, there a 8 bytes in front of the cleartext that seem not decrypted, but one byte at the end is missing, e.g. the message number "1".

To me it shows that the key, iv and algorithm is correct, but what i am missing?

Well, first of all: I'm no OpenSSL guru. So if I say anything stupid or ignorant, you know why. (Hopefully, if I say anything stupid or ignorant enough, we can tease the real OpenSSL guru's into the open.)

Second, when I use encrypt/decrypt, I invoke them without any parameters, and then set both the iv and key explicitly:

   cipher.decrypt
   cipher.iv = iv
   cipher.key = key

Don't know if that makes any difference at all.

Is there any chance you could post an example (complete with iv, key, and encrypted text) that one could use to duplicate the error? I'd be happy to hack on it to see if I can help figure out what's going on, but I can't get an example that gives the same error. Naturally, I don't want you to compromise your own security, but if you can give use some bogus iv and key to generate the encrypted text in your Java app, that would be great.

- Jamis

···

--
Jamis Buck
jgb3@email.byu.edu
http://www.jamisbuck.org/jamis