"Unsupported cipher algorithm" in OpenSSL

(Forrest) #1

Hello everyone,

Currently, I'm doing my darndest to implement SSL file transfers. Using Net::SSH, I get "`initialize': Unsupported cipher algorithm (aes-128-cbc). (RuntimeError)" At first I thought this was a problem with the Net::SSH module, but it turns out that my SSL module seems to support no ciphers:
irb(main):004:0> c=OpenSSL::Cipher::Cipher.new("des-ede-cbc")
RuntimeError: Unsupported cipher algorithm (des-ede-cbc).
         from (irb):4:in `initialize'
         from (irb):4:in `new'
         from (irb):4

···

from :0

I've tried this with multiple ciphers, to no avail.

Looking at the openssl/cipher.rb, it seems that a few classes are automatically made, but they don't work either:

irb(main):013:0> c=OpenSSL::Cipher::DES.new()
RuntimeError: Unsupported cipher algorithm (DES).
         from (eval):5:in `initialize'
         from (irb):13:in `new'
         from (irb):13
         from :0

For reference:

forrest@apok-2 ~/testcode $ ruby -v
ruby 1.8.2 (2004-12-25) [x86_64-linux]

forrest@apok-2 ~/testcode $ uname -a
Linux apok-2 2.6.9-gentoo-r14 #1 SMP Wed Mar 23 09:00:03 EST 2005 x86_64 AMD Opteron(tm) Processor 244 AuthenticAMD GNU/Linux

GCC version: gcc version 3.4.3 20041125 (Gentoo 3.4.3-r1, ssp-3.4.3-0, pie-8.7.7)

I've searched high and low; the only remotely informative thing I found was in a thread in May of 2004. I used the example provided within ( c=OpenSSL::Cipher::Cipher.new("DES") ) and got the same problems.

Does anyone know what's going on here, and/or how to fix it?

Thanks,
--
Forrest

(Jamis Buck) #2

A few more questions to see if we can narrow the scope of the problem:

1) What does the output of "openssl --help" tell you? There should be a section at the bottom of the output listing all available cipher commands. Are the ones you were requesting available?

2) Are you using a stock build of ruby, or a custom build?

3) What version of OpenSSL do you have installed?

- Jamis

···

On Aug 12, 2005, at 4:56 PM, Forrest wrote:

Hello everyone,

Currently, I'm doing my darndest to implement SSL file transfers. Using Net::SSH, I get "`initialize': Unsupported cipher algorithm (aes-128-cbc). (RuntimeError)" At first I thought this was a problem with the Net::SSH module, but it turns out that my SSL module seems to support no ciphers:
irb(main):004:0> c=OpenSSL::Cipher::Cipher.new("des-ede-cbc")
RuntimeError: Unsupported cipher algorithm (des-ede-cbc).
        from (irb):4:in `initialize'
        from (irb):4:in `new'
        from (irb):4
        from :0

I've tried this with multiple ciphers, to no avail.

Looking at the openssl/cipher.rb, it seems that a few classes are automatically made, but they don't work either:

irb(main):013:0> c=OpenSSL::Cipher::DES.new()
RuntimeError: Unsupported cipher algorithm (DES).
        from (eval):5:in `initialize'
        from (irb):13:in `new'
        from (irb):13
        from :0

For reference:

forrest@apok-2 ~/testcode $ ruby -v
ruby 1.8.2 (2004-12-25) [x86_64-linux]

forrest@apok-2 ~/testcode $ uname -a
Linux apok-2 2.6.9-gentoo-r14 #1 SMP Wed Mar 23 09:00:03 EST 2005 x86_64 AMD Opteron(tm) Processor 244 AuthenticAMD GNU/Linux

GCC version: gcc version 3.4.3 20041125 (Gentoo 3.4.3-r1, ssp-3.4.3-0, pie-8.7.7)

I've searched high and low; the only remotely informative thing I found was in a thread in May of 2004. I used the example provided within ( c=OpenSSL::Cipher::Cipher.new("DES") ) and got the same problems.

Does anyone know what's going on here, and/or how to fix it?

Thanks,
--
Forrest

(Forrest) #3

Jamis Buck wrote:

A few more questions to see if we can narrow the scope of the problem:

1) What does the output of "openssl --help" tell you? There should be a section at the bottom of the output listing all available cipher commands. Are the ones you were requesting available?

2) Are you using a stock build of ruby, or a custom build?

3) What version of OpenSSL do you have installed?

forrest@apok-2 ~ $ openssl

version

OpenSSL 0.9.7g 11 Apr 2005
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc
aes-256-ecb base64 bf bf-cbc bf-cfb
bf-ecb bf-ofb cast cast-cbc cast5-cbc
cast5-cfb cast5-ecb cast5-ofb des des-cbc
des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb
des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx idea idea-cbc
idea-cfb idea-ecb idea-ofb rc2 rc2-40-cbc
rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
rc4 rc4-40 rc5 rc5-cbc rc5-cfb
rc5-ecb rc5-ofb

Those ciphers lsited are what I tried first, with no luck. I'm using the Gentoo Ruby package ruby-1.8.2-r2; I'm not sure of the level of customization provided, however (sorry). I know for a fact that it was compiled with the ssl USE flag set, though.

Note: I just recompiled and tested ruby-1.8.2 (that is, not ruby-1.8.2-r2), and it doesn't work either.

Thanks,

···

--
Forrest