openssl ciphers

Discussion in 'Ruby' started by Jamis Buck, Apr 13, 2004.

  1. Jamis Buck

    Jamis Buck Guest

    This is just an update on my last message. I managed to figure out how
    to use the OpenSSL ciphers to do the encryption/decryption--took a
    little doing, but once I figured it out it was almost ridiculously easy.
    For future reference, here's how you do it:

    require 'openssl'
    require 'base64'

    cipher = OpenSSL::Cipher::DES.new

    password = "hullabaloo"
    cipher.encrypt( password )
    result = cipher.update( "some text to encrypt" )
    result << cipher.final

    puts encode64( result )

    cipher.decrypt( password )
    result = cipher.update( result )
    result << cipher.final

    puts result

    If anyone has any suggestions for doing it better, please let me know.

    --
    Jamis Buck

    http://www.jamisbuck.org/jamis

    ruby -h | ruby -e
    'a=[];readlines.join.scan(/-(.)\[e|Kk(\S*)|le.l(..)e|#!(\S*)/) {|r| a <<
    r.compact.first };puts "\n>#{a.join(%q/ /)}<\n\n"'
    Jamis Buck, Apr 13, 2004
    #1
    1. Advertising

  2. NAKAMURA, Hiroshi, Apr 14, 2004
    #2
    1. Advertising

  3. Jamis Buck

    Vance Heron Guest

    Hello,
    I'm a relatively new user, trying to build an app that
    will do an NTLM authentication over HTTP.

    Part of the algorithm involves DES encrypting the
    string "KGS!@#$%" using a key consisting of the
    following bytes:
    "0x52 0xa2 0x51 0x6b 0x25 0x2a 0x51 0x61"

    In the example, the encrypted text is supposed to be:
    "0xff 0x37 0x50 0xbc 0xc2 0xb2 0x24 0x12"

    but when using openssl in ruby I get
    "0xc7 0x17 0x53 0x90 0x28 0x9e 0xa1 0xe3
    0x04 0xa4 0xbe 0x0b 0x1a 0xb8 0xf6 0x29"

    which is twice a long, in addition to being
    different from what's expected.

    Here's the ruby code segment I'm using...
    des = OpenSSL::Cipher::Cipher.new("DES")
    des.encrypt( key1 )
    res1 = des.update( magic )
    res1 << des.final

    Instantiating des with
    des = OpenSSL::Cipher::DES.new gives the same
    undesired result

    Using DES-ECB gives a different answer, also not the
    expected/desired one.

    It works in C with the following code ...

    /* encrypt magic w/DES using Key 1 */
    des_set_key_checked((const_des_cblock *)key1, sked);
    des_ecb_encrypt((const_des_cblock *) magic, \
    (const_des_cblock *)lmhash, sked, 1);

    Any thoughts or help would be appreciated.

    Thank You,
    Vance
    Vance Heron, Apr 15, 2004
    #3
  4. Jamis Buck

    ts Guest

    >>>>> "V" == Vance Heron <> writes:

    V> Here's the ruby code segment I'm using...
    V> des = OpenSSL::Cipher::Cipher.new("DES")
    V> des.encrypt( key1 )
    V> res1 = des.update( magic )
    V> res1 << des.final

    Well, probably I've not understood but you don't want this ?

    des = OpenSSL::Cipher::Cipher.new("DES-ECB")
    des.key = key1
    des.encrypt(magic)
    p des.final


    Guy Decoux
    ts, Apr 15, 2004
    #4
  5. Jamis Buck

    Sam Roberts Guest

    Wrote Vance Heron <>, on Thu, Apr 15, 2004 at 11:47:16AM +0900:
    > Hello,
    > I'm a relatively new user, trying to build an app that
    > will do an NTLM authentication over HTTP.
    >
    > Part of the algorithm involves DES encrypting the
    > string "KGS!@#$%" using a key consisting of the
    > following bytes:
    > "0x52 0xa2 0x51 0x6b 0x25 0x2a 0x51 0x61"
    >
    > In the example, the encrypted text is supposed to be:
    > "0xff 0x37 0x50 0xbc 0xc2 0xb2 0x24 0x12"
    >
    > but when using openssl in ruby I get
    > "0xc7 0x17 0x53 0x90 0x28 0x9e 0xa1 0xe3
    > 0x04 0xa4 0xbe 0x0b 0x1a 0xb8 0xf6 0x29"
    >
    > which is twice a long, in addition to being
    > different from what's expected.


    If its an extra block long, is it possible the APIs you use accept
    variable length input, and implement a padding algorithm (thus an extra
    block)? And that they default to CBC, which requires an IV (thus the
    different first block)?

    The ruby calls below have a "final", the purpose of which is usually to
    add padding.

    Cheers,
    Sam

    --
    Sam Roberts <>
    Sam Roberts, Apr 15, 2004
    #5
  6. Jamis Buck

    Vance Heron Guest

    --=-P3l961nwWZr1Avo90Fwz
    Content-Type: text/plain; charset=ISO-8859-15
    Content-Transfer-Encoding: quoted-printable

    Thank you for the quick response.

    This seems better, but I'm still not getting the desired answer.

    I'm using ruby-1.8.1 on Redhat 7.3 system.
    Same system used for both Ruby and C versions ...

    Here are two short example
    programs - first in C, giving the correct answer

    The C compilation line is
    gcc sample1.c -lssl -o sample1

    --- sample1.c ---
    #include <openssl/des.h>

    void dmp_blk(int l, char *b)
    {
    int i;
    for (i=3D0; i<l; i++) printf ("%02x ",(b & 0xFF));
    printf ("\n");
    }

    main(int argc, char *argv[])
    {

    char magic[]=3D"KGS!@#$%";
    char key1[]=3D"R=A2Qk%*Qa";
    des_key_schedule sked;
    unsigned char res[9];

    /* encrypt magic w/DES Key 1 */
    des_set_key_checked((const_des_cblock *)key1, sked);
    des_ecb_encrypt((const_des_cblock *) magic, \
    (const_des_cblock *)res, sked, 1);

    printf ("Results of DES encryption\n");
    printf ("Key: %s Plaintext: %s\n", key1, magic);
    dmp_blk(8,res);
    }
    --- end of sample1.c ---

    Then in ruby - giving a different answer

    --- sample1.rb ---
    #! /usr/bin/env ruby

    require 'openssl'

    class String
    def dmp_blk=20
    self.each_byte {|c| printf("%02x ",c)}
    printf ("\n")
    end=20
    end

    magic =3D 'KGS!@#$%'
    key1 =3D 'R=A2Qk%*Qa'

    des =3D OpenSSL::Cipher::Cipher.new("DES-ECB")
    des.key =3D key1
    des.encrypt(magic)
    res =3D des.final

    puts "Results of DES encryption"
    puts "Key: #{key1} Plaintext: #{magic}"
    res.dmp_blk
    --- end of sample1.rb ---

    --- results from C version ---
    $ sample1
    Results of DES encryption
    Key: R=A2Qk%*Qa Plaintext: KGS!@#$%
    ff 37 50 bc c2 b2 24 12=20
    $

    --- results from ruby version
    $ sample1.rb
    Results of DES encryption
    Key: R=A2Qk%*Qa Plaintext: KGS!@#$%
    ff c4 20 c7 c2 f9 74 e3=20
    $

    On Thu, 2004-04-15 at 02:49, ts wrote:

    > >>>>> "V" =3D=3D Vance Heron <> writes:

    >=20
    > V> Here's the ruby code segment I'm using...
    > V> des =3D OpenSSL::Cipher::Cipher.new("DES")
    > V> des.encrypt( key1 )
    > V> res1 =3D des.update( magic )
    > V> res1 << des.final=20
    >=20
    > Well, probably I've not understood but you don't want this ?
    >=20
    > des =3D OpenSSL::Cipher::Cipher.new("DES-ECB")
    > des.key =3D key1
    > des.encrypt(magic)
    > p des.final
    >=20
    >=20
    > Guy Decoux




    --=-P3l961nwWZr1Avo90Fwz--
    Vance Heron, Apr 15, 2004
    #6
  7. Jamis Buck

    Vance Heron Guest

    Re: openssl ciphers - Success

    Sorry about the bad form replying to myself, but
    have found the answer I needed ...

    The ruby code that works is:

    des = OpenSSL::Cipher::Cipher.new("DES-ECB")
    des.encrypt(nil, 0)
    des.key=key1
    res1 = des.update(magic)

    The encrypt method hashes the password to generate
    a key (not what I needed), and supplies an IV if the
    2nd argument is nil (also not what I needed).

    For a 2nd encryption, I do a des.reset
    after the des.update.

    V
    Vance Heron, Apr 16, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Luc The Perverse

    Java Source For Asymmetric Key Ciphers

    Luc The Perverse, Jan 16, 2006, in forum: Java
    Replies:
    54
    Views:
    2,048
    WhatIThink
    Feb 8, 2011
  2. mattpryor
    Replies:
    0
    Views:
    1,513
    mattpryor
    Apr 28, 2006
  3. Terry

    openssl ciphers - revisited

    Terry, May 28, 2004, in forum: Ruby
    Replies:
    2
    Views:
    550
    GOTOU Yuuzou
    May 30, 2004
  4. Redd Vinylene
    Replies:
    6
    Views:
    298
    Jakub Pawlowicz
    Nov 18, 2008
  5. Replies:
    0
    Views:
    312
Loading...

Share This Page