Let's go digging!
['des-cbc', 'des', 'des-cfb', 'des-ofb', 'des-ecb',
'des-ede-cbc', 'des-ede', 'des-ede-cfb', 'des-ede-ofb',
'des-ede3-cbc', 'des-ede3', 'des3', 'des-ede3-cfb',
'des-ede3-ofb', 'desx'].each do |flavour|
begin
c = OpenSSL::Cipher.new flavour
c.encrypt
c.key = '16_byte_string_k'
c.iv = 'xxxxxxxx'
str = 'abcdefgh'
enc = c.update(str) + c.final
puts "#{flavour} gives us #{enc.unpack('H*')}"
rescue => e
puts "#{flavour} didn't work because #{e.message}"
end
end
The results:
des-cbc gives us ["a5cfc96485d7203eb929c28ceb9fcd53"]
des gives us ["a5cfc96485d7203eb929c28ceb9fcd53"]
des-cfb gives us ["d898369e91589ae8"]
des-ofb gives us ["d898369e91589ae8"]
des-ecb gives us ["de8579b342a528b6143594946045d91a"]
des-ede-cbc gives us ["23ff779e88e2dbe1c009dc3105d8ff88"]
des-ede gives us ["0e589e3d85ac83efbb271a2e4a77cf4e"]
des-ede-cfb gives us ["1618988004b6a948"]
des-ede-ofb gives us ["1618988004b6a948"]
des-ede3-cbc didn't work because key length too short
des-ede3 didn't work because key length too short
des3 didn't work because key length too short
des-ede3-cfb didn't work because key length too short
des-ede3-ofb didn't work because key length too short
desx didn't work because key length too short
des-ede-cbc
gives you a match--at least the first part matches. The question is, why is the encrypted body longer? I'm going to bet this is the correct content and the PL/SQL version is truncated somehow--I'll see if I can figure it out.
Edit: nope, it's the padding. When you set the padding to 0 on the cipher, you get the same results as the PL/SQL version, e.g.
['des-cbc', 'des', 'des-cfb', 'des-ofb', 'des-ecb',
'des-ede-cbc', 'des-ede', 'des-ede-cfb', 'des-ede-ofb',
'des-ede3-cbc', 'des-ede3', 'des3', 'des-ede3-cfb',
'des-ede3-ofb', 'desx'].each do |flavour|
begin
c = OpenSSL::Cipher.new flavour
c.encrypt
c.key = '16_byte_string_k'
c.iv = 'xxxxxxxx'
c.padding = 0 # This is the important part!
str = 'abcdefgh'
enc = c.update(str) + c.final
puts "#{flavour} gives us #{enc.unpack('H*')}"
rescue => e
puts "#{flavour} didn't work because #{e.message}"
end
end
...
des-ede-cbc gives us ["23ff779e88e2dbe1"]
...
You will need to compare the two algorithms with different lengths of input string now. Take a look at the documentation for the padding method here: http://www.ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html