Which Cipher in Ruby OpenSSL API is equivalent to DES_ecb2_encrypt()?

StackOverflow https://stackoverflow.com/questions/16848035

  •  30-05-2022
  •  | 
  •  

Question

Which Cipher in Ruby's OpenSSL API is equivalent to the OpenSSL C function DES_ecb2_encrypt()?

I see the following ciphers:

 irb(main):003:0> OpenSSL::Cipher.ciphers
 => ["AES-128-CBC", "AES-128-CFB", "AES-128-CFB1", "AES-128-CFB8", "AES-128-ECB", 
     "AES-128-OFB", "AES-192-CBC", "AES-192-CFB", "AES-192-CFB1", "AES-192-CFB8", 
     "AES-192-ECB", "AES-192-OFB", "AES-256-CBC", "AES-256-CFB", "AES-256-CFB1", 
     "AES-256-CFB8", "AES-256-ECB", "AES-256-OFB", "AES128", "AES192", "AES256", 
     "BF", "BF-CBC", "BF-CFB", "BF-ECB", "BF-OFB", "CAMELLIA-128-CBC", "CAMELLIA-128-CFB",
     "CAMELLIA-128-CFB1", "CAMELLIA-128-CFB8", "CAMELLIA-128-ECB", "CAMELLIA-128-OFB",
     "CAMELLIA-192-CBC", "CAMELLIA-192-CFB", "CAMELLIA-192-CFB1", "CAMELLIA-192-CFB8",
     "CAMELLIA-192-ECB", "CAMELLIA-192-OFB", "CAMELLIA-256-CBC", "CAMELLIA-256-CFB",
     "CAMELLIA-256-CFB1", "CAMELLIA-256-CFB8", "CAMELLIA-256-ECB", "CAMELLIA-256-OFB",
     "CAMELLIA128", "CAMELLIA192", "CAMELLIA256", "CAST", "CAST-cbc", "CAST5-CBC", 
     "CAST5-CFB", "CAST5-ECB", "CAST5-OFB", "DES", "DES-CBC", "DES-CFB", "DES-CFB1", 
     "DES-CFB8", "DES-ECB", "DES-EDE", "DES-EDE-CBC", "DES-EDE-CFB", "DES-EDE-OFB", 
     "DES-EDE3", "DES-EDE3-CBC", "DES-EDE3-CFB", "DES-EDE3-CFB1", "DES-EDE3-CFB8", 
     "DES-EDE3-OFB", "DES-OFB", "DES3", "DESX", "DESX-CBC", "RC2", "RC2-40-CBC", 
     "RC2-64-CBC", "RC2-CBC", "RC2-CFB", "RC2-ECB", "RC2-OFB", "RC4", "RC4-40", "SEED",
     "SEED-CBC", "SEED-CFB", "SEED-ECB", "SEED-OFB", "aes-128-cbc", "aes-128-cfb", 
     "aes-128-cfb1", "aes-128-cfb8", "aes-128-ecb", "aes-128-ofb", "aes-192-cbc", 
     "aes-192-cfb", "aes-192-cfb1", "aes-192-cfb8", "aes-192-ecb", "aes-192-ofb", 
     "aes-256-cbc", "aes-256-cfb", "aes-256-cfb1", "aes-256-cfb8", "aes-256-ecb", 
     "aes-256-ofb", "aes128", "aes192", "aes256", "bf", "bf-cbc", "bf-cfb", "bf-ecb", 
     "bf-ofb", "blowfish", "camellia-128-cbc", "camellia-128-cfb", "camellia-128-cfb1",
     "camellia-128-cfb8", "camellia-128-ecb", "camellia-128-ofb", "camellia-192-cbc",
     "camellia-192-cfb", "camellia-192-cfb1", "camellia-192-cfb8", "camellia-192-ecb",
     "camellia-192-ofb", "camellia-256-cbc", "camellia-256-cfb", "camellia-256-cfb1",
     "camellia-256-cfb8", "camellia-256-ecb", "camellia-256-ofb", "camellia128",
     "camellia192", "camellia256", "cast", "cast-cbc", "cast5-cbc", "cast5-cfb", 
     "cast5-ecb", "cast5-ofb", "des", "des-cbc", "des-cfb", "des-cfb1", "des-cfb8", 
     "des-ecb", "des-ede", "des-ede-cbc", "des-ede-cfb", "des-ede-ofb", "des-ede3", 
     "des-ede3-cbc", "des-ede3-cfb", "des-ede3-cfb1", "des-ede3-cfb8", "des-ede3-ofb",
     "des-ofb", "des3", "desx", "desx-cbc", "rc2", "rc2-40-cbc", "rc2-64-cbc", "rc2-cbc",
     "rc2-cfb", "rc2-ecb", "rc2-ofb", "rc4", "rc4-40", "seed", "seed-cbc", "seed-cfb",
     "seed-ecb", "seed-ofb"]

I basically need the Ruby equivalent of this function call in C:

 DES_ecb2_encrypt((const_DES_cblock *)data, (DES_cblock *)data, &des_key1, &des_key2, 1);
Was it helpful?

Solution 2

I hate to answer my own question here, but I found the solution.

I had an encrypted piece of data which was encrypted with this C-code:

  DES_ecb3_encrypt(input,output, key1, key2, key1, 1)

which according to the Tripple-DES documentation does this:

  cipher_text =Encrypt(key1,Decrypt(key2,Encrypt(key1,plain_text)))

to decode the cipher_text in Ruby, I did this: 

  decrypt.OpenSSL::Cipher::Cipher.new('des-ede3')
  decrypt.decrypt
  decrypt.key = key1 + key2 + key1 
  plain_text = decrypt(cipher_text)  #  gives correct result, but decrypt.final gives errors

  # plain_text = decrypt(cipher_text) + decrypt.final # DOES NOT WORK
  #  => OpenSSL::Cipher::CipherError: wrong final block length   ; WHY??

I'd appreciate if somebody could comment on:

  • why decypt.final causes an error, although the result is correct

OTHER TIPS

I've never used this method, but it looks like it does 2 key 3DES encryption using des_key1 for the final encryption instead of a 3rd key. This is keying option 2 for 3DES. It looks like the option des-ede probably does what you want.

encrypt = OpenSSL::Cipher::Cipher.new("des-ede")
encrypt.encrypt
encrypt.key= des_key1+des_key2
ct = encrypt.update(plain_text) + encrypt.final

And of course a decrypt

decrypt = OpenSSL::Cipher::Cipher.new("des-ede")
decrypt.decrypt
decrypt.key= des_key1+des_key2
pt = decrypt.update(ct) + decrypt.final
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top