Cipher "des-ede" working differently between JRuby and MRI #931
Comments
|
Maybe this can help you guys. Here's the Java code that implements OpenSSL's des-ede: @Test
public void testDESede() throws Exception {
String str = "helloooo";
byte[] originalKey = Base64.decodeBase64("WVqcvjGqaD7XBVBlXYbJYw==\n");
byte[] key = new byte[24];
System.arraycopy(originalKey, 0, key, 0, 16);
// We're trying to use Two Key key (8 bytes each = 16 bytes), but java DESede only take 24 byte keys.
// We need to repeat the first 8 bytes on the end of the key, to make a 24 bytes Two key
// http://tripoverit.blogspot.com.br/2009/06/tripledes-encryption-compatibility.html
System.arraycopy(originalKey, 0, key, 16, 8);
final SecretKey secretKey = new SecretKeySpec(key, "DESede");
String enc = encrypt(str.getBytes(), secretKey, "DESede/ECB/NoPadding");
String dec = new String(Base64.decodeBase64(decrypt(Base64.decodeBase64(enc), secretKey, "DESede/ECB/NoPadding")));
System.out.println(str);
System.out.println(enc);
System.out.println(dec);
assertEquals(str, dec);
// MRI Result for same key and input
assertEquals("7r9gHRoTpGs=", enc);
}
private Cipher createCipher(String transformation) throws Exception {
Cipher cipher = Cipher.getInstance(transformation);
return cipher;
}
private String encrypt(byte[] data, Key secretKey, String transformation) throws Exception {
Cipher cipher = createCipher(transformation);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
baos.write(cipher.update(data));
baos.write(cipher.doFinal());
String dec = Base64.encodeBase64String(baos.toByteArray());
return dec;
}
private String decrypt(byte[] data, Key secretKey, String transformation) throws Exception {
Cipher cipher = createCipher(transformation);
cipher.init(Cipher.DECRYPT_MODE, secretKey);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
baos.write(cipher.update(data));
baos.write(cipher.doFinal());
return Base64.encodeBase64String(baos.toByteArray());
}Here's the output, which is consistent with MRI: |
|
I'm seeing a similar issue. The test below is like the one provided by @andrenpaes except that I'm using des-ede-cbc and leaving padding at its default. $ cat test.rb cipher = OpenSSL::Cipher.new('des-ede-cbc') encrypted = cipher.update(input) + cipher.final $ ruby -v $ ruby -v |
|
I'm having the same issue, i implemented the solution presented by @andrenpaes but that only worked for des-ede encryption/decryption for des-ede-cbc it only works for strings equal or shorter than 16 characters. If the data is longer it breaks again, that makes sense as i i'm using the same java cipher for 2 different ruby ciphers MRI: Input:: 25423534353233303035353132323731 Java Input:: 25423534353233303035353132323731 While there is no fix for this, maybe @andrenpaes can help me get a java sample code that works for des-ede-cbc. |
…B mode default fixing jruby/jruby#2617 as well as jruby/jruby#931
|
should be fine on jruby-openssl master (expected to land in 0.9.7), you can test a "snapshot" gem from https://oss.sonatype.org/content/repositories/snapshots/rubygems/jruby-openssl/0.9.7.dev-SNAPSHOT/ just make sure it's a snapshot released after Apr 08 2015 |
I'm facing a problem trying to decrypt some data using JRuby. I'm using the 'des-ede' cipher with no padding. The code works fine in MRI.
Here's an example:
Here's the output in JRuby (1.7.[3,4]):
Here's the output in MRI (1.9.2-p290 and ruby 1.9.3p327):
Is this a problem, or is it not possible to use 'des-ede' on JRuby? It seems weird that des-ede has the same output of des-cbc
Here's the description from 'des-ede' in OpenSSL: Two key triple DES EDE in ECB mode
The text was updated successfully, but these errors were encountered: