2

I'm writing a program to interface with another program written in python. I find that the ciphered results are different.

In ghci, with HsOpenSSL, the ciphered result is \GS\n\197:

import OpenSSL
import OpenSSL.EVP.Cipher 
import Data.Maybe
method <- fmap fromJust $ withOpenSSL $ getCipherByName "bf-cfb"
cipher method "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f\x72" "\xcc\x88\xa5\x26\x85\xaf\x7f\x8d" Encrypt "abcd"

In python, the ciphered result is K\x10<Q

import M2Crypto
M2Crypto.EVP.Cipher("bf_cfb", "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f\x72", "\xcc\x88\xa5\x26\x85\xaf\x7f\x8d", 1).update("abcd")

In shell, with abcd.txt containing the string "abcd", abcd.bin shown in vim as K^P<Q}

openssl bf-cfb -in abcd.txt -out abcd.bin -pass pass:abc -K 900150983cd24fb0d6963f7d28e17f72 -iv cc88a52685af7f8d -nosalt

I assume the M2Crypto result is equivalent to command line result, why the HsOpenSSL result is different?

rnons
  • 363
  • 2
  • 10
  • I believe M2Crypto uses an 8-bit feedback size; while OpenSSL uses an 64-bit feedback for Blowfish. I've encountered similar issues with mcrypt and Crypto++. There *could* be a problem with padding too. But check feedback size first. – jww May 14 '14 at 11:44
  • HsOpenSSL is a wrapper of OpenSSL, it should end up with the same function call. I made a gist to demonstrate the problem: https://gist.github.com/rnons/3d952c60549f9424feb2 – rnons Jun 05 '14 at 02:59

0 Answers0