Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Perl and Crypt::CBC question

by powerhouse (Friar)
on Jan 10, 2006 at 02:57 UTC ( #522077=perlquestion: print w/ replies, xml ) Need Help??
powerhouse has asked for the wisdom of the Perl Monks concerning the following question:

This is more of a Crypt::CBC question... So if you are familiar with it, I would appreciate some help, if you can.

I wrote a script, which encrypts some data before saving it in a database. It is not really important and imperitive that I make it work, but, I would like to know what I'm doing wrong...

Here is the error I'm getting:
Software error: Cipher stream did not contain IV or salt, and you did not specify thes +e values in new() at /home/##username##/public_html/vars.cgi line 425
Here is that subroutine that has that line:
sub decryptData { my $ciphertext = shift; my $key = "Some Key Here, but Not Shown Here for several purposes"; my $cipher = Crypt::CBC->new ($key, "Blowfish"); # This is line 425 return ($cipher->decrypt_hex ($ciphertext)); }
Do you see what it is talking about by Salt or IV?

thx for any/all help,
Richard

Comment on Perl and Crypt::CBC question
Select or Download Code
Re: Perl and Crypt::CBC question
by McDarren (Abbot) on Jan 10, 2006 at 03:15 UTC
    erm, rtfm :)

    From Crypt::CBC:

    $cipher = Crypt::CBC->new( -key => 'my secret key', -cipher => 'Blowfish', -salt => 1 );

    and...

    -salt Enables OpenSSL-compatibility. If equal to a value of "1" then causes a random salt to be generated and used to derive the encryption key and IV. Othe +r true values are taken to be the literal salt.

    and...

    The -salt argument actives an OpenSSL-compatible method of generating +the encryption/decryption key and IV. If salt has the value "1", then + a random salt is computed (highly recommended). Any other non-false +value will be interpreted as the bytes of the actual salt to use. If +you provide the salt, it must be exactly 8 bytes in length. It is hig +hly recommended that you use -salt=>1, as this may become the default + in future versions of this module.

    I think that pretty much says it all :)

Re: Perl and Crypt::CBC question
by jimbojones (Friar) on Jan 10, 2006 at 03:49 UTC
    For more general information, check out CBC in Wikipedia. The idea is that for each pass of the cipher over a 'block' (8 bytes or more), the plaintext is XOR'd with the previous encrypted block before it is encrypted. For this method, for the first block, you need something to XOR in with your block. Hence the "Initialization Vector" (IV).

    To reverse the process (decrypt), you need to tell the CBC what the IV was. So either it's passed as an argument, or it's embedded in the ciphertext itself:
    RandomIV12345678{real crypto text here}
    here the IV is 12345678 (not too random).

    Note that the IV isn't critical to the strength of the cipher, but is used to make attacks on the cipher more difficult, since the same piece of plaintext encrypted with the same cipher and key will lead to different encrypted text if you start with different (random) IVs.

    - j

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://522077]
Approved by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (6)
As of 2014-07-30 00:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (229 votes), past polls