Beefy Boxes and Bandwidth Generously Provided by pair Networks Joe
Don't ask to ask, just ask
 
PerlMonks  

Perl and Crypt::CBC question

by powerhouse (Friar)
on Jan 10, 2006 at 02:57 UTC ( #522077=perlquestion: print w/ replies, xml ) Need Help??
powerhouse has asked for the wisdom of the Perl Monks concerning the following question:

This is more of a Crypt::CBC question... So if you are familiar with it, I would appreciate some help, if you can.

I wrote a script, which encrypts some data before saving it in a database. It is not really important and imperitive that I make it work, but, I would like to know what I'm doing wrong...

Here is the error I'm getting:
Software error:
Cipher stream did not contain IV or salt, and you did not specify thes
+e values in new() at /home/##username##/public_html/vars.cgi line 425

[download]
Here is that subroutine that has that line:
sub decryptData
{
my $ciphertext = shift;
my $key = "Some Key Here, but Not Shown Here for several purposes";
my $cipher = Crypt::CBC->new ($key, "Blowfish"); # This is line 425

    return ($cipher->decrypt_hex ($ciphertext));
}

[download]
Do you see what it is talking about by Salt or IV?

thx for any/all help,
Richard

Comment on Perl and Crypt::CBC question
Select or Download Code
Re: Perl and Crypt::CBC question
by McDarren (Abbot) on Jan 10, 2006 at 03:15 UTC
    erm, rtfm :)

    From Crypt::CBC: 

     $cipher = Crypt::CBC->new( -key    => 'my secret key',
                             -cipher => 'Blowfish',
                             -salt   => 1
                           );

    [download]

    and... 

     -salt           Enables OpenSSL-compatibility. If equal to a value
                    of "1" then causes a random salt to be generated
                    and used to derive the encryption key and IV. Othe
+r
                    true values are taken to be the literal salt.

    [download]

    and... 

    The -salt argument actives an OpenSSL-compatible method of generating 
+the encryption/decryption key and IV. If salt has the value "1", then
+ a random salt is computed (highly recommended). Any other non-false 
+value will be interpreted as the bytes of the actual salt to use. If 
+you provide the salt, it must be exactly 8 bytes in length. It is hig
+hly recommended that you use -salt=>1, as this may become the default
+ in future versions of this module.

    [download]

    I think that pretty much says it all :)

[reply]
[d/l]
[select]
Re: Perl and Crypt::CBC question
by jimbojones (Friar) on Jan 10, 2006 at 03:49 UTC
    For more general information, check out CBC in Wikipedia. The idea is that for each pass of the cipher over a 'block' (8 bytes or more), the plaintext is XOR'd with the previous encrypted block before it is encrypted. For this method, for the first block, you need something to XOR in with your block. Hence the "Initialization Vector" (IV).

    To reverse the process (decrypt), you need to tell the CBC what the IV was. So either it's passed as an argument, or it's embedded in the ciphertext itself: 
    RandomIV12345678{real crypto text here}

    [download]
    here the IV is 12345678 (not too random).

    Note that the IV isn't critical to the strength of the cipher, but is used to make attacks on the cipher more difficult, since the same piece of plaintext encrypted with the same cipher and key will lead to different encrypted text if you start with different (random) IVs.

    - j

[reply]
[d/l]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://522077]
Approved by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (14)
As of 2013-05-21 18:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best material for plates (tableware) is:









    Results (442 votes), past polls