Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

AES/ECB/PKCS#5 encryption

by dbarstis (Novice)
on Sep 28, 2011 at 20:45 UTC ( [id://928418]=perlquestion: print w/replies, xml ) Need Help??

dbarstis has asked for the wisdom of the Perl Monks concerning the following question:

I need to send an encrypted code to a web server where it will be decrypted with a java script. I have a script that creates the token and another that can decrypt it. The problem is when I send it to the java script, it throws an exception because of the padding. PKCS#5 pads with the number of bytes that should be truncated. So, if blocksize is 8, then "0A0B0C" will be padded with "05", resulting in "0A0B0C0505050505". If the final block is a full block of 8 bytes, then a whole block of "0808080808080808" is appended. In my script I can pad with nulls but how would I do PKCS#5? If someone could rewrite this (even using Crypt::CBC) and get the 32 character token with the correct padding, I would be forever grateful

In my haste to post the code, I didn't complete the scrubbing. I've made the corrections.

#!/usr/bin/perl use Crypt::Rijndael; my $key = "1A2B3C4D5E6FA1B2C3D4E5F61A2B3C4D"; $key = pack("H*",$key); $crypt = Crypt::Rijndael->new( $key, Crypt::Rijndael::MODE_ECB() ); my $vers = 1; my $rand = 1002247; my $time = 1317072992; my $empid = 123; my $sum = 103; $packed = pack( "CLLLC", $vers, $rand, $time, $empid, $sum ); my $token = $crypt->encrypt($packed^("\0"x16)); $token = unpack("H*",$token); print "---------+---------+---------+--\n"; print $token,"\n"; exit;

Replies are listed 'Best First'.
Re: AES/ECB/PKCS#5 encryption
by zentara (Archbishop) on Sep 29, 2011 at 08:16 UTC
    Here is a running version of your code, with a legitimate key. It takes your values, makes a token, then decrypts the token. Can you describe in more detail what you need with the padding? Here is a commonly used sub for padding. Substitute your padding for the null bytes "\0", with a similar length($data) method.
    sub get16 { my $data = shift; # return "\0" x ( 16 - length($data) % 16 ) . $data; return $data . "\0" x ( 16 - length($data) % 16 ); }

    Here is your code, working with a legitimate key with debugging steps along the way.

    #!/usr/bin/perl use warnings; use strict; use Crypt::Rijndael; my $key = "1A2B3C4D5E6Fabcd"; #$key = pack("H*",$key); print "$key\n"; my $crypt = Crypt::Rijndael->new( $key, Crypt::Rijndael::MODE_ECB() ); my $vers = 1; my $rand = 1002247; my $time = 1317072992; my $empid = 123; my $sum = 103; my $ndid = 42; my $packed = pack( "CLLLC", $vers, $rand, $time, $ndid, $sum ); print "$packed\n"; my @unpacked = unpack("CLLLC",$packed) ; print "@unpacked\n"; my $token = $crypt->encrypt($packed^("\0"x16)); print "\n$token\n"; $token = unpack("H*",$token); print "---------+---------+---------+--\n"; print $token,"\n"; # do decryption my $z = pack("H*", $token); print "$z\n"; my $cbc1 = new Crypt::Rijndael $key, Crypt::Rijndael::MODE_CBC; my $decrypted = $cbc1->decrypt($z); print "decrypted->$decrypted\n"; my @values = unpack("CLLLC",$decrypted) ; print "@values\n"; exit;

    I'm not really a human, but I play one on earth.
    Old Perl Programmer Haiku ................... flash japh
Re: AES/ECB/PKCS#5 encryption
by zentara (Archbishop) on Sep 29, 2011 at 07:49 UTC
    First your $key is invalid for Crypt::Rijndael

    wrong key length: key must be 128, 192 or 256 bits long at ./928418.pl line 8

    # keys must be 128, 192 or 256 "bits" long, # 8 bits in a letter, so 8 x 16 = 128 #my $key = 'abcdefgghjkloiuy'; #128 bits or 8 x 16 my $key = 'abcdefgghjkloiuyabcdefgghjkloiuy'; #256 bits or 8 x 32 print "key->$key\n";
    Second, you didn't use warnings; and use strict; so $ndid is undefined

    What do you want us to do with broken and incomplete code?


    I'm not really a human, but I play one on earth.
    Old Perl Programmer Haiku ................... flash japh
Re: AES/ECB/PKCS#5 encryption
by dbarstis (Novice) on Sep 29, 2011 at 14:05 UTC
    Figured it out. Calculated by using the following: my $pad = 16 - length($packed) % 16; my $padded = $packed . pack("C*",($pad)x$pad); my $token = $crypt->encrypt($padded);
Re: AES/ECB/PKCS#5 encryption
by dbarstis (Novice) on Sep 29, 2011 at 12:29 UTC

    I indicated the padding needed in the original post. Null and Space padding isn't a problem. I can code and decode the token no problem. The java script requires the padding above only I don't know how to generate it.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://928418]
Approved by chrestomanci
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (3)
As of 2024-03-29 04:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found