Beefy Boxes and Bandwidth Generously Provided by pair Networks Joe
There's more than one way to do things
 
PerlMonks  

Basic Crypt::Blowfish usage question

by DaWolf (Curate)
on Mar 30, 2002 at 23:58 UTC ( #155526=perlquestion: print w/ replies, xml ) Need Help??
DaWolf has asked for the wisdom of the Perl Monks concerning the following question:

Greetings, fellows.

I'm trying to do some basic operations using Crypt::Blowfish here, but I'm not getting it too good as I thought I would.

This module looks very simple to use, but I'm missing something here.

I was sucessfull to encrypt a string but can't decrypt it. I've followed the module documentation and did like this:

To encrypt: 
#!c:/perl
use Crypt::Blowfish;

while ($pass = <>)
{
    chomp $pass;
    $key = pack ("H16","0123456789ABCDEF");
    $cipher = new Crypt::Blowfish $key;
    $ciphertext = $cipher->encrypt("$pass");
    print unpack ("H16",$ciphertext),"\n";
}

[download]
and, to decrypt: 
#!c:/perl
use Crypt::Blowfish;

while ($pass = <>)
{
    chomp $pass; 
    $key = pack ("H16","0123456789ABCDEF");
    $cipher = new Crypt::Blowfish $key;
    $ciphertext = $cipher->decrypt("$pass");
    print unpack ("H16",$ciphertext),"\n";
}

[download]
So, if I try to put the encrypted string for the module to decrypt it, it returns this:

"input must be 8 bytes long at C:/Perl/site/lib/Crypt/Blowfish.pm line 68, <> line 1"

Can anyone explain this to me? Why it doesn't works? If it must be 8 bytes long why does it generate a longer string?

Thanks in advance, brothers.

Er Galvão Abbott
 a.k.a. Lobo, DaWolf
Webdeveloper

Comment on Basic Crypt::Blowfish usage question
Select or Download Code
Re: Basic Crypt::Blowfish usage question
by Ryszard (Priest) on Mar 31, 2002 at 00:17 UTC

    These lower level routines are for encoding single characters. You need to look at Cypher Block Chaining to do messages of arbitrary length.

[reply]
      Could you give some deeper explanation?

      I'm very new to Cryptography and the results I've found by searching the monastery weren't clear enough.

      Thanks a lot for your patience,

      Er Galvão Abbott
       a.k.a. Lobo, DaWolf
      Webdeveloper
[reply]
        I'm by no means an expert on cryptography, nor the math involved.. ;-)

        Have a look at this, at which point i defer to a more experienced monk to explain the concepts of cypher block chaining.

        Get yourself a copy of Applied Cryptography, its a great book that explains how all this works: various protocols, attacks, algorithms et al. Once you've read it and know all about how to implement good security, go read Secrets and Lies....

[reply]
      Not quite single characters. Crypt::Blowfish is for encrypting 8 characters at a time. You're right that Crypt::CBC is for arbitrary length messages, and can use Crypt::Blowfish, though I have run into trouble where I couldn't decrypt messages sent to me where someone was encrypting with a non-standard CBC. 
      -----------
ooo  O\O  ooo tilly was here :,(
[reply]
Re: Basic Crypt::Blowfish usage question
by danger (Priest) on Mar 31, 2002 at 05:54 UTC

    Your problem is two-fold: First, as others have already pointed out: Blowfish is an 8-byte block encryption scheme, so you either need to pass it a string to encrypt of just 8 bytes, pad out a shorter string with nulls (\0), or work with longer data in 8-byte blocks (with padding when necessary) or get Crypt::CBC or Crypt::CBCeasy to deal with arbitrary length strings. Secondly (but your more immediate problem), your first encryption run prints out an unpacked version of the encrypted string (which is fine, makes it easier to read and type back in for the decrypt run right?) ... but in your decrypt run you try to decrypt that string as entered, you'll have to pack it up again before decrypting. Try this slight modification to your enc/dec pair: 

    # --- enc.pl ---
  #!/usr/bin/perl -w
  use strict;
  use Crypt::Blowfish;

  my $plaintext = <>;
  chomp $plaintext;
  my $key = "this is the pass phrase";
  my $cipher = Crypt::Blowfish->new($key);
  my $ciphertext = $cipher->encrypt($plaintext);
  print unpack ("H16", $ciphertext),"\n";


# --- dec.pl ---
  #!/usr/bin/perl -w
  use strict;
  use Crypt::Blowfish;

  my $ciphertext = <>;
  chomp $ciphertext;
  my $key = "this is the pass phrase";
  my $cipher = Crypt::Blowfish->new($key);
  my $plaintext = $cipher->decrypt(pack "H16",$ciphertext);
  print $plaintext,"\n";

# --- sample session (using 8-byte plaintext only) ---

  $ perl enc.pl 
  noseeums                <== what I type
  8db8af77b828c382        <== what I get
  
  $ perl dec.pl 
  8db8af77b828c382        <== what I type
  noseeums                <== what I get
  
  $ echo noseeums|perl enc.pl |perl dec.pl 
  noseeums


    [download]
[reply]
[d/l]
      Thanks a lot, danger.

      You've attacked the problem's core.

      Good aim! : )

      Er Galvão Abbott
       a.k.a. Lobo, DaWolf
      Webdeveloper
[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://155526]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (4)
As of 2013-05-25 03:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best material for plates (tableware) is:









    Results (516 votes), past polls