Forums » Ruby-dev » openssl aes-*-cbc is broken

openssl aes-*-cbc is broken
Posted by NARUSE, Yui (Guest)
on 03.05.2006 18:56 
$B@.@%$G$9!#(B

openssl $B%b%8%e!<%k$N(B AES (CBC mode) $B$,;H$($J$$$h$&$G$9!#(B

require'openssl'
c1 = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
c2 = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
pass = "open sesame!"
data = "Hello world!"
c1.pkcs5_keyivgen(pass)
s1 = c1.encrypt.update(data) + c1.final
c2.pkcs5_keyivgen(pass)
s2 = c2.decrypt.update(s1) + c2.final
p(data == s2) #=> true

$B$r<B9T$7$h$&$H$9$k$H!"(Bc2.final $B$G0J2<$N%(%i!<$,H/@8$7$^$9!#(B
OpenSSL::CipherError: bad decrypt
        from (irb):359:in `OpenSSL::Cipher::Cipher#final'
        from (irb):359:in `Kernel#binding'
        from :0

aes-128-cfb aes-128-ecb aes-128-ofb $B$H$$$C$?(B
CBC $B0J30$N%b!<%I$G$OF0:n$7$^$9$7!"(B
AES$B0J30$NJ}<0$N(B CBC $B$OF0:n$7$^$9!#(B
$B$^$?!"(Bopenssl $B%3%^%s%I$+$i$@$HF0:n$9$k$N$G!"(B
Ruby/OpenSSL 
$B$NLdBj$@$H;W$&$N$G$9$,!"$=$l0J>e$OD4$Y@Z$l$^$;$s$G$7$?!#(B


$B$H$3$m$G!"(BOpenSSL::Cipher::AES$B$G$9$,!"(B
openssl $B$G$O(B -aes $B$,L5$$$?$a!"(B
  OpenSSL::Cipher::AES.new(256, 'cbc')
$B$J$I$H$7$J$$$H=i4|2=$G$-$^$;$s!#(B

OpenSSL::Cipher::AES128, OpenSSL::Cipher::AES192,
OpenSSL::Cipher::AES256 $B$J$i$P!"(B
$B$=$l$>$l(B -aes128, -aes192, -aes256 $B$HBP1~$9$k$?$a!"(B
$B0z?t$J$7$G%$%s%9%?%s%9$r:n$l$k$N$G$$$$$H;W$&$N$G$9$,!#(B
Re: openssl aes-*-cbc is broken
Posted by GOTOU Yuuzou (Guest)
on 05.05.2006 10:16
In message <44552AD3.405@airemix.com>,
 `"NARUSE, Yui" <naruse@airemix.com>' wrote:
> openssl $B%b%8%e!<%k$N(B AES (CBC mode) $B$,;H$($J$$$h$&$G$9!#(B

$B;n$7$F$_$k$H(BECB$B$bF1MM$G$7$?!#(B

> aes-128-cfb aes-128-ecb aes-128-ofb $B$H$$$C$?(B
> CBC $B0J30$N%b!<%I$G$OF0:n$7$^$9$7!"(B
> AES$B0J30$NJ}<0$N(B CBC $B$OF0:n$7$^$9!#(B
> $B$^$?!"(Bopenssl $B%3%^%s%I$+$i$@$HF0:n$9$k$N$G!"(B
> Ruby/OpenSSL $B$NLdBj$@$H;W$&$N$G$9$,!"$=$l0J>e$OD4$Y@Z$l$^$;$s$G$7$?!#(B

$B$J$s$G$=$&$J$k$+$O$A$c$s$HD4$Y$F$J$$$N$G$9$,!"80$H(BIV$B$r%;%C%H(B
$B$9$kA0$K(Bencrypt$B$r8F$V$HF0$/$h$&$G$9!#(B

% ruby -e '
require "openssl"
pass = "open sesame!"
data = "Hello world!"

c1 = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
c1.encrypt
c1.pkcs5_keyivgen(pass)
s1 = c1.update(data) + c1.final

c2 = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
c2.decrypt
c2.pkcs5_keyivgen(pass)
s2 = c2.update(s1) + c2.final
p(data == s2) #=> true
'

> OpenSSL::Cipher::AES128, OpenSSL::Cipher::AES192,
> OpenSSL::Cipher::AES256 $B$J$i$P!"(B
> $B$=$l$>$l(B -aes128, -aes192, -aes256 $B$HBP1~$9$k$?$a!"(B
> $B0z?t$J$7$G%$%s%9%?%s%9$r:n$l$k$N$G$$$$$H;W$&$N$G$9$,!#(B

$B$=$&$G$9$M!#$3$N5!2q$KDI2C$7$h$&$H;W$$$^$9!#(B

Powered by RForum and Captchator. CopyRight 2003-2008 RORChina.net All Rights Reserved. (Any question, please contact to: moolao#gmail.com)