perl - How can I decrypt Blowfish ciphertext with a salted header? -
i have ciphertext has been encrypted using perl's crypt::cbc module wish decrypt elsewhere.
the ciphertext generated using 'simple' version of crypt::cbc constructor, is:
use crypt::cbc; $cipher = crypt::cbc->new( -key => 'my secret key', -cipher => 'blowfish' ); from reading man page, method of construction take simple string key , random salt generate iv & literal key use encryption, embed header salt.
"salt" -- combine passphrase 8-byte random value generate both block cipher key , iv provided passphrase. salt appended beginning of data stream allowing decryption regenerate both key , iv given correct passphrase. method compatible current versions of openssl.
i need decrypt ciphertext on platform supports cbc decryption given ciphertext, literal key & iv. attempt generate literal key, iv & salt, used crypt::cbc generate values so:
my $crypt = new crypt::cbc(-key => 'my secret key', -cipher => 'blowfish'); $out = $crypt->decrypt($ciphertext); $literal_key = $crypt->key(); $iv = $crypt->iv(); $salt = $crypt->salt(); the decryption here correct, i've been unable use generated literal key & iv decrypt cipher; produces rubbish:
my $crypt2 = new crypt::cbc( -literal_key => 1, -key => $literal_key, -cipher => 'blowfish', -iv => $iv, -header => 'none'); $rubbish - $crypt2->decrypt($ciphertext); i can't provide literal key , use salted header i'm lost next move.
how can decrypt text?
edit: target system not running perl, have been able generate identical value in $rubbish above, i'm sure it's using same algorithm (cbc, blowfish) decipher.
to decrypt stream, first need remove header added crypt::cbc's "salt" mode. header consists of 8 characters salted__ followed 8 bytes of salt data.
in perl, should it:
my $crypt2 = new crypt::cbc( -literal_key => 1, -key => $literal_key, -cipher => 'blowfish', -iv => $iv, -header => 'none'); $cleartext = $crypt2->decrypt(substr($ciphertext, 16));
Comments
Post a Comment