Tom,
I've confirmed much of what you've said, but ran into a new problem
> The tricky part comes from the way Crypt::CBC calculates it's
> key and initialization vector ... it turns out that those are
> respectively the first and last 8 bytes of the md5 hash of the
> key specified... (at least for the default DES config)
>
it uses the first and last 16 bytes (as your examples show), not 8
bytes. This is where I ran into my problem. I'm using libmcrypt, and
attempting to emulate perl's crypt::cbc essentially like this:
function pcrypt_cbc($pcrypt_key, $pcrypt_data, $pcrypt_mode) {
echo "***STARTING PCRYPT IN $pcrypt_mode***\n";
echo "MD5 of Key: " . md5($pcrypt_key) . "\n";
$pcrypt_usekey=substr(md5($pcrypt_key), 0, 16);
echo "Key to use: $pcrypt_usekey\n";
$pcrypt_iv=substr(md5($pcrypt_key), -16, 16);
echo "Initialization Vector: $pcrypt_iv\n";
$pcrypt_return=mcrypt_cbc(MCRYPT_DES, $pcrypt_usekey, pcrypt_data,
$pcrypt_mode, $pcrypt_iv);
}
echo "***PCRYPT COMPLETE***\n\n";
return $pcrypt_return;
}
the problem is, the initialization vector MUST be 8 bytes (enter
anything less, and it pads with zeros. enter anything more, and it
triggers a warning and truncates to 8). I'm assuming this is a
limitation of libmcrypt, but at that point we're getting a decent bit
beyond my understanding of DES and encryption systems in general. If
I'm understanding this correctly, the DES algorythm in libmcrypt is
limited to an 64bit salt, and the system is trying to use a 128bit salt.
Is this the problem? Any ideas?
Thanks!
Brad Murray
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:18 EDT