Programming

thanks - i tried this but its owned by root - so have passed this on to SA. I will get back to you guys

OK, have now install module and correct version of Perl.

But am now totally stuck.

Reading "if you can use perl, CPAN module Crypt::CBC would be helpful" it does not really give me an example on how to decyrpt a file for my specifications. any ideas?

Well, what are your specifications?

the specification of the encryption process is:

NET 2 Cryptography classes.

RijndaelManaged encryption algorithm

SHA512Managed class for hashing keys with a blocksize of 128 and a 32 byte key. The HashSize property of the algorithm is 512 and it generates a 64 byte hash key, but then it only uses the first 32 bytes as the key

i need to decrypt a file that uses that specification

The .NET Framework RijndaelManaged Class simply accesses the managed version of the .NET Framework Rijndael algorithm.

Rijndael was the winner of the NIST competition to select the algorithm that eventually become AES. There are however some differences between Rijndael and the official FIPS-197 specification for AES which was first published in 2001.

Rijndael allows for both key and block sizes to be chosen independently from 128, 160, 192, 224, 256 bits and the key size does not have to match the block size. FIPS-197 selected a subset of Rijndael and specifies that the block size must always be 128 bits and that the key size may be either 128, 192, or 256 bits (AES-128, AES-192 and AES-256)

Since .NET RijndaelManaged is an implementation of Rijndael, it allows you to select different block sizes (both block and key sizes must be either 128, 192, or 256 bits as 160 and 224 bit are unsupported.) Also .NET RijndaelManaged implementation adjusts block size to match the feedback size in CFB mode, i.e. if you use CFB (and I believe OFB) and a block size of 128 bits, but a feedback size which is not 128 bits you again will not be compatible with AES. As far as I know .NET RijndaelManaged is not FIPS certified.

I am not sure what you mean by .NET SHA512Managed generating "a 64-byte hash key but then it only uses the first 32 bytes as the key" Do you mean, as I suspect you mean, that Rijndael is using a 256-bit key? If this is the case any AES-256 decrypt routine will work for you so long as you know the symmetric key (typically derived from a passphrase.)

You need to clarify block and key sizes if you expect us to be able to help you.

Hi Thanks for your reply.

That is correct, only 32 bytes are passed through to the encryption/decryption process

using blocksize of 128 and a 32 byte key

have made some more amendments - still not working - perl install error at the moment (am working on that)

but am sure code is not correct either

anyone got any input they want to make?

Code:

#!/usr/local/bin/perl
use warnings;
use Crypt::Rijndael;
use Crypt::CBC;
#use Digest::SHA qw(sha512_hex);
use Digest::SHA;
 
 
#--------------------------------------------------------------------
# Parameters
#--------------------------------------------------------------------
my $my_key;
my $plain_text;
my $encrypted = "VACT_MEM_FIN_20110207.csv.enc";
my $cipher;
my $buffer;
my $decrypted = $encrypted;
#$decrypted =~ s/\.enc/\.txt/;
$decrypted="VACT_MEM_FIN_20110207.csv";
my $meth ="Crypt::OpenSSL::AES";

$my_key ='vactV@20110207';
$cipher = Crypt::CBC->new( {'literal_key'      => 1,
                            'key'             => $my_key,
                            #'cipher'          => 'Rijndael',
                            'keysize'         => 32,
                            'blocksize'       => 128,
                             'cipher' => $meth
                           });
#--------------------------------------------------------------------
# Decryption
#--------------------------------------------------------------------
open(FH_encrypted, "<$encrypted");
open(FH_decrypted, ">$decrypted");
$cipher->start('decrypting');
while (read(FH_encrypted,$buffer,1851)) {
   print FH_decrypted $cipher->crypt($buffer);
}
print FH_decrypted $cipher->finish;
close FH_encrypted;
close FH_decrypted;