Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

openssl DES3 in scripting

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting openssl DES3 in scripting
# 1  
Old 04-24-2010
openssl DES3 in scripting
hi,
I have this script in python

Code:
#!/usr/bin/env python
from Crypto.Cipher import DES3

def desEncrypt(key, data): 
    d = des4me(key) 
    return d.encrypt(data)

def des4me(key): 
    return DES3.new(key, DES3.MODE_ECB)

A='\x00\x11\x22\x33\xA8\x44\x55\x66\x92\x77\x88\xAC\x99\x94\x88\x11'
B='\x0c\xef\x83\x44\x34\x00\x00\xca'
print desEncrypt(A,B)

The result is in hex d2b3 1881 f6fc d951
And i want to to make the same output with openssl in a bash shell
I've tried with

Code:
A=$(echo -ne "\x00\x11\x22\x33\xA8\x44\x55\x66\x92\x77\x88\xAC\x99\x94\x88\x11")
B=$(echo -ne "\x0c\xef\x83\x44\x34\x00\x00\xca")
echo -ne "$A"|openssl des-ede3 -nosalt -nopad -pass pass:$B|xxd

but the result is not the same.
I think that des-ede3 is the correct translation of DES3.MODE_ECB.
I don't understand my error..
Please help me (isn't a homework!!)
Best regards

---------- Post updated at 06:04 AM ---------- Previous update was at 04:45 AM ----------

it's a base problem or the mode is incorrect? I tried for several hours...but no solution.Anyone can help me?

---------- Post updated at 03:22 PM ---------- Previous update was at 06:04 AM ----------

anyone can help me?

---------- Post updated 04-24-10 at 06:17 AM ---------- Previous update was 04-23-10 at 03:22 PM ----------

I've tried also with this:
Code:
echo -e -n "\x0c\xef\x83\x44\x34\x00\x00\xca"|openssl des-ede3 -nosalt -nopad -pass pass:"\x00\x11\x22\x33\xA8\x44\x55\x66\x92\x77\x88\xAC\x99\x94\x88\x11"|xxd -p

But the result is wrong 6559f7f970062198....
Last edited by kazikamuntu; 04-23-2010 at 07:30 AM..
# 2  
Old 04-24-2010
You should always pass a command argument to openssl. In your case "enc' is the required command argument, i.e.
Code:
echo "encrypt me" | openssl enc -des-ede3 -nosalt -pass pass:yourpassword

Last edited by fpmurphy; 04-24-2010 at 08:28 PM..
# 3  
Old 04-24-2010
thanks but the result is the same...
# 4  
Old 04-24-2010
Hi.

For verification, man enc on Debian lenny says:
Code:
NOTES
       The program can be called either as openssl ciphername or openssl enc
       -ciphername.

cheers, drl
# 5  
Old 04-24-2010
ok thanks
the command in python is simple:
I explain in a better way:

A='\x00\x11\x22\x33\xA8\x44\x55\x66\x92\x77\x88\xAC\x99\x94\x88\x11'
B='\x0c\xef\x83\x44\x34\x00\x00\xca'

Code:
print DES3.new(A, DES3.MODE_ECB).encrypt(B)

the result is in hex d2b31881f6fcd951
_______________________________________________________
with openssl:
Code:
echo -ne $B|openssl enc -des-ede3 -nosalt -nopad -pass pass:$A
6559f7f970062198

the result is wrong!
# 6  
Old 04-24-2010
Hi.

I know virtually nothing about the subject of cryptography, so I need to rely on man pages and Google searches.

I ran your python code and the shell script. I'm not so sure that the shell variables are conveying to openssl what you intended. I don't know that it's wrong, but it's one area to consider.

How do you know that the openssl "des-ede3" is the equivalent of python's "DES3.MODE_ECB" ?

If I were faced with this, I would start with the very basic encryption (base64, "des" ?) with very plain text and passwords, and, once I was satisfied that that was working, work forward from there to the other protocols ... cheers, drl
# 7  
Old 04-24-2010
Quote:
Originally Posted by drl
Hi.

For verification, man enc on Debian lenny says:
Code:
NOTES
       The program can be called either as openssl ciphername or openssl enc
       -ciphername.

cheers, drl
I always avoid that method of invocation because of the next sentence in the man page
Quote:
But the first form doesn't work with engine-provided ciphers, because this form is processed before the configuration file is read and any ENGINES loaded.
Updated my previous post.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Openssl upgrade

Hello Admins. I need to upgrade the openssl version in Solaris 10 due to vulnerabilities. When I checked the current version, it shows: bash-3.2# openssl version OpenSSL 1.0.2n 7 Dec 2017 bash-3.2# which openssl /usr/bin/openssl When I installed the new one, its getting... (0 Replies)
Discussion started by: snchaudhari2
0 Replies

2. Shell Programming and Scripting

Openssl scripting problem

im trying to make sure the openssl password does not show up in the output of ps. so i'm trying to do something like this: MAST=yup echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl <<HERE 2>&1 >/dev/null aes-128-cbc -a -d -salt -k "${MAST}" HERE But this isn't working.. I... (10 Replies)
Discussion started by: SkySmart
10 Replies

3. Cybersecurity

OpenSSL

I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command: ... (2 Replies)
Discussion started by: Ultrix
2 Replies

4. UNIX for Advanced & Expert Users

Compression with openssl

Hi , 1-I need to know please if it's possible to compress using openssl? Here is the version used: openssl version -a OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969 CVE-2006-2937 CVE-2006-2940 CVE2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2007-5135 CVE-2008-5077... (3 Replies)
Discussion started by: Eman_in_forum
3 Replies

5. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

6. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

7. UNIX for Advanced & Expert Users

DES3 encryption in SunOS sparc

Hi, I want to encrypt a unix file using the des3 algorithm. Seems that there are no standard unix utilities readily available. Can you please suggest how I can encrypt a unix file using des3 ? (2 Replies)
Discussion started by: samuel.vincent
2 Replies

8. Solaris

ERROR OpenSSL

ERROR OpenSSL version mismatch. Built against 908070, you have 9080bf^M 2009.11.20 15:23:25 ERROR Connection closed^M i am new in solaris,i not have great know in this operative system Help me how i can fixed this, in the machine has installed Solaris Machine hardware: ... (1 Reply)
Discussion started by: saurio
1 Replies

9. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies
Login or Register to Ask a Question