Crypt::CBC Padding Option Tests

A tutorial example is provided to how different Crypt::CBC padding options behave. The 'standard' (PKCS#5) padding option seems to be the best.

In the previous tutorial, we saw that Crypt::CBC offers 6 padding options. In this tutorial, we will see some examples of how different padding options behave.

The following Perl script will be used generate those examples:

#- Crypt-CBC-Blowfish-Padding-Test.pl
#- Copyright (c) 2015 HerongYang.com, All Rights Reserved.
#-
   use Crypt::CBC;
   $algorithm = "Blowfish";
   my ($passHex, $plainHex, $padding) = @ARGV;

   print("Crypt::CBC Padding Test - output in Hex:\n");
   $passHex = "1122334455667788" unless $passHex;
   $plainHex = "" unless $plainHex;
   $padding = "standard" unless $padding;
   
   $passStr = pack("H*", $passHex);
   $plainStr = pack("H*", $plainHex);
   print("   Passphrase       ($passHex)\n");
   print("   Plaintext        ($plainHex)\n");
   print("   Padding          ($padding)\n");

   print("Creating Crypt::CBC with Passphrase...\n");
   $cipher = Crypt::CBC->new( 
      -cipher => $algorithm,
      -key => $passStr,
      -salt => '1',
      -header => 'salt',
      -padding => $padding,
      );0123456789abcdef

   print("Encrypting plaintext...\n");
   $cipherStr = $cipher->encrypt($plainStr);
   $cipherHex = unpack("H*", $cipherStr);
   print("   Cipher Output    ($cipherHex)\n");

   $headerNameHex = substr($cipherHex,0,16);
   $headerValueHex = substr($cipherHex,16,16);
   $realCipherHex = substr($cipherHex,32);
   print("   Header Name      ($headerNameHex)\n");
   print("   Header Value     ($headerValueHex)\n");
   print("   Ciphertext       ($realCipherHex)\n");

   $passStr = $cipher->passphrase();
   $passHex = unpack("H*", $passStr);
   print("   Pass Phrase      ($passHex)\n");

   $saltStr = $cipher->salt();
   $saltHex = unpack("H*", $saltStr);
   print("   Salt             ($saltHex)\n");

   $ivStr = $cipher->iv();
   $ivHex = unpack("H*", $ivStr);
   print("   IV               ($ivHex)\n");
      
   print("Decrypting ciphertext...\n");
   $decryptStr = $cipher->decrypt($cipherStr);
   $decryptHex = unpack("H*", $decryptStr);
   print("   Decrypted text   ($decryptHex)\n");

   print("Getting Padded Plaintext...\n");
   $cipher = Crypt::CBC->new( 
      -cipher => $algorithm,
      -key => $passStr,
      -salt => '1',
      -header => 'salt',
      -padding => 'none',
      );
   $decryptStrPadded = $cipher->decrypt($cipherStr);
   $decryptHexPadded = unpack("H*", $decryptStrPadded);
   print("   Padded Plaintext ($decryptHexPadded)\n");

Example 1 - 'standard' (PKCS#5) padding on a full block:

C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \
   1122334455667788 0123456789abcdef standard
   
Crypt::CBC Padding Test - output in Hex:
   Passphrase       (1122334455667788)
   Plaintext        (0123456789abcdef)
   Padding          (standard)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output    (53616c7465645f5f80bd5c7cab632670
                     05880f479ada3d75c496ec8b92f67788)
   Header Name      (53616c7465645f5f)
   Header Value     (80bd5c7cab632670)
   Ciphertext       (05880f479ada3d75c496ec8b92f67788)
   Pass Phrase      (1122334455667788)
   Salt             (80bd5c7cab632670)
   IV               (74fa2dc14decd610)
Decrypting ciphertext...
   Decrypted text   (0123456789abcdef)
Getting Padded Plaintext...
   Padded Plaintext (0123456789abcdef0808080808080808)
                                     ----------------
                                     padding

Example 2 - 'standard' (PKCS#5) padding on a half block:

C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \
   1122334455667788 01234567 standard
   
Crypt::CBC Padding Test - output in Hex:
   Passphrase       (1122334455667788)
   Plaintext        (01234567)
   Padding          (standard)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output    (53616c7465645f5fbd05365dbf81b68dc993d497767c6ed9)
   Header Name      (53616c7465645f5f)
   Header Value     (bd05365dbf81b68d)
   Ciphertext       (c993d497767c6ed9)
   Pass Phrase      (1122334455667788)
   Salt             (bd05365dbf81b68d)
   IV               (d387a235a1185750)
Decrypting ciphertext...
   Decrypted text   (01234567)
Getting Padded Plaintext...
   Padded Plaintext (0123456704040404)
                             --------
                             padding                             

Example 3 - 'oneandzeroes' padding on a full block:

C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \
   1122334455667788 0123456789abcdef oneandzeroes
   
Crypt::CBC Padding Test - output in Hex:
   Passphrase       (1122334455667788)
   Plaintext        (0123456789abcdef)
   Padding          (oneandzeroes)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output    (53616c7465645f5f27a2d3069672a6e9
                     f0656434f0047185dea87f8efb582fa7)
   Header Name      (53616c7465645f5f)
   Header Value     (27a2d3069672a6e9)
   Ciphertext       (f0656434f0047185dea87f8efb582fa7)
   Pass Phrase      (1122334455667788)
   Salt             (27a2d3069672a6e9)
   IV               (466af4f00d3194c7)
Decrypting ciphertext...
   Decrypted text   (0123456789abcdef)
Getting Padded Plaintext...
   Padded Plaintext (0123456789abcdef8000000000000000)
                                     ----------------
                                     padding

Example 4 - 'oneandzeroes' padding on a half block:

C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \
   1122334455667788 01234567 oneandzeroes
   
Crypt::CBC Padding Test - output in Hex:
   Passphrase       (1122334455667788)
   Plaintext        (01234567)
   Padding          (oneandzeroes)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output    (53616c7465645f5f334ce16204763f979e98aa2fcb9b2321)
   Header Name      (53616c7465645f5f)
   Header Value     (334ce16204763f97)
   Ciphertext       (9e98aa2fcb9b2321)
   Pass Phrase      (1122334455667788)
   Salt             (334ce16204763f97)
   IV               (9781c7f912887fd5)
Decrypting ciphertext...
   Decrypted text   (01234567)
Getting Padded Plaintext...
   Padded Plaintext (0123456780000000)
                             --------
                             padding

Exercise: Run the script other padding options.

Last update: 2018.

Table of Contents

 About This Book

 Blowfish Cipher Algorithm

 Perl Crypt::Blowfish Module

 Perl Crypt::ECB Perl Module

Perl Crypt::CBC Module

 What is Crypt::CBC

 Installing Crypt::CBC 2.33 with ActivePerl

 Crypt::CBC Encryption with Literal Keys

 Crypt::CBC Literal Key Error Cases

 Crypt::CBC Encryption with Crypt::Blowfish Objects

 Crypt::CBC Operation Simulation

 Crypt::CBC Encryption Verification

 Blowfish CBC 2-Block Test Vectors

 Crypt::CBC Prepending IV to Ciphertext

 Crypt::CBC Encryption with Salted Keys

 Crypt::CBC Salted Key Test Cases

 Crypt::CBC Secret Key and IV Algorithm

 Crypt::CBC Encryption with Random Salt

 Crypt::CBC Padding Options

Crypt::CBC Padding Option Tests

 Crypt::CBC Blowfish Encryption Summary

 Perl Crypt::CFB Perl Module

 OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption

 OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption

 OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption

 OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption

 PHP Mcrypt Extension for Blowfish

 Blowfish 8-Bit Cipher in PHP

 References

 Full Version in PDF/EPUB