Blowfish Cipher Tutorials - Herong's Tutorial Examples - v2.03, by Herong Yang
Crypt::CBC Encryption with Salted Keys
A tutorial Perl example is provided to show how to use Crypt::CBC to perform encryption with a passphrase and a salt, which will be used to derive the secret key and the IV.
So far, we have learned 2 options to use the Crypt::CBC module: Literal Key and Crypt::CBC Object. Both options allow us to directly specify the secret key and the IV.
The Crypt::CBC module also supports a third option, Salted Key, which allows us to specify a passphrase and a salt to the Crypt::CBC module, then ask the module to derive the secret key and IV.
According to the Crypt::CBC manual page, we need to provide the following parameters when calling the new() method to use the Salted Key option:
To help us understanding the Salted Key option, I wrote the following example Perl script, Crypt-CBC-Blowfish-Salted-Key.pl:
#- Crypt-CBC-Blowfish-Salted-Key.pl #- Copyright (c) 2015 HerongYang.com, All Rights Reserved. #- use Crypt::CBC; $algorithm = "Blowfish"; my ($passHex, $saltHex, $plainHex) = @ARGV; print("Crypt::CBC Salted Key - output in Hex:\n"); $passHex = "1122334455667788" unless $passHex; $saltHex = "0000000000000000" unless $saltHex; $plainHex = "0123456789abcdef" unless $plainHex; $passStr = pack("H*", $passHex); $saltStr = pack("H*", $saltHex); $plainStr = pack("H*", $plainHex); print(" Passphrase ($passHex)\n"); print(" Salt ($saltHex)\n"); print(" Plaintext ($plainHex)\n"); print("Creating Crypt::CBC with Passphrase and Salt...\n"); $cipher = Crypt::CBC->new( -cipher => $algorithm, -key => $passStr, -salt => $saltStr, -header => 'salt', -padding => 'none' ); print("Encrypting plaintext...\n"); $cipherStr = $cipher->encrypt($plainStr); $cipherHex = unpack("H*", $cipherStr); print(" Cipher Output ($cipherHex)\n"); $headerNameHex = substr($cipherHex,0,16); $headerValueHex = substr($cipherHex,16,16); $realCipherHex = substr($cipherHex,32); print(" Header Name ($headerNameHex)\n"); print(" Header Value ($headerValueHex)\n"); print(" Ciphertext ($realCipherHex)\n"); print("Decrypting ciphertext...\n"); $decryptStr = $cipher->decrypt($cipherStr); $decryptHex = unpack("H*", $decryptStr); print(" Decrypted text ($decryptHex)\n"); $passStr = $cipher->passphrase(); $passHex = unpack("H*", $passStr); print(" Pass Phrase ($passHex)\n"); $saltStr = $cipher->salt(); $saltHex = unpack("H*", $saltStr); print(" Salt ($saltHex)\n"); $ivStr = $cipher->iv(); $ivHex = unpack("H*", $ivStr); print(" IV ($ivHex)\n");
If you run this example script with a passphrase, salt, and plaintext, you will get something like:
C:\herong>perl Crypt-CBC-Blowfish-Salted-Key.pl \ 1122334455667788 0000000000000000 0123456789abcdef Crypt::CBC Salted Key - output in Hex: Passphrase (1122334455667788) Salt (0000000000000000) Plaintext (0123456789abcdef) Creating Crypt::CBC with Passphrase and Salt... Encrypting plaintext... Cipher Output (53616c7465645f5f00000000000000008eb0ddf700ee18b1) Header Name (53616c7465645f5f) Header Value (0000000000000000) Ciphertext (8eb0ddf700ee18b1) Decrypting ciphertext... Decrypted text (0123456789abcdef) Pass Phrase (1122334455667788) Salt (0000000000000000) IV (eda37dc506202bd2)
The output looks good:
Table of Contents
Installing Crypt::CBC 2.33 with ActivePerl
Crypt::CBC Encryption with Literal Keys
Crypt::CBC Literal Key Error Cases
Crypt::CBC Encryption with Crypt::Blowfish Objects
Crypt::CBC Operation Simulation
Crypt::CBC Encryption Verification
Blowfish CBC 2-Block Test Vectors
Crypt::CBC Prepending IV to Ciphertext
►Crypt::CBC Encryption with Salted Keys
Crypt::CBC Salted Key Test Cases
Crypt::CBC Secret Key and IV Algorithm
Crypt::CBC Encryption with Random Salt
Crypt::CBC Padding Option Tests
Crypt::CBC Blowfish Encryption Summary
OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption