Blowfish Cipher Tutorials - Herong's Tutorial Examples - v2.03, by Herong Yang
Crypt::CBC Padding Option Tests
A tutorial example is provided to how different Crypt::CBC padding options behave. The 'standard' (PKCS#5) padding option seems to be the best.
In the previous tutorial, we saw that Crypt::CBC offers 6 padding options. In this tutorial, we will see some examples of how different padding options behave.
The following Perl script will be used generate those examples:
#- Crypt-CBC-Blowfish-Padding-Test.pl #- Copyright (c) 2015 HerongYang.com, All Rights Reserved. #- use Crypt::CBC; $algorithm = "Blowfish"; my ($passHex, $plainHex, $padding) = @ARGV; print("Crypt::CBC Padding Test - output in Hex:\n"); $passHex = "1122334455667788" unless $passHex; $plainHex = "" unless $plainHex; $padding = "standard" unless $padding; $passStr = pack("H*", $passHex); $plainStr = pack("H*", $plainHex); print(" Passphrase ($passHex)\n"); print(" Plaintext ($plainHex)\n"); print(" Padding ($padding)\n"); print("Creating Crypt::CBC with Passphrase...\n"); $cipher = Crypt::CBC->new( -cipher => $algorithm, -key => $passStr, -salt => '1', -header => 'salt', -padding => $padding, );0123456789abcdef print("Encrypting plaintext...\n"); $cipherStr = $cipher->encrypt($plainStr); $cipherHex = unpack("H*", $cipherStr); print(" Cipher Output ($cipherHex)\n"); $headerNameHex = substr($cipherHex,0,16); $headerValueHex = substr($cipherHex,16,16); $realCipherHex = substr($cipherHex,32); print(" Header Name ($headerNameHex)\n"); print(" Header Value ($headerValueHex)\n"); print(" Ciphertext ($realCipherHex)\n"); $passStr = $cipher->passphrase(); $passHex = unpack("H*", $passStr); print(" Pass Phrase ($passHex)\n"); $saltStr = $cipher->salt(); $saltHex = unpack("H*", $saltStr); print(" Salt ($saltHex)\n"); $ivStr = $cipher->iv(); $ivHex = unpack("H*", $ivStr); print(" IV ($ivHex)\n"); print("Decrypting ciphertext...\n"); $decryptStr = $cipher->decrypt($cipherStr); $decryptHex = unpack("H*", $decryptStr); print(" Decrypted text ($decryptHex)\n"); print("Getting Padded Plaintext...\n"); $cipher = Crypt::CBC->new( -cipher => $algorithm, -key => $passStr, -salt => '1', -header => 'salt', -padding => 'none', ); $decryptStrPadded = $cipher->decrypt($cipherStr); $decryptHexPadded = unpack("H*", $decryptStrPadded); print(" Padded Plaintext ($decryptHexPadded)\n");
Example 1 - 'standard' (PKCS#5) padding on a full block:
C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \ 1122334455667788 0123456789abcdef standard Crypt::CBC Padding Test - output in Hex: Passphrase (1122334455667788) Plaintext (0123456789abcdef) Padding (standard) Creating Crypt::CBC with Passphrase... Encrypting plaintext... Cipher Output (53616c7465645f5f80bd5c7cab632670 05880f479ada3d75c496ec8b92f67788) Header Name (53616c7465645f5f) Header Value (80bd5c7cab632670) Ciphertext (05880f479ada3d75c496ec8b92f67788) Pass Phrase (1122334455667788) Salt (80bd5c7cab632670) IV (74fa2dc14decd610) Decrypting ciphertext... Decrypted text (0123456789abcdef) Getting Padded Plaintext... Padded Plaintext (0123456789abcdef0808080808080808) ---------------- padding
Example 2 - 'standard' (PKCS#5) padding on a half block:
C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \ 1122334455667788 01234567 standard Crypt::CBC Padding Test - output in Hex: Passphrase (1122334455667788) Plaintext (01234567) Padding (standard) Creating Crypt::CBC with Passphrase... Encrypting plaintext... Cipher Output (53616c7465645f5fbd05365dbf81b68dc993d497767c6ed9) Header Name (53616c7465645f5f) Header Value (bd05365dbf81b68d) Ciphertext (c993d497767c6ed9) Pass Phrase (1122334455667788) Salt (bd05365dbf81b68d) IV (d387a235a1185750) Decrypting ciphertext... Decrypted text (01234567) Getting Padded Plaintext... Padded Plaintext (0123456704040404) -------- padding
Example 3 - 'oneandzeroes' padding on a full block:
C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \ 1122334455667788 0123456789abcdef oneandzeroes Crypt::CBC Padding Test - output in Hex: Passphrase (1122334455667788) Plaintext (0123456789abcdef) Padding (oneandzeroes) Creating Crypt::CBC with Passphrase... Encrypting plaintext... Cipher Output (53616c7465645f5f27a2d3069672a6e9 f0656434f0047185dea87f8efb582fa7) Header Name (53616c7465645f5f) Header Value (27a2d3069672a6e9) Ciphertext (f0656434f0047185dea87f8efb582fa7) Pass Phrase (1122334455667788) Salt (27a2d3069672a6e9) IV (466af4f00d3194c7) Decrypting ciphertext... Decrypted text (0123456789abcdef) Getting Padded Plaintext... Padded Plaintext (0123456789abcdef8000000000000000) ---------------- padding
Example 4 - 'oneandzeroes' padding on a half block:
C:\herong>perl Crypt-CBC-Blowfish-Padding-Test.pl \ 1122334455667788 01234567 oneandzeroes Crypt::CBC Padding Test - output in Hex: Passphrase (1122334455667788) Plaintext (01234567) Padding (oneandzeroes) Creating Crypt::CBC with Passphrase... Encrypting plaintext... Cipher Output (53616c7465645f5f334ce16204763f979e98aa2fcb9b2321) Header Name (53616c7465645f5f) Header Value (334ce16204763f97) Ciphertext (9e98aa2fcb9b2321) Pass Phrase (1122334455667788) Salt (334ce16204763f97) IV (9781c7f912887fd5) Decrypting ciphertext... Decrypted text (01234567) Getting Padded Plaintext... Padded Plaintext (0123456780000000) -------- padding
Exercise: Run the script other padding options.
Table of Contents
Installing Crypt::CBC 2.33 with ActivePerl
Crypt::CBC Encryption with Literal Keys
Crypt::CBC Literal Key Error Cases
Crypt::CBC Encryption with Crypt::Blowfish Objects
Crypt::CBC Operation Simulation
Crypt::CBC Encryption Verification
Blowfish CBC 2-Block Test Vectors
Crypt::CBC Prepending IV to Ciphertext
Crypt::CBC Encryption with Salted Keys
Crypt::CBC Salted Key Test Cases
Crypt::CBC Secret Key and IV Algorithm
Crypt::CBC Encryption with Random Salt
►Crypt::CBC Padding Option Tests
Crypt::CBC Blowfish Encryption Summary
OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption