On 02/12/16 10:00, botp wrote:
> On Thu, Dec 1, 2016 at 5:19 AM, Pedro Ribeiro <pedrib / gmail.com> wrote:
>> I'm trying to understand why there is a difference between Ruby and
>> Python when using Blowfish encryption in ECB mode. Using the same
>> algorithm parameters, and the same input, the encrypted output is
>> completely different.
> 
> try,
> 1 http://www.di-mgt.com.au/cryptopad.html
> 2 http://stackoverflow.com/questions/19661508/aes-python-encryption-and-ruby-encryption-different-behaviour
> 
> best regards
> --botp
> 
> Unsubscribe: <mailto:ruby-talk-request / ruby-lang.org?subject=unsubscribe>
> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
> 


Thanks for the help botp. Your answer put me in the right track.
I went to the Blowfish vector page and tried different vectors to
understand what is wrong.

It seems that the Ruby OpenSSL makes some assumptions with regards to
key length - I'm not sure if this is a bug or not. The fix for the code
I pasted before was very simple: when initializing the cipher, I have to
specify the key_len before setting the key:

cipher = OpenSSL::Cipher::Cipher.new("bf-ecb").send :encrypt
cipher.key_len = secret_key.length
cipher.key = secret_key
cipher.padding = 0
binary_data = (cipher.update(payload) << cipher.final)

This makes it work correctly and match the Python output.

Not sure if this is a bug or not, if you think it is I'll just create a
ticket in the tracker.

Regards,
Pedro

Unsubscribe: <mailto:ruby-talk-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>