[erlang-questions] 3des decryption in erlang

Tony Rogvall tony@REDACTED
Tue Aug 11 12:54:03 CEST 2015 

Hi!


> On 11 aug 2015, at 12:12, Ingela Andin <ingela.andin@REDACTED> wrote:
> 
> Hi!
> 
> 
> 2015-08-11 6:22 GMT+02:00 Alex Xu <xuxb1979@REDACTED>:
> Thank you for your rapid answer, Sean.
> 
> I’ve tried block_decrypt yesterday, but I couldn’t find the counterpart of ECB mode decryption.
> 
> I tried des_ede3, des3_cbc, de3_cbf. For des_ede3/des3_cbc, the output seams the same, and only the first 8 bytes output result are correct.
> 
> For des3_cbf, the output are completely incorrect.
> 
> So I’m still confused how to do DES3 ECB decryption with block_decrypt?
> 
> 
> It actually looks like this algorithm was missed when making the new crypto-API. I think it could probably be added quite easily to the new API but this will probably not be highly prioritized
> by Ericsson.
> 

The functions are still there, you just need to call them directly.
They are deprecated and will vanish next release? But then maybe OTP fixes the api?
Try this in the shell:

application:start(crypto).
ClearText = iolist_to_binary(lists:duplicate(10, lists:seq($1,$8))).
Key = <<”hello123">>.
IV = <<0,0,0,0, 0,0,0,0>>.
Encrypted = crypto:des3_cbc_encrypt(Key, Key, Key, IV, ClearText).
crypto:des3_cbc_decrypt(Key, Key, Key, IV, Encrypted).

Note that the Key, IV needs to be 8 bytes and that the size of ClearText and Encrypted must be
a multiple of 8 ( all arguments must be of type binary ).

/Tony

> Regards Ingela Erlang/OTP Team - Ericsson AB
> 
> 
>> On Aug 10, 2015, at 21:54, Sean Cribbs <seancribbs@REDACTED> wrote:
>> 
>> Xiaobin,
>> 
>> Here's what I came up with:
>> 
>>     crypto:start(),
>>     %% To decrypt the text, note Key and IV must be defined in this scope
>>     Unencoded = base64:decode(Value),
>>     Cleartext = crypto:block_decrypt(des3_cbc, Key, IV, Unencoded),
>>     %% To unpad the text, see https://github.com/camshaft/pkcs7.erl
>>     pkcs7:unpad(Cleartext)
>> 
>> The main thing to note is the difference in how you use the crypto module. In Erlang, you don't need to initialize, decrypt, and cleanup in separate steps. You do however, need to make sure the crypto application is started before you try this. Generally, you would make crypto a dependency (see http://erlang.org/doc/man/app.html) of the application that contains this code and it would be started automatically when your release is booted.
>> 
>> On Mon, Aug 10, 2015 at 7:59 AM, Xiaobin Xu <xuxb1979@REDACTED> wrote:
>> Hi, all,
>> 
>>    For some reason i have to decrypt a message that is encrypted using 3DES algorithm, and I've PHP function example how to decrypt the message:
>> 
>> 	public  function decrypt($value) {
>> 		$td = mcrypt_module_open ( MCRYPT_3DES, '', MCRYPT_MODE_ECB, '' );
>> 		mcrypt_generic_init ( $td, $this->key,$this->iv );
>> 		$ret = trim ( mdecrypt_generic ( $td, base64_decode ( $value ) ) );
>> 		$ret = $this->UnPaddingPKCS7 ( $ret );
>> 		mcrypt_generic_deinit ( $td );
>> 		mcrypt_module_close ( $td );
>> 		return $ret;
>> 	}
>> 
>> 
>> 	private  function UnPaddingPKCS7($data) {
>> 		$padlen = ord (substr($data, (strlen( $data )-1), 1 ) );
>> 		if ($padlen > 8 )
>> 			return $data;
>> 
>> 		for($i = -1*($padlen-strlen($data)); $i < strlen ( $data ); $i ++) {
>> 			if (ord ( substr ( $data, $i, 1 ) ) != $padlen)return false;
>> 		}
>> 
>> 		return substr ( $data, 0, -1*($padlen-strlen ( $data ) ) );
>> 	}
>> 
>>    I googled and read crypto module document for a couple hours, and got no idea how to translate these two functions into erlang.
>> 
>>    Any ideas?
>> 
>> 
>>    Thanks,
>>     Xiaobin
>> 
>> 
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>> 
>> 
> 
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
> 
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150811/ade457ff/attachment.bin>

More information about the erlang-questions mailing list