views:

204

answers:

3

Recently a problem arose regarding hooking up an API with a payment processor who were requesting a string to be encrypted to be used as a token, using the TripleDES standard. Our Applications run using ColdFusion, which has an Encrypt tag - that supports TripleDES - however the result we were getting back was not what the payment processor expected.

First of all, here is the resulting token the payment processor were expecting.

AYOF+kRtg239Mnyc8QIarw==

And below is the snippet of ColdFusion we were using, and the resulting string.

<!--- Coldfusion Crypt (here be monsters) --->
<cfset theKey="123412341234123412341234">
<cfset theString = "username=test123">
<cfset strEncodedEnc = Encrypt(theString, theKey, "DESEDE", "Base64")>
<!---
 resulting string(strEncodedEnc): tc/Jb7E9w+HpU2Yvn5dA7ILGmyNTQM0h
--->

As you can see, this was not returning the string we were hoping for. Seeking a solution, we ditched ColdFusion for this process and attempted to reproduce the token in PHP.

Now I'm aware that various languages implement encryption in different ways - for example in the past managing encryption between a C# application and PHP back-end, I've had to play about with padding in order to get the two to talk, but my experience has been that PHP generally behaves when it comes to encryption standards.

Anyway, on to the PHP source we tried, and the resulting string.

/* PHP Circus (here be Elephants) */
$theKey="123412341234123412341234";
$theString="username=test123";
$strEncodedEnc=base64_encode(mcrypt_ecb (MCRYPT_3DES, $theKey, $theString, MCRYPT_ENCRYPT));
/*
 resulting string(strEncodedEnc): sfiSu4mVggia8Ysw98x0uw==
*/

As you can plainly see, we've got another string that differs from both the string expected by the payment processor AND the one produced by ColdFusion. Cue head-against-wall integration techniques.

After many to-and-fro communications with the payment processor (lots and lots of reps stating 'we can't help with coding issues, you must be doing it incorrectly, read the manual') we were finally escalated to someone with more than a couple of brain-cells to rub together, who was able to step back and actually look at and diagnose the issue.

He agreed, our CF and PHP attempts were not resulting in the correct string. After a quick search, he also agreed that it was not neccesarily our source, but rather how the two languages implemented their vision of the TripleDES standard.

Coming into the office this morning, we were met by an email with a snippet of source code, in Perl. This is was the code they were directly using on their end to produce the expected token.

#!/usr/bin/perl
# Perl Crypt Calamity (here be...something)
use strict;
use CGI;
use MIME::Base64;
use Crypt::TripleDES;

my $cgi = CGI->new();
my $param = $cgi->Vars();

$param->{key} = "123412341234123412341234";
$param->{string} = "username=test123";
my $des = Crypt::TripleDES->new();

my $enc = $des->encrypt3($param->{string}, $param->{key});
$enc = encode_base64($enc);
$enc =~ s/\n//gs;

# resulting string (enc): AYOF+kRtg239Mnyc8QIarw==

So, there we have it. Three languages, three implementations of what they quote in the documentation as TripleDES Standard Encryption, and three totally different resulting strings.

My question is, from your experience of these three languages and their implementations of the TripleDES algorithm, have you been able to get any two of them to give the same response, and if so what tweaks to the code did you have to make in order to come to the result?

I understand this is a very drawn out question, but I wanted to give clear and precise setting for each stage of testing that we had to perform.

I'll also be performing some more investigatory work on this subject later, and will post any findings that I come up with to this question, so that others may avoid this headache.

+1  A: 

Oh, this is fun!

> hex clear_text
0000  75 73 65 72 6e 61 6d 65  3d 74 65 73 74 31 32 33  username =test123

> openssl des3 -in clear_text -out crypt_text
enter des-ede3-cbc encryption password: 123412341234123412341234
Verifying - enter des-ede3-cbc encryption password: 123412341234123412341234

> hex crypt_text
0000  53 61 6c 74 65 64 5f 5f  d7 1b 37 a6 e0 c4 99 d1  Salted__ ..7.....
0010  ce 39 7f 87 5e 8b e8 8a  27 ca 39 41 58 01 38 16  .9..^... '.9AX.8.
0020  a5 2b c8 14 ed da b7 d5                           .+......

> base64 crypt_text
U2FsdGVkX1/XGzem4MSZ0c45f4dei+iKJ8o5QVgBOBalK8gU7dq31Q==

> openssl version
OpenSSL 0.9.8k 25 Mar 2009

> base64 --version | head -n 1
base64 (GNU coreutils) 7.1

You should talk to a crypto expert, try perhaps the mailing lists openssl-users or dev-tech-crypto@mozilla unless someone useful shows up here.

daxim
Thanks for the reply daxim - yeah it's providing some entertainment. I'm by no means a crypto expert, but I'm digging through the sources of the extensions for Perl and PHP and am seeing some definate differences in how they implement the standard. I've not got much time at the moment, but I'll have a good old dig through tonight after work.
Seidr
+1. "Entertaining.." that is one way to describe it ;)
Leigh
+5  A: 

The Perl's TripleDES should never be used. It does so many weird things and you are going to have fun.

Your first problem is that the keys in Perl are hex and you need to convert them into binary. Try this in PHP,

$theKey="123412341234123412341234";
$key = pack('H*', str_pad($theKey, 16*3, '0'));
$strEncodedEnc=base64_encode(mcrypt_ecb (MCRYPT_3DES, $key, $theString, MCRYPT_ENCRYPT));
echo $strEncodedEnc, "\n";

The result is,

AYOF+kRtg239Mnyc8QIarw==

Then you have to pad it in a weird way. I forgot the details. You are lucky with this sample (it's 16 chars).

ZZ Coder
Fantastic, that makes sense. Yes - you must pad strings whose length are not multiples of 8 with CHR(32). Thanks for this ZZ Coder - this takes care of PHP<->Perl. Using this information I should hopefully be able to wrangle ColdFusion into place as well.
Seidr
Using this same method, I've managed to get the erroneous result I was getting in PHP in ColdFusion using the javax.crypto.Cipher object. Getting it any further though, is proving difficult.
Seidr
As mentioned in my comment above, this works fine with a string that is already acceptable as a hex string, but the key can be any combination of a-zA-Z0-9. It seems the problem lays in PHPs pack function. Perls pack function can handle non-hexadecimal characters, however PHPs cannot.
Seidr
Perl pack treats all illegal hex chars as '0'. This is so broken. You are destroying all the entropies in the key. Are you sure you want use this payment company?
ZZ Coder
I see, I should be able to easily compensate for that. Unfortunately we do not have much choice in the matter, as the client this is for is rather established with them and as such would not want to move away. Thanks for your insight.
Seidr
+4  A: 

The Coldfusion Answer:

The first problem is that your key length is not correct for Triple DES. ZZ Coder correctly deduced that it needs to be padded to the correct length with 0's.

The next step is that the key needs to be converted to hex. To do this in CF, we have:

<cfset theKey="123412341234123412341234000000000000000000000000">
<cfset encodedKey = ToBase64(BinaryDecode(theKey, "HEX"))>

The final step is that the result is not being padded either, so we need to specify this in the encryption algorithm in CF:

<cfset strEncodedEnc = Encrypt(theString, encodedKey, "DESEDE/ECB/NoPadding", "Base64")>

The resulting complete code:

<cfset theKey="123412341234123412341234000000000000000000000000">
<cfset encodedKey = ToBase64(BinaryDecode(theKey, "HEX"))>
<cfset theString = "username=test123">
<cfset strEncodedEnc = Encrypt(theString, encodedKey, "DESEDE/ECB/NoPadding", "Base64")>
<cfdump var="#strEncodedEnc#"><br>

results in:

AYOF+kRtg239Mnyc8QIarw==
Edward M Smith
Ah, I was on the right track it seems. My thanks Edward :)
Seidr
Edward, would you be able to check out the comment I made, and see if you can ammend your code, if you can see where the problem lays please? Sorry to be a pain..if you cannot, it's no problem - we're running the Perl script as an interim at the moment, it'd just be nice to have it running native in CF. Thanks (the comment is on the main question)
Seidr
Is the key that you're being given just an ascii string? The only thing I can think of that might work is to change the "encodedKey" line to:<cfset encodedKey = ToBase64(theKey)>If theKey is a 24 character string, its the right length.
Edward M Smith