Bug 130130

Summary: Include standalone 'des' binary from OpenSSL
Product: [Fedora] Fedora Reporter: Ed Avis <ed>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: chris+redhat
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-02-09 09:45:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ed Avis 2004-08-17 13:35:54 UTC 
When you build OpenSSL you can also build a standalone 'des' program
(it ends up as crypto/des/des).  This is a useful tool for DES
encryption and decryption, which some people still use.  Please can
you arrange for this program to be built and installed as part of the
RPM package?
Comment 1 Tomas Mraz 2005-02-09 09:45:44 UTC 
Why can't you use 'openssl des ...' instead?
Comment 2 Ed Avis 2005-02-24 19:04:19 UTC 
As far as I can tell 'openssl des' works differently from the 'des' program - it
won't decrypt the same files (none of the 12 or so different des variants
supported by 'openssl des' works, but plain 'des' works).

However I will ask on the openssl list to get a definitive answer.
Comment 3 Chris Wilson 2015-02-06 11:38:11 UTC 
'openssl des' uses a weird old method, invented by MIT and not used elsewhere, to generate the encryption key from the password supplied on the command line:

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/des/des.c#L418

There is apparently no way to call DES_string_to_key() (or equivalent) in the new OpenSSL API, since everything has standardised on EVP_BytesToKey instead, which generates the key using one of the standard OpenSSL message digest suites, which doesn't include DES_string_to_key().

This means that the following commands produce different results, because they use different keys:

openssl enc -d -des -k "MyPasswd" -in encrypted.bin
des -D -k "MyPasswd" -in encrypted.bin

The solution is to transform your key using DES_string_to_key(), while you still can (it's being removed from OpenSSL). You could write a C program, or use Python ctypes to do it:

from ctypes import *
buf = create_string_buffer(8)
cdll.libcrypto.DES_string_to_key('MyPasswd', buf)
print "".join("{:02x}".format(ord(c)) for c in buf.raw)

This will output a hex string that you can pass to "openssl enc" with the -K parameter (instead of -k) to be used as the raw key, like this:

openssl enc -d -des -K ea8907c7407cc1a8 -iv 0000000000000000 -in encrypted.bin

Note that you also have to supply the IV if you supply your own key as a hex string. The old des utility sets the IV to all zero bytes by default.