OpenSSL::Cipher partially decrypts string with wrong iv

I have an application where I want to require both the correct key and
iv in order to decrypt a string. I wrote a very simple program to test
the various success and failure cases.

ruby 1.8.6 (2007-03-13 patchlevel 0) [i686-darwin8.10.1]

When the key and iv are correct, it succeeds, as expected.
When the wrong key is provided, it fails, as expected.
However, when I pass the wrong iv, it looks like it actually decrypts
most of the string. Only the first 16 bytes are not decrypted properly.

Here’s the test program:

require ‘openssl’

str = “The quick brown fox jumped over the lazy dog.”

cip1 = OpenSSL::Cipher::Cipher.new(“aes-256-cbc”)
cip1.encrypt
key = cip1.random_key
iv = cip1.random_iv

es = cip1.update(str) + cip1.final

cip2 = OpenSSL::Cipher::Cipher.new(“aes-256-cbc”)
cip2.decrypt
cip2.key = key
cip2.iv = “X” * 32 # pass the wrong iv

rs = cip2.update(es) + cip2.final

puts rs

I would expect the decrypt to fail or just return garbage, but I get the
following:

���t��Y������W�fox jumped over the lazy dog.

Are my assumptions wrong, or is this an issue?

Thanks in advance. rpo

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs