Forum: Ruby OpenSSL::Cipher partially decrypts string with wrong iv

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
B078dc607e0d67b31f21807514065a3b?d=identicon&s=25 Richard Oliveri (mseries)
on 2009-03-14 03:19
I have an application where I want to require both the correct key and
iv in order to decrypt a string. I wrote a very simple program to test
the various success and failure cases.

ruby 1.8.6 (2007-03-13 patchlevel 0) [i686-darwin8.10.1]

When the key and iv are correct, it succeeds, as expected.
When the wrong key is provided, it fails, as expected.
However, when I pass the wrong iv, it looks like it actually decrypts
most of the string. Only the first 16 bytes are not decrypted properly.

Here's the test program:

require 'openssl'

str = "The quick brown fox jumped over the lazy dog."

cip1 ="aes-256-cbc")
key = cip1.random_key
iv = cip1.random_iv

es = cip1.update(str) +

cip2 ="aes-256-cbc")
cip2.key = key
cip2.iv = "X" * 32 # pass the wrong iv

rs = cip2.update(es) +

puts rs

I would expect the decrypt to fail or just return garbage, but I get the

���t��Y������W�fox jumped over the lazy dog.

Are my assumptions wrong, or is this an issue?

Thanks in advance. rpo
This topic is locked and can not be replied to.