Looking for a Triple DES implementation

[David Kramer]

> David Kramer <david-8uUts6sDVDvs2Lz0fTdYFQ at public.gmane.org> writes:
>
>> Derek Atkins wrote:
>>> Have you tried OpenSSL?
>>
>> Huh?  Please explain.
>
> OpenSSL has both a cryptographic library API and a command-line.
> E.g. perl's Crypt:SSLeay ..

OK, got that now.  Thanks.

>
>>> Also, what MODE are you using?  CFB?  CBC?
>>
>> ECB
>
> So you're only encrypting something less than 8 bytes long?

No, it's 23 bytes long (24 with padding).

>From what I read online (I've been doing that a lot since I sent my first
email on the subject), ECB mode can encrypt strings more than 8 bytes
long, it just does it one 8-byte block at a time.  I assume they get
concatenated or something.  This is why the padding is important.  But I
would be happy to be told I'm wrong here.

> And this code proves to me that this guy should be fired on the spot,
> or at least be removed from doing anything related to security.  It's
> guys like this that write security snake-oil.
>
> * throws up his hands in complete disgust *

I found out this morning that he basically found some code on a website
somewhere and pasted it into his code.  He didn't really understand the
code himself.  I won't go so far to say that it's a fireable offense (I
prefer Double Secret Probation, AKA code reviews).  I copied code to get
the PHP side working, but I copied it from the PHP website, and I looked
at the documentation for each of the functions so I knew what the code
did.

I investigated his code further, and found he was running the output
through Base64 to get printable characters.  I then read up on what PKCS7
padding was.  PHP already has a Base64 function, and implementing KKCS7
took 10 minutes.

Now my output matches his, and I'm all set.  I do appreciate your help. 
Thank you.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.