I'm now trying to encrypt some plain texts with given 3 keys and initialization vector (iv) with Triple DES algorithm in CFB mode. My implementation in python using pycrypto is as follows.
import base64
from Crypto.Cipher import DES3
key1 = b'key1____'
key2 = b'key2____'
key3 = b'key3____'
key = key1 + key2 + key3
initialization_vector = b'init____'
des3 = DES3.new(key, mode=DES3.MODE_CFB, IV=initialization_vector)
plain_text = "this is plain text."
encrpted = des3.encrypt(plain_text)
b64 = base64.b64encode(encrpted)
print('key = {}'.format(key.hex()))
print('iv = {}'.format(initialization_vector.hex()))
print('encrypted = {}'.format(b64.decode()))
This program outputs:
key = 6b6579315f5f5f5f6b6579325f5f5f5f6b6579335f5f5f5f
iv = 696e69745f5f5f5f
encrypted = TGlbmL795TWPX0h39F19N6WZ6Q==
To cross-check the result, I compared this output from python and the one from openssl command. But the openssl outputs different result.
$ echo -n "this is plain text." | openssl des-ede3-cfb -K 6b6579315f5f5f5f6b6579325f5f5f5f6b6579335f5f5f5f -iv 696e69745f5f5f5f -base64
TEkV+qFiNHi+C8cxpG2qyzGw9A==
Why does the outputs vary even though the algorithm and the mode are same? Any help is greatly appreciated.
I have solved the problem by myself. The difference was the default segment size for CFB. pycrypto's default is 8 bits, but openssl's default is 64bits. I've got a same result by specifying segment size in openssl command as follows.
~$ echo -n "this is plain text." | openssl des-ede3-cfb8 -K 6b6579315f5f5f5f6b6579325f5f5f5f6b6579335f5f5f5f -iv 696e69745f5f5f5f -base64
TGlbmL795TWPX0h39F19N6WZ6Q==