Decrypting a string using DES-ECB in Rust

Question

I'm trying to decrypt a string using the DES-ECB encryption algorithm in Rust. I have the following encrypted string:

ID2ieOjCrwfgWvL5sXl4B1ImC5QfbsDyzIPKrPZsLT6XiYvvt4HzTf4FNdlY3djNa2mCXTFAkYtwZjohCZ6rhxw7tS9a8Gtq

The key is 38346591. I'm attempting to use the Rust OpenSSL crate for this purpose.

Here's the code I've tried:

use base64::{engine::general_purpose, Engine as _};
use openssl::error::ErrorStack;
use openssl::symm::{decrypt, Cipher};

fn main() -> Result<(), ErrorStack> {
    let key = b"38346591";
    let encrypted_data_b64 = b"ID2ieOjCrwfgWvL5sXl4B1ImC5QfbsDyzIPKrPZsLT6XiYvvt4HzTf4FNdlY3djNa2mCXTFAkYtwZjohCZ6rhxw7tS9a8Gtq";

    let encrypted_data = general_purpose::STANDARD
        .decode(&encrypted_data_b64)
        .unwrap();

    let cipher = Cipher::des_ecb();
    let decrypted = decrypt(cipher, key, None, &encrypted_data)?;
    println!(
        "Decrypted Data: {:?}",
        String::from_utf8(decrypted).unwrap()
    );

    Ok(())
}

However, when I run this code, I get the following error:

[Error { code: 50856204, library: "digital envelope routines", function: "inner_evp_generic_fetch", reason: "unsupported", file: "crypto/evp/evp_fetch.c", line: 341, data: "Global default library context, Algorithm (DES-ECB : 17), Properties ()" }]

Additionally, I've also tried using the decrypt function from the OpenSSL crate for this purpose, but it didn't work either.

It seems like DES-ECB is not supported or there's something wrong with my approach. Can anyone help me figure out how to properly decrypt this string using DES-ECB in Rust? Any guidance or alternative methods would be greatly appreciated. Thank you!

EDIT: The code runs fine on Rust Playground (gist link), but throws the error on my Arch machine.

Answer 1

When I run your code on my local m2 machine, I get the same error:

Error: ErrorStack([Error { code: 50856204, library: "digital envelope routines", function: "inner_evp_generic_fetch", reason: "unsupported", file: "crypto/evp/evp_fetch.c", line: 355, data: "Global default library context, Algorithm (DES-ECB : 52), Properties ()" }])

The reason is that since crate version "0.10.." the openssl crate has switched to OpenSSL3, which has marked old and weak algorithms as depreacated and doesn't support them by default anymore.

So, first of all you need to make sure that your OpenSsl installation which is linked to and used by your app has been built with legacy support.

And then you need to load the legacy provider (as the default one). Then the above code will work. To achieve it, here is the updated source code:

    use base64::{Engine as _, engine::general_purpose};
    use openssl::error::ErrorStack;
    use openssl::provider::Provider;
    use openssl::symm::{Cipher, decrypt};
    
    fn main() -> Result<(), ErrorStack> {
      let provider = Provider::try_load(None, "legacy", true).unwrap();
      let key = b"38346591";
      let encrypted_data_b64 = b"ID2ieOjCrwfgWvL5sXl4B1ImC5QfbsDyzIPKrPZsLT6XiYvvt4HzTf4FNdlY3djNa2mCXTFAkYtwZjohCZ6rhxw7tS9a8Gtq";
    
      let encrypted_data = general_purpose::STANDARD
        .decode(&encrypted_data_b64)
        .unwrap();
    
      let cipher = Cipher::des_ecb();
      let decrypted = decrypt(cipher, key, None, &encrypted_data)?;
      println!(
        "Decrypted Data: {:?}",
        String::from_utf8(decrypted).unwrap()
      );
    
      Ok(())
    }

Please notice the addition of the legacy Provider to the default context (i.e. None).