Gibberish library provides a nice CBC algo...
// In Jascascript
GibberishAES.enc("Made with Gibberish\n", "password");
// Outputs: "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
# On the mand line
echo "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o" |
openssl enc -d -aes-256-cbc -a -k password
How can I do this decryption in ruby? The straightforward way doesn't work...
require 'openssl'
def aes(m,k,t)
(aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = k
aes.update(t) << aes.final
end
def encrypt(key, text)
aes(:encrypt, key, text)
end
def decrypt(key, text)
aes(:decrypt, key, text)
end
def p k
Digest::SHA256.digest(k) ## what goes here???
end
require 'base64'
def t x
## also tried.. simply returning x...
Base64.decode64(x)
end
text = "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
pass = "password"
decrypt(p(pass), t(text))
Gibberish library provides a nice CBC algo...
// In Jascascript
GibberishAES.enc("Made with Gibberish\n", "password");
// Outputs: "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
# On the mand line
echo "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o" |
openssl enc -d -aes-256-cbc -a -k password
How can I do this decryption in ruby? The straightforward way doesn't work...
require 'openssl'
def aes(m,k,t)
(aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = k
aes.update(t) << aes.final
end
def encrypt(key, text)
aes(:encrypt, key, text)
end
def decrypt(key, text)
aes(:decrypt, key, text)
end
def p k
Digest::SHA256.digest(k) ## what goes here???
end
require 'base64'
def t x
## also tried.. simply returning x...
Base64.decode64(x)
end
text = "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
pass = "password"
decrypt(p(pass), t(text))
- the iv is not getting set... whats its default value? I have solved this in the past. stumbling at this again... aaargh... – Ryan Oberoi Commented Dec 21, 2009 at 6:02
2 Answers
Reset to default 5Digging into Gibberish code... provides the clues to the answers. and why the traditional mechanism does not work.
dec = function(string, pass) {
// string, password in plaintext
var cryptArr = Base64.decode(string),
salt = cryptArr.slice(8, 16),
pbe = openSSLKey(s2a(pass), salt),
key = pbe.key,
iv = pbe.iv;
cryptArr = cryptArr.slice(16, cryptArr.length);
// Take off the Salted__ffeeddcc
string = rawDecrypt(cryptArr, key, iv);
return string;
},
Converting to ruby is now fairly trivial.. noting it down for my personal future reference.
require 'base64'
require 'openssl'
def decode(k,t)
cryptArr = Base64.decode64(t)
salt = cryptArr[8..15]
data = cryptArr[16..-1]
aes = OpenSSL::Cipher::Cipher.new('AES-256-CBC').decrypt
aes.pkcs5_keyivgen(k, salt, 1)
s = aes.update(data) + aes.final
end
orig = "Made with Gibberish\n"
cipr = "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
pass = "password"
puts decode(pass, cipr)
I wrote the original Gibberish JS library, and I finally got around to rectifying the situation in Ruby. The above code from Ryan Oberoi is absolutely correct, but I've gone ahead and created a gem to do the same thing. Check it out at https://github./mdp/gibberish