Forum: Ruby Ruby encryption

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ac200b7c28976d4887b4aa42539b9a5f?d=identicon&s=25 Archana Thota (archanab25)
on 2008-12-15 09:49
I want to translate exactly the below php code into ruby for encryption.
echo up_getEncrypted('mypassword', 1);
function up_getEncrypted($password, $user_id)
    {
        srand();

        $td = mcrypt_module_open('rijndael-128', '', 'cbc', '');
        $keylen = mcrypt_enc_get_key_size($td);
        $key = substr($password, 0, $keylen);
        $key = str_pad($key, $keylen);
        $iv_size = mcrypt_enc_get_iv_size($td);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        if (mcrypt_generic_init($td, $key, $iv) != -1)
        {
            $pad = 16 - strlen($user_id);
            $mypadded = $user_id . str_repeat(chr($pad), $pad);
            $c_t = mcrypt_generic($td, pack('H*',
md5($user_id)).$user_id);
            mcrypt_generic_deinit($td);
            $result = base64_encode($iv.$c_t);
            return $result;
        }
        else
        {
              return "";
        }
    }

result = up_getEncrypted('mypassword', 1)
puts result
def up_getEncrypted(password, user_id)
         c = OpenSSL::Cipher::Cipher.new("aes-128-cbc")
        c.encrypt
        c.key = key =
Digest::SHA1.hexdigest(password).unpack('a2'*32).map{|x|
x.hex}.pack('c'*32)
        c.iv = c.random_iv
          e = c.update(user_id.to_s)
          e << c.final
        return e
end

Output of php encryption code and output of rails encryption code are
not same.Please any one can modify my rails code such that i will get
results from both php and rails.
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2008-12-15 13:05
Archana Thota wrote:
> Output of php encryption code and output of rails encryption code are
> not same.

Presumably they're not doing the same things. In particular, I see that
you're doing an SHA1 on the key in the Ruby code, but not the php.

Try inserting debugging to look at intermediate values, e.g.

   puts "key = #{key.inspect}"

(and whatever the PHP equivalent is in the PHP code)

Also, I have no idea what you're doing with all that SHA1 unpacking,
mapping and packing. It seems that the final result is the same as a
simple Digest::SHA1.digest, but with 12 extra zeros on the end.

irb(main):001:0> password = "foobar"
=> "foobar"
irb(main):002:0> require 'digest/sha1'
=> true
irb(main):003:0>
Digest::SHA1.hexdigest(password).unpack('a2'*32).map{|x|
x.hex}.pack('c'*32)
=>
"\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x\000\000\000\000\000\000\000\000\000\000\000\000"
irb(main):004:0> Digest::SHA1.digest(password)
=> "\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x"
Ac200b7c28976d4887b4aa42539b9a5f?d=identicon&s=25 Archana Thota (archanab25)
on 2008-12-16 12:53
Brian Candler wrote:
> Archana Thota wrote:
>> Output of php encryption code and output of rails encryption code are
>> not same.
>
> Presumably they're not doing the same things. In particular, I see that
> you're doing an SHA1 on the key in the Ruby code, but not the php.

Hi Candler,

Thanks for your reply. Basically, I don't know how to use encryption
algorithms in ruby. I couldn't even find what equivalent methods are in
ruby for the above php code which is actually being used to send info to
a third party app.

Can any please suggest me a method to achieve the same encryption &
decryption algorithms in ruby for those written in php above?


Thanks again!

-Archana

>
> Try inserting debugging to look at intermediate values, e.g.
>
>    puts "key = #{key.inspect}"
>
> (and whatever the PHP equivalent is in the PHP code)
>
> Also, I have no idea what you're doing with all that SHA1 unpacking,
> mapping and packing. It seems that the final result is the same as a
> simple Digest::SHA1.digest, but with 12 extra zeros on the end.
>
> irb(main):001:0> password = "foobar"
> => "foobar"
> irb(main):002:0> require 'digest/sha1'
> => true
> irb(main):003:0>
> Digest::SHA1.hexdigest(password).unpack('a2'*32).map{|x|
> x.hex}.pack('c'*32)
> =>
> 
"\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x\000\000\000\000\000\000\000\000\000\000\000\000"
> irb(main):004:0> Digest::SHA1.digest(password)
> => "\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x"
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2008-12-16 16:27
Archana Thota wrote:
> Basically, I don't know how to use encryption
> algorithms in ruby. I couldn't even find what equivalent methods are in
> ruby for the above php code which is actually being used to send info to
> a third party app.
>
> Can any please suggest me a method to achieve the same encryption &
> decryption algorithms in ruby for those written in php above?

You seem to have most of the basics there. Insert debugging to find out
where your code diverges from the PHP. I don't use PHP, and don't have
it installed, so I can't do this for you.

Only you can explain why you included SHA1 hashing in the Ruby version,
where the original PHP appears not to.

My guess is that you're using the wrong encryption key.
This topic is locked and can not be replied to.