Forum: Ruby OpenSSL::Cipher dad decrypt

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
3275da7fdbd73cb4e7956fd0d29164de?d=identicon&s=25 Paul Bergstrom (palb)
on 2009-05-02 22:45
I'm trying to implement a simple encrypt and decrypt function in Rails.
I've found this Ruby script using OpenSSL::Cipher::Cipher.

When I try with the "wrong" KEY value, just to test it, I get an error
saying "bad decrypt". How can I avoid the error, or read the error so I
can stop the script?
3275da7fdbd73cb4e7956fd0d29164de?d=identicon&s=25 Paul Bergstrom (palb)
on 2009-05-03 11:21
Pål Bergström wrote:
> I'm trying to implement a simple encrypt and decrypt function in Rails.
> I've found this Ruby script using OpenSSL::Cipher::Cipher.
>
> When I try with the "wrong" KEY value, just to test it, I get an error
> saying "bad decrypt". How can I avoid the error, or read the error so I
> can stop the script?

dad? hehe. :-)

Should be "bad" of course.
Fa2521c6539342333de9f42502657e5a?d=identicon&s=25 Eleanor McHugh (Guest)
on 2009-05-03 14:48
(Received via mailing list)
On 2 May 2009, at 21:45, Pål Bergström wrote:
> I'm trying to implement a simple encrypt and decrypt function in
> Rails.
> I've found this Ruby script using OpenSSL::Cipher::Cipher.
>
> When I try with the "wrong" KEY value, just to test it, I get an error
> saying "bad decrypt". How can I avoid the error, or read the error
> so I
> can stop the script?

Show us the code you're actually using and we can make constructive
suggestions :)
Also whilst the particular techniques may or may not be applicable,
you can find some examples of doing OpenSSL crypto in the
presentations linked in my sig: the Semantic DNS presentation has a
substantial example (using AES).


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
----
raise ArgumentError unless @reality.responds_to? :reason
3275da7fdbd73cb4e7956fd0d29164de?d=identicon&s=25 Paul Bergstrom (palb)
on 2009-05-03 15:44
Eleanor McHugh wrote:
> On 2 May 2009, at 21:45, P�l Bergstr�m wrote:

> Show us the code you're actually using and we can make constructive
> suggestions :)
> Also whilst the particular techniques may or may not be applicable,
> you can find some examples of doing OpenSSL crypto in the
> presentations linked in my sig: the Semantic DNS presentation has a
> substantial example (using AES).
>
>

This is what I use. Would be good if I could catch the error and prevent
it from "hanging" the browser with an error (using Rails).

---

require 'openssl'
require 'digest/sha2'
require 'cgi'

module Crypto

  def self.encrypt(plain_text)

    cgi = CGI.new("html3")
    passo = cgi.cookies["thecookie"].to_s

    c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
    c.encrypt
    c.key = key = Digest::SHA2.digest(passo)
    e = c.update(plain_text)
    e << c.final
    e = Base64.b64encode(e)
    return e

  end

  def self.decrypt(cstring)

    cgi = CGI.new("html3")
    passo = cgi.cookies["thecookie"].to_s

    etext = Base64.decode64(cstring)
    c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
    c.decrypt
    c.key = key = Digest::SHA2.digest(passo)
    d = c.update(etext)
    d << c.final

    return d

  end



end
Fa2521c6539342333de9f42502657e5a?d=identicon&s=25 Eleanor McHugh (Guest)
on 2009-05-03 17:51
(Received via mailing list)
On 3 May 2009, at 14:44, Pål Bergström wrote:
> This is what I use. Would be good if I could catch the error and
> prevent
> it from "hanging" the browser with an error (using Rails).

>  end
You need to do something along the lines of:

   begin
     c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
     c.decrypt
     c.key = key = Digest::SHA2.digest(passo)
     d = c.update(etext)
     d << c.final
     d
   rescue OpenSSL::CipherError => e
     "incorrect password"
   rescue Exception => e
     "unknown error"
   end

where you can have several rescue blocks, one for each exception
recovery behaviour you have a use for.


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
----
raise ArgumentError unless @reality.responds_to? :reason
3275da7fdbd73cb4e7956fd0d29164de?d=identicon&s=25 Paul Bergstrom (palb)
on 2009-05-03 20:03
Eleanor McHugh wrote:

>    begin
>      c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
>      c.decrypt
>      c.key = key = Digest::SHA2.digest(passo)
>      d = c.update(etext)
>      d << c.final
>      d
>    rescue OpenSSL::CipherError => e
>      "incorrect password"
>    rescue Exception => e
>      "unknown error"
>    end
>

Thanks. Got it working. :-)
Fa2521c6539342333de9f42502657e5a?d=identicon&s=25 Eleanor McHugh (Guest)
on 2009-05-04 00:15
(Received via mailing list)
On 3 May 2009, at 19:03, Pål Bergström wrote:
>>     "incorrect password"
>>   rescue Exception => e
>>     "unknown error"
>>   end
>>
>
> Thanks. Got it working. :-)

Excellent :)


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
----
raise ArgumentError unless @reality.responds_to? :reason
This topic is locked and can not be replied to.