F
Filip Koczorowski
I am trying to read a value stored in an encrypted cookie in Ruby. The
cookie value is 3DES-encrypted and then Base64-encoded.
First, I stored the value of a cookie in a file. And then I managed to
decode and decrypt it successfully using this code:
key64 = "3DES-CRYPT-KEY-BASE64-ENCODED-READ-FROM-FILE"
key = Base64.decode64 key64
cookie64 = "BASE64-ENCODED-COOKIE-VALUE-READ-FROM-FILE"
cookie = Base64.decode64 cookie64
des = OpenSSL::Cipher:
ES.newEDE3)
des.decrypt
des.key = key
des.iv = key[0..7]
tmp = des.update(cookie)
value = tmp
value << des.final
Unfortunately, after running the above code in a Rails controller I get
an exception "wrong final block length" thrown from the last line. Could
anyone tell me, why the code works, but when run in a Rails controller
it doesn't? The only change in Rails version being:
cookie64 = cookies['COOKIE-NAME']
Trying to find some clue, I commented out the lsat line and then I got a
too short output - it's missing some data from the input value (which is
understandable, because "final" is needed for proper decrypting). For
example:
input string = "qwerty" -> 3DES (in java) -> Base64 (in java) ->
de-Base64 (in ruby) -> de-3DES (in ruby) -> "qwer"
cookie value is 3DES-encrypted and then Base64-encoded.
First, I stored the value of a cookie in a file. And then I managed to
decode and decrypt it successfully using this code:
key64 = "3DES-CRYPT-KEY-BASE64-ENCODED-READ-FROM-FILE"
key = Base64.decode64 key64
cookie64 = "BASE64-ENCODED-COOKIE-VALUE-READ-FROM-FILE"
cookie = Base64.decode64 cookie64
des = OpenSSL::Cipher:
ES.newEDE3)des.decrypt
des.key = key
des.iv = key[0..7]
tmp = des.update(cookie)
value = tmp
value << des.final
Unfortunately, after running the above code in a Rails controller I get
an exception "wrong final block length" thrown from the last line. Could
anyone tell me, why the code works, but when run in a Rails controller
it doesn't? The only change in Rails version being:
cookie64 = cookies['COOKIE-NAME']
Trying to find some clue, I commented out the lsat line and then I got a
too short output - it's missing some data from the input value (which is
understandable, because "final" is needed for proper decrypting). For
example:
input string = "qwerty" -> 3DES (in java) -> Base64 (in java) ->
de-Base64 (in ruby) -> de-3DES (in ruby) -> "qwer"