Ruby encryption

[Archana Thota]

I want to translate exactly the below php code into ruby for encryption.
echo up_getEncrypted('mypassword', 1);
function up_getEncrypted($password, $user_id)
{
srand();

$td = mcrypt_module_open('rijndael-128', '', 'cbc', '');
$keylen = mcrypt_enc_get_key_size($td);
$key = substr($password, 0, $keylen);
$key = str_pad($key, $keylen);
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
if (mcrypt_generic_init($td, $key, $iv) != -1)
{
$pad = 16 - strlen($user_id);
$mypadded = $user_id . str_repeat(chr($pad), $pad);
$c_t = mcrypt_generic($td, pack('H*',
md5($user_id)).$user_id);
mcrypt_generic_deinit($td);
$result = base64_encode($iv.$c_t);
return $result;
}
else
{
return "";
}
}

result = up_getEncrypted('mypassword', 1)
puts result
def up_getEncrypted(password, user_id)
c = OpenSSL::Cipher::Cipher.new("aes-128-cbc")
c.encrypt
c.key = key =
Digest::SHA1.hexdigest(password).unpack('a2'*32).map{|x|
x.hex}.pack('c'*32)
c.iv = c.random_iv
e = c.update(user_id.to_s)
e << c.final
return e
end

Output of php encryption code and output of rails encryption code are
not same.Please any one can modify my rails code such that i will get
results from both php and rails.

 

[Brian Candler]

Output of php encryption code and output of rails encryption code are
not same.

Presumably they're not doing the same things. In particular, I see that
you're doing an SHA1 on the key in the Ruby code, but not the php.

Try inserting debugging to look at intermediate values, e.g.

puts "key = #{key.inspect}"

(and whatever the PHP equivalent is in the PHP code)

Also, I have no idea what you're doing with all that SHA1 unpacking,
mapping and packing. It seems that the final result is the same as a
simple Digest::SHA1.digest, but with 12 extra zeros on the end.

irb(main):001:0> password = "foobar"
=> "foobar"
irb(main):002:0> require 'digest/sha1'
=> true
irb(main):003:0>
Digest::SHA1.hexdigest(password).unpack('a2'*32).map{|x|
x.hex}.pack('c'*32)
=>
"\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x\000\000\000\000\000\000\000\000\000\000\000\000"
irb(main):004:0> Digest::SHA1.digest(password)
=> "\210C\327\371$\026!\035\351\353\271c\377L\342\201%\223(x"

 

[Archana Thota]

Presumably they're not doing the same things. In particular, I see that
you're doing an SHA1 on the key in the Ruby code, but not the php.

Hi Candler,

Thanks for your reply. Basically, I don't know how to use encryption
algorithms in ruby. I couldn't even find what equivalent methods are in
ruby for the above php code which is actually being used to send info to
a third party app.

Can any please suggest me a method to achieve the same encryption &
decryption algorithms in ruby for those written in php above?


Thanks again!

-Archana

 

[Brian Candler]

Basically, I don't know how to use encryption
algorithms in ruby. I couldn't even find what equivalent methods are in
ruby for the above php code which is actually being used to send info to
a third party app.

Can any please suggest me a method to achieve the same encryption &
decryption algorithms in ruby for those written in php above?

You seem to have most of the basics there. Insert debugging to find out
where your code diverges from the PHP. I don't use PHP, and don't have
it installed, so I can't do this for you.

Only you can explain why you included SHA1 hashing in the Ruby version,
where the original PHP appears not to.

My guess is that you're using the wrong encryption key.