How to make Ruby AES-256-CBC and PHP MCRYPT_RIJNDAEL_128 play well together -

-

I am preparing data to send from a Ruby stack to PHP stack. I am using OpenSSL :: Cipher Library on the Ruby side and 'mcrypt' library in PHP. When I encrypt in Ruby using 'aes-256-cbc' (256-bit block size), then using the MCRYPT_RIJNDAEL_128 (128-bit block size) in PHP to decrypt it. I doubt the ruby ​​code which is broken, because cipher IV is 16; I believe it should be 32: 

  & gt; & Gt; Cipher = openSSL :: cipher :: cipher Enve ('AES-128-CBC') = & gt; # & Lt; OpenSSL :: Cipher :: Cipher: 0x3067c5c & gt; & Gt; & Gt; Cipher Key_lean = & gt; 16 & gt; & Gt; Cipher.V_Len = & gt; 16 & gt; & Gt; Cipher = openSSL :: cipher :: cipher Enve ('AES-256-CBC') = & gt; # & Lt; OpenSSL :: Cipher :: Cipher: 0x306de18 & gt; & Gt; & Gt; Cipher Key_lean = & gt; 32 & gt; & Gt; Cipher.V_Len = & gt; 16

So here's my Ruby on trial, first I generate the key and iv: 

  & gt; & Gt; Cipher = openSSL :: cipher :: cipher Enve ('AES-256-CBC') & gt; & Gt; Cipher Encrypt & gt; & Gt; Iv = cipher Random_iv & gt; & Gt; Iv64 = [iv]. Pack ("m"). Strip = & gt; "VCkaypm5tPmtP3TF7aWrug ==" & gt; & Gt; Key = cipher.rand_key & gt; & Gt; Key64 = [key] .pack ("m"). Strip = & gt; "RIvFgoi9xZaHS / 0Bp0J9WDRyND6Z7jrd3btiAfcQ8Y0 ="

Then I use those keys to encrypt: 

  & gt; & Gt; Plain_data = "Hello, don, this is a string." & Gt; & Gt; Cipher = openSSL :: cipher :: cipher Enve ('AES-256-CBC') & gt; & Gt; Cipher Encrypt & gt; & Gt; Cipher.ke = base64decode64 (key 64)> & gt; Cipher.iiv = base64decode 64 (iv64)> & gt; Encrypted_data = cipher.update (plain_data) & gt; & Gt; Encrypted_data & lt; & Lt; Cipher.final & gt; & Gt; Crypt64 = [encrypted_data]. Pack ("m"). Strip = & gt; "5gfc / kJcnAV2fJI0haxnLcdraIKWgtu54UoznVxf8K0 ="

Here is PHP decryption: 

  $ ruby_crypt = "5gfC / kJcnAV2fJI0haxnLcdraIKWgtu54UoznVxf8K0 ="; $ Encrypted_data = base64_decode ($ ruby_crypt); $ Key = base64_decode ("RIvFgoi9xZaHS / 0Bp0J9WDRyND6Z7jrd3btiAfcQ8Y0 ="); $ Iv = base64_decode ("vCkaypm5tPmtP3TF7aWrug =="); $ Result = mcrypt_decrypt (MCRYPT_RIJNDAEL_128, $ key, $ encrypted_data, MCRYPT_MODE_CBC, $ iv); $ Unencryption = rrtm ($ result, "\ x00 .. \ x1F"); Print "\ nUn encrypted token: \ n '$ unencrypted' \ n"; Result: Unencrypted token: 'Hi, don, this is a string.'

I would now like to use the block size, obviously I am misunderstanding the API. help?

I do not know PHP, but reading through the related questions on the sidebar, I see. It contains a reference, indicating that in 128 MCRYPT_RIJNDAEL_128 refers to the block size of the encryption, not the key size you will see that the key size you passed between Ruby and PHP In both cases there are 256 bits. In other words, it seems to be expected behavior, and you are already using the big key. 

  #! / Usr / bin / ruby ​​is required 'base64' puts ((Base64.decode64 ("RIvFgoi9xZaHS / 0Bp0J9WDRyND6Z7jrd3btiAfcQ8Y0 =") Length * 8) .to_s)

hh


Comments

Post a Comment

Popular posts from this blog

c# - How to capture HTTP packet with SharpPcap -

-
I would like to capture all incoming HTTP packets on my machine. To do this, I am using SharpPcap which is a WinPcap The cover is. SharpPcap works very well, but it captures TCP packets and what it wants to do for me is a very low level. Does anyone know how can I easily get full HTTP requests / reactions from all these TCP packets? Thanks SharpPcap is already able to capture the packet in the same way That's what the virus does (just in the code instead of the GUI). And you can either either parse them directly or you can put them in the drive in the common .pcap file format. The steps to parse the capture are: Open a connection at any time Loop a while Or start capturing using an event callback Parsing the raw packet for the type you want If you are reading .PPP dump files In addition to calling you an offline capture reader is almost the same, there is no need to select an interface, and you can set the majority There is no need to do the modes. All st...
Read more

php - Multiple Select with Explode: only returns the word "Array" -

-
By using Wordpress I have created a multiple selection box so that users can select categories to exclude. When the page is initially loaded, I see my predefined default option. However, when I select a new value and I save ... I only see the word "Array" and have not chosen anything else? & lt; Class = "amultiple" id = "& lt; php echo $ value ['id'] ;? gt;" name = "& gt; php echo $ value ['id'] ;; gt; []" Multiple = "multiple" size = "8" & gt; & Lt ;? Php global option; Foreign currency ($ value as value $) {if (get_settings ($ value ['id']) === FALSE {$$ value ['id'] = $ value ['std']; } And {$$ value ['id'] = get_settings ($ value ['id']); }} $ Ranges = & amp; Amp; Categories ('type = post & orderbiz = name & amp; hide_empty = 1'); If ($ ranges) {$ ex_cat = implode (',', $ tt_cat_exclude); Forex Currency ($ range a...
Read more

php - jQuery AJAX Post not working -

-
I do not understand why this script does not work. It has something to do within AJAX PostScript / Function. Right now, when I submit my form, it runs php code on the same page. What it should do, send the values ​​of the form for Project_Azax.fp, then there will be a refund of success on the page which is correct or false. $ (document) .ready (function () {$ ('div # didIt'). Hide (); $ ('form [name = adminForm]'). Submit (function () ($ {'.post' ('/ project_ajax.php', {action: $ ('[name = action]') Val (), pId: $ ('[name = pId]'). Val (), name ('[Name = name]'. Val (), url: $ ('[url = url]'). Val (), summary: ('[summary = summary]'). Val ()}, Function (data) {if (data.success) {$ ('div # didIt') .Sliddown ('slow');} and {warning ('unsuccessful SA!');}}, 'Jason'); return false ;});}); What is the code for project_ajax.php below ... if ($ _ POST ['action'] == ...
Read more