CODEWITHSUNDEEP
.netrubyencryptionaes
0xSina
0xSina

Reputation: 21553

Ruby AES encryption

I am migrating a webservice/database written in Microsoft .net framework to ruby. I am stuck at the password encryption part because I can't replicate the encryption on ruby side. Here's the code that generates an encrypted password in .net:

    private static String GetSecret()
    {
        string nexus = ConfigurationManager.AppSettings["Nexus"];
        System.Security.SecureString plain = ProtectedSettings.DecryptString(nexus);
        return ProtectedSettings.ToInsecureString(plain);
    }

    private static String EncryptPassword(string password)
    {
        return SymmetricEncryption.Encrypt<AesManaged>(password, GetSecret());
    }

I got the string named nexusand in ruby, using the aes gem, I did:

AES.encrypt(a_password, key)

but the generated hash doesn't match the one in .net. What am I missing? thanks

Here's the Encrypt function:

public static string Encrypt<T>(string value, string password, string salt = "4AFB7A1414E4486FAB51A42F5D0D6E7B")
             where T : SymmetricAlgorithm, new()
        {
            DeriveBytes rgb = new Rfc2898DeriveBytes(password, Encoding.Unicode.GetBytes(salt));

            SymmetricAlgorithm algorithm = new T();

            byte[] rgbKey = rgb.GetBytes(algorithm.KeySize >> 3);
            byte[] rgbIV = rgb.GetBytes(algorithm.BlockSize >> 3);

            ICryptoTransform transform = algorithm.CreateEncryptor(rgbKey, rgbIV);

            using (MemoryStream buffer = new MemoryStream())
            {
                using (CryptoStream stream = new CryptoStream(buffer, transform, CryptoStreamMode.Write))
                {
                    using (StreamWriter writer = new StreamWriter(stream, Encoding.Unicode))
                    {
                        writer.Write(value);
                    }
                }

                return Convert.ToBase64String(buffer.ToArray());
            }
        }

Ok so I have tried converting this code to ruby, but with no luck:

p = PBKDF2.new(:password => pass, :salt => salt, :iterations => 1000)  
iv = p.hash_function.digest[0..15]
key = p.hash_function.digest[0..31]
aes = OpenSSL::Cipher::Cipher.new("AES-128-CBC")
aes.encrypt
aes.key = key
aes.iv = iv 
aes.update("1123581321") + aes.final

Upvotes: 0

Views: 1484

Answers (1)

mcfinnigan
mcfinnigan

Reputation: 11638

There are several things which could be going on.

  1. You could be using a different cipher block padding scheme
  2. You could be using a different key size
  3. Your initialisation vector for the AES engine could be different.
  4. Your key could be incorrect
  5. Your plaintext could be in a different character set

You need to establish the settings used during encryption in your .Net environment, then you need to replicate these in your ruby environment.

Getting incorrect decryption value using AesCryptoServiceProvider touches on the use of the initialization vector (IV) in .net

http://developer.mintrus.com/2011/08/aes-encryption-in-ruby-on-rails/ gives a brief tutorial on AES in ruby (specifically in rails, but it is applicable to your situation

Upvotes: 3

Related Questions