Ruby OpenSSL vs Linux openssl

Question

I have a difficulty reconciling Ruby's OpenSSL library with the standard Linux command line openssl.

What I'm trying to do here is encrypt the string mysecretstring with the password foobar but first hashing the password using sha256 (mimicking the code in the aescrypt gem).

Here is what I do in IRB:

2.0.0-p353 :041 > aes = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
 => # 
2.0.0-p353 :042 > aes.encrypt
 => # 
2.0.0-p353 :043 > aes.key=OpenSSL::Digest::SHA256.new('foobar').digest
 => "\xC3\xAB\x8F\xF17 \xE8\xAD\x90G\xDD9Fk<\x89t\xE5\x92\xC2\xFA8=J9`qL\xAE\xF0\xC4\xF2" 
2.0.0-p353 :044 > Base64.encode64(aes.update('mysecretstring')+aes.final)
 => "305V0Kbklj/HoBSK4ferhA==
" 
2.0.0-p353 :045 >

So far so good. Now I want to see how this matches what I can do with openssl directly in the linux command line.

[(master)]$ echo -n "foobar" | openssl dgst -sha256 -c
(stdin)= c3:ab:8f:f1:37:20:e8:ad:90:47:dd:39:46:6b:3c:89:74:e5:92:c2:fa:38:3d:4a:39:60:71:4c:ae:f0:c4:f2
[(master)]$ echo -n "mysecretstring" | openssl enc -e -aes-256-cbc -a
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
U2FsdGVkX18EOcTrTMNQuCRnstUe6oY9b5RLuTOFcNo=
[(master)]$

where in the last two steps I pasted the string c3:ab:8f:f1:37:20:e8:ad:90:47:dd:39:46:6b:3c:89:74:e5:92:c2:fa:38:3d:4a:39:60:71:4c:ae:f0:c4:f2 that I got by hashing the password 'foobar' in the first step.

Why am I not getting the same answer, and more importantly, what do I need to do in the linux cmd to mimic what I get from Ruby?

Ruby OpenSSL vs Linux openssl

Answers (1)

Related Questions