tags:

views:

599

answers:

2
+1  Q: 

How to decode Rijndael in ruby (encoded in VB.net)

Hello,

I am using Rinjael to encode in VB.NET and need to decode in Ruby. My VB.NET encryption class looks like this:

Private Class Encryptor
        Private symmetricKey As System.Security.Cryptography.RijndaelManaged
        Private iVector As Byte()
        Private Key As Byte()
        Public Function encrypt(ByVal data As String) As String
            Try
                Dim plainTextBytes As Byte() = System.Text.Encoding.ASCII.GetBytes(data)
                Dim encryptor As System.Security.Cryptography.ICryptoTransform = symmetricKey.CreateEncryptor(Key, iVector)
                Dim memoryStream As New System.IO.MemoryStream
                Dim cryptoStream As System.Security.Cryptography.CryptoStream = New System.Security.Cryptography.CryptoStream(memoryStream, encryptor, System.Security.Cryptography.CryptoStreamMode.Write)
                cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length)
                cryptoStream.FlushFinalBlock()
                Dim cipherTextBytes As Byte() = memoryStream.ToArray()
                memoryStream.Close()
                cryptoStream.Close()
                Return Convert.ToBase64String(cipherTextBytes)
            Catch
                Return ""
            End Try
        End Function
        Public Function decrypt(ByVal data As String) As String
            Try
                Dim crypted As Byte() = Convert.FromBase64String(data)
                Dim decryptor As System.Security.Cryptography.ICryptoTransform = symmetricKey.CreateDecryptor(Key, iVector)
                Dim memoryStream As New System.IO.MemoryStream(crypted)
                Dim cryptoStream As System.Security.Cryptography.CryptoStream = New System.Security.Cryptography.CryptoStream(memoryStream, decryptor, System.Security.Cryptography.CryptoStreamMode.Read)
                Dim plain(crypted.Length) As Byte
                Dim count As Integer = cryptoStream.Read(plain, 0, plain.Length)
                memoryStream.Close()
                cryptoStream.Close()
                Return System.Text.Encoding.UTF8.GetString(plain, 0, count)
            Catch
                Return ""
            End Try
        End Function

        Public Sub New(ByVal clientkey As String)
            iVector = System.Text.Encoding.ASCII.GetBytes("1234567890123456")
            Key = System.Text.Encoding.ASCII.GetBytes(clientkey)
            symmetricKey = New System.Security.Cryptography.RijndaelManaged
            symmetricKey.Mode = System.Security.Cryptography.CipherMode.CBC
        End Sub
    End Class

this works ok and I am able to decrypt in java using the AES/CBC/PKCS5Padding. Now, my password and iv are 16 characters long (16*16bit = 256). When I try to decrypt in Ruby, it complains that my password is to short... I assume that it is using 8bit chars. I use this class for decryption in ruby:

    require 'openssl'

module Crypt
  # Decrypts a block of data (encrypted_data) given an encryption key
  # and an initialization vector (iv).  Keys, iv's, and the data 
  # returned are all binary strings.  Cipher_type should be
  # "AES-256-CBC", "AES-256-ECB", or any of the cipher types
  # supported by OpenSSL.  Pass nil for the iv if the encryption type
  # doesn't use iv's (like ECB).
  #:return: => String
  #:arg: encrypted_data => String 
  #:arg: key => String
  #:arg: iv => String
  #:arg: cipher_type => String
  def Crypt.decrypt(encrypted_data, key, iv, cipher_type)
    aes = OpenSSL::Cipher::Cipher.new(cipher_type)
    aes.decrypt
    aes.key = key
    aes.iv = iv if iv != nil
    aes.update(encrypted_data) + aes.final  
  end

  # Encrypts a block of data given an encryption key and an 
  # initialization vector (iv).  Keys, iv's, and the data returned 
  # are all binary strings.  Cipher_type should be "AES-256-CBC",
  # "AES-256-ECB", or any of the cipher types supported by OpenSSL.  
  # Pass nil for the iv if the encryption type doesn't use iv's (like
  # ECB).
  #:return: => String
  #:arg: data => String 
  #:arg: key => String
  #:arg: iv => String
  #:arg: cipher_type => String  
  def Crypt.encrypt(data, key, iv, cipher_type)
    aes = OpenSSL::Cipher::Cipher.new(cipher_type)
    aes.encrypt
    aes.key = key
    aes.iv = iv if iv != nil
    aes.update(data) + aes.final      
  end
end

Now. By trying to decrypt using Crypt.decrypt(data,key,iv, "AES-CBC-256") i am certain that preliminary string/byte transformations have to be done on my data,key,iv to work correctly.

How shall I call Crypt.decrypt using key = "passwordpassword" and iv="1234567890123456"? Do I need to base64 decode my data?

Here's my decryption call, which doesn't seem to work (trying padding with zeroes):

   text = Base64.decode64(text)
   pass = Digest::SHA1.hexdigest("#{@pass}0000000000000000").unpack('a2'*32).map{|x| x.hex}.pack('c'*32)
   iv = Digest::SHA1.hexdigest("12345678901234560000000000000000").unpack('a2'*32).map{|x| x.hex}.pack('c'*32)
   return Crypt.decrypt(text,pass,iv,"AES-256-CBC")
+1  A: 

Because the VB app encodes the result as base64, it does look like the ruby script will need to use the Base64 module to decode it first.

I believe the key given to the Ruby AES key must be 256 bits. So your password would need to be 32 bytes long exactly in that case. It would be better to use a scheme such as this.

Mark Wilkins  2010-01-11 20:25:12
The VB.NET encryption is already implemented and cannot be modified. The problem is: why does VB.NET encrypt with a 16-characters password/iv, but ruby doesn't decrypt using the same password/iv? I think the problem lies in how many bytes/character the both systems use: 16bit in VB.NET and 8bit in ruby... Hence, the 16character password works in VB.net (16*16=256). But how do I decode it in ruby, if it's already encoded using the VB.NET code above?
Sparky  2010-01-11 22:24:28
I don't think it is a 16-bit versus 8-bit character issue. The VB app is using an ASCII encoding (so it should be 8-bit characters). Since the default key size is 256 bits and does not appear to be specified, it seems the conclusion is that .NET is padding the given key to 256-bits. You should be able to test that in .NET fairly easily. The obvious padding value would be zeros.
Mark Wilkins  2010-01-11 22:39:51
Thanks for pointing this out. Makes sense. I just tried to pad my iv/pass with zeroes (see the last code above). And it seems to return an answer (at least, it doesn't crash). However, the answer is crypted and != original :-/
Sparky  2010-01-12 07:57:36
+2  A: 

Solution. It was a 128bit encryption (wrongly thinking that the default in .NET managed was 256). Hence, this code works (notice "AES-128-CBC"):

   text = Base64.decode64(text)
   pass = "passwordpassword"
   iv = "1234567890123456"
   return Crypt.decrypt(text,pass,iv,"AES-128-CBC")
Sparky  2010-01-12 08:09:26

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?