views:

385

answers:

1

So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple:

encrypt('string_to_encrypt','key','AES','HEX')

What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately encryption is the most confusing computer science subject known to man.

I found a couple helper methods that use the openssl library and give you a really simple encryption/decryption method. Here's the resulting string:

"\370\354D\020\357A\227\377\261G\333\314\204\361\277\250"

Which looks unicode-ish to me. I've tried several libraries to convert this to hex but they all say it contains invalid characters. Trying to unpack it results in this:

string = "\370\354D\020\357A\227\377\261G\333\314\204\361\277\250"
string.unpack('U')
ArgumentError: malformed UTF-8 character
  from (irb):19:in `unpack'
  from (irb):19

At the end of the day it's supposed to look like this (the output of the ColdFusion encrypt method):

F8E91A689565ED24541D2A0109F201EF

Of course that's assuming that all the padding, initialization vectors, salts, cypher types and a million other possible differences all line up.

Here's the simple script I'm using to encrypt/decrypt:

def aes(m,k,t)
  (aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = Digest::SHA256.digest(k)
  aes.update(t) << aes.final
end

def encrypt(key, text)
  aes(:encrypt, key, text)
end

def decrypt(key, text)
  aes(:decrypt, key, text)
end

Any help? Maybe just a simple option I can pass to OpenSSL::Cipher::Cipher that will tell it to hex-encode the final string?

A: 

To convert your resulting string into a format similar to what ColdFusion outputs, simply use:

raw = "\370\354D\020\357A\227\377\261G\333\314\204\361\277\250" 
raw.unpack('H*').to_s.upcase
=> "F8EC4410EF4197FFB147DBCC84F1BFA8"
laust.rud