Encryption is hard: AES encryption to Hex

Posted by Rob Cameron on Stack Overflow See other posts from Stack Overflow or by Rob Cameron
Published on 2010-04-02T19:48:53Z Indexed on 2010/04/02 19:53 UTC
Read the original article Hit count: 1626

Filed under:
|
|
|

So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple:

encrypt('string_to_encrypt','key','AES','HEX')

What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately encryption is the most confusing computer science subject known to man.

I found a couple helper methods that use the openssl library and give you a really simple encryption/decryption method. Here's the resulting string:

"\370\354D\020\357A\227\377\261G\333\314\204\361\277\250"

Which looks unicode-ish to me. I've tried several libraries to convert this to hex but they all say it contains invalid characters. Trying to unpack it results in this:

string = "\370\354D\020\357A\227\377\261G\333\314\204\361\277\250"
string.unpack('U')
ArgumentError: malformed UTF-8 character
  from (irb):19:in `unpack'
  from (irb):19

At the end of the day it's supposed to look like this (the output of the ColdFusion encrypt method):

F8E91A689565ED24541D2A0109F201EF

Of course that's assuming that all the padding, initialization vectors, salts, cypher types and a million other possible differences all line up.

Here's the simple script I'm using to encrypt/decrypt:

def aes(m,k,t)
  (aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = Digest::SHA256.digest(k)
  aes.update(t) << aes.final
end

def encrypt(key, text)
  aes(:encrypt, key, text)
end

def decrypt(key, text)
  aes(:decrypt, key, text)
end

Any help? Maybe just a simple option I can pass to OpenSSL::Cipher::Cipher that will tell it to hex-encode the final string?

© Stack Overflow or respective owner

Related posts about ruby

Related posts about encryption