stackoom
  简体   繁体   中英

Encrypting in PHP (mcrypt), Decrypting in Ruby (OpenSSL::Cipher)

 原文  2014-01-31 16:45:32       php/ ruby/ encryption/ mcrypt

Question

I'm working on a cross language project wrapping a ruby/Sinatra API in PHP to be consumed by another team. None of the information exposed by the API is sensitive, but we would prefer it not be easily accessible to a casual observer guessing the URL. 

    private function generateSliceIDToken($key){
    $currentEpoch = time();
    $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    $iv = mcrypt_create_iv($ivSize, MCRYPT_RAND);
    $encryptedBytes = mcrypt_encrypt(
        MCRYPT_RIJNDAEL_128,
        $key,
        $currentEpoch.**Passcode**,
        MCRYPT_MODE_CBC, $iv
    );
    $ivAndEncryptedBytes = $iv . $encryptedBytes;

    return urlencode(urlencode(base64_encode($ivAndEncryptedBytes)));

The code above Encrypts a password and time stamp using mcrypt's RIJNDAEL implementation and encodes it to send off to the ruby API 

if identifier.validate_token Base64.decode64(URI.unescape( URI.unescape(params[:token])))

Sinatra grabs it and decodes it 

def validate_token(token)
  cipher = OpenSSL::Cipher::AES.new(128, 'CBC')
  cipher.decrypt
  cipher.key = **key**
  cipher.iv = token[0,16]

  plain = cipher.update(token[16..-1]) + cipher.final
  return plain[10,8] == **Passcode**
end

and passes it along to be decrypted

The problem is, the decryption fails with a 'Bad Decrypt' Error

I was lead to believe Mcrypt's RIJNDAEL and Cipher's AES were compatible, but is this assumption incorrect? Any help I can get one this would be most helpful.

1 answers

solution1
 3 ACCPTED  2014-01-31 20:44:12

I was lead to believe Mcrypt's RIJNDAEL and Cipher's AES were compatible, but is this assumption incorrect?

You need to slightly tweak data being encoded to make it AES compatible. Data must be right padded, with character and amount depending of its current width: 

$encode = $currentEpoch.'**Passcode**';
$len = strlen($encode);
$pad = 16 - ($len % 16);
$encode .= str_repeat(chr($pad), $pad);

Also remember to have $key exactly 16 characters long. If it is shorter, ruby throws CipherError, while php pads key with null bytes. If it is longer, ruby uses only first 16 character but php pads it again, and uses last 16 characters.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What is, if any, prefered mcrypt cipher for encrypting/decrypting php objects or arrays php mcrypt - decrypting and encrypting files? Encrypting/Decrypting in PHP with MCRYPT…Inconsistent Results Encrypting with Perl CBC and decrypting with PHP mcrypt Encrypting / Decrypting file with Mcrypt PHP: error when encrypting and decrypting with openSSL Encrypting with PHP mcrypt, decrypting with Android. Is this decryption right? Decrypting PHP MCRYPT_RIJNDAEL_256 in Ruby Issue encrypting with PHP (openssl_encrypt), then decrypting with JS (CryptoJS) Encrypting in CryptoJS and decrypting in mCrypt not working properly
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM