How to do AES Encrypted in Ruby

Discussion:

Newell Zhu

2016-12-12 12:49:05 UTC

Hi, guys

Here's a snippet of code of Java about AES encrypt:

import
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;

...

public static String encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));

SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");

Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteContent = content.getBytes("utf-8");
byte[] result = cipher.doFinal(byteContent);
return Base64.encode(result);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}

Now I try to implement it in Ruby(not work):

def self.aes128_encrypt(password, content)
cipher = OpenSSL::Cipher.new('AES-128-ECB')
cipher.encrypt
cipher.key = password
result = cipher.update(content) + cipher.final
Base64.encode64(result).chomp
end

After some research, I think the problem is the cipher#key: In Java, it's
generate by securerandom with password as seed, But in Ruby, I use the
password directly.

So I want to generate key like Java. But I find the random number generator
used by Java is NativePRNG, which I do not find the same implementation so
far.

Now, I want to ask help from guys familiar with Both Ruby and Java:

How can i implement the same AES encrypt in Ruby?

Or how to generate random string in Ruby with NativePRNG.

Thank you very much for each reply.

Felipe Tavares

2016-12-12 12:57:22 UTC

Permalink

Try using a standar key derivation function on both sides (Java and Ruby)
Such as Bcrypt or pbkdf2 instead of using random numbers.

Post by Newell Zhu
Hi, guys
import com.sun.org.apache.xml.internal.security.exceptions.
Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
...
public static String encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteContent = content.getBytes("utf-8");
byte[] result = cipher.doFinal(byteContent);
return Base64.encode(result);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
def self.aes128_encrypt(password, content)
cipher = OpenSSL::Cipher.new('AES-128-ECB')
cipher.encrypt
cipher.key = password
result = cipher.update(content) + cipher.final
Base64.encode64(result).chomp
end
After some research, I think the problem is the cipher#key: In Java, it's
generate by securerandom with password as seed, But in Ruby, I use the
password directly.
So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.
How can i implement the same AES encrypt in Ruby?
Or how to generate random string in Ruby with NativePRNG.
Thank you very much for each reply.
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Newell Zhu

2016-12-12 14:13:23 UTC

Permalink

Yes, I think It's the best choice.

But the Java part is server code from other customer and I can not control
it.

Besides that, I find the java's implement is so common for mostly basic AES
encrypt find in Github in Java. Maybe I confuse some thing.

Post by Felipe Tavares
Try using a standar key derivation function on both sides (Java and Ruby)
Such as Bcrypt or pbkdf2 instead of using random numbers.
Hi, guys
import
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
...
public static String encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteContent = content.getBytes("utf-8");
byte[] result = cipher.doFinal(byteContent);
return Base64.encode(result);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
def self.aes128_encrypt(password, content)
cipher = OpenSSL::Cipher.new('AES-128-ECB')
cipher.encrypt
cipher.key = password
result = cipher.update(content) + cipher.final
Base64.encode64(result).chomp
end
After some research, I think the problem is the cipher#key: In Java, it's
generate by securerandom with password as seed, But in Ruby, I use the
password directly.
So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.
How can i implement the same AES encrypt in Ruby?
Or how to generate random string in Ruby with NativePRNG.
Thank you very much for each reply.
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Sylvain Daubert

2016-12-12 17:18:21 UTC

Permalink

Hi,

This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Post by Newell Zhu
Hi, guys
import
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
...
public static String encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteContent = content.getBytes("utf-8");
byte[] result = cipher.doFinal(byteContent);
return Base64.encode(result);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
def self.aes128_encrypt(password, content)
cipher = OpenSSL::Cipher.new('AES-128-ECB')
cipher.encrypt
cipher.key = password
result = cipher.update(content) + cipher.final
Base64.encode64(result).chomp
end
After some research, I think the problem is the cipher#key: In Java,
it's generate by securerandom with password as seed, But in Ruby, I use
the password directly.
So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.
How can i implement the same AES encrypt in Ruby?
Or how to generate random string in Ruby with NativePRNG.
Thank you very much for each reply.
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Unsubscribe: <mailto:ruby-talk-***@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Newell Zhu

2016-12-13 01:42:04 UTC

Permalink

Actually I find the warning about ECB mode from Ruby document.

As I mentioned before, I cannot control the java implementation,and I have
to implement encrypt and decrypt in Ruby.

Maybe the choice for java implementation is bad, but sometimes we had to
work with them.

Here is an example result for java encryption:

L4+RU+bQjojZTj0jvqPJ/f5zkpdYQkEYe5rux3LMPmc8HoY6UQgjW6vA9aWbmumi

If I can decrypt it in Ruby, it's success.

Post by Sylvain Daubert
Hi,
This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Post by Newell Zhu
Hi, guys
import

com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;

Post by Newell Zhu
import com.sun.org.apache.xml.internal.security.utils.Base64;
...
public static String encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteContent = content.getBytes("utf-8");
byte[] result = cipher.doFinal(byteContent);
return Base64.encode(result);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
def self.aes128_encrypt(password, content)
cipher = OpenSSL::Cipher.new('AES-128-ECB')
cipher.encrypt
cipher.key = password
result = cipher.update(content) + cipher.final
Base64.encode64(result).chomp
end
After some research, I think the problem is the cipher#key: In Java,
it's generate by securerandom with password as seed, But in Ruby, I use
the password directly.
So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.
How can i implement the same AES encrypt in Ruby?
Or how to generate random string in Ruby with NativePRNG.
Thank you very much for each reply.

?subject=unsubscribe>

Post by Newell Zhu
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Ishaan Malhi

2016-12-13 06:22:51 UTC

Permalink

Hi, if you want to use AES in Ruby try this :
http://crypt.rubyforge.org/rijndael.html

Or if you want to use the java implementation, consider using jRuby.

Ishaan

On 13-Dec-2016 7:12 am, "Newell Zhu" <***@gmail.com> wrote:

Actually I find the warning about ECB mode from Ruby document.

As I mentioned before, I cannot control the java implementation,and I have
to implement encrypt and decrypt in Ruby.

Maybe the choice for java implementation is bad, but sometimes we had to
work with them.

Here is an example result for java encryption:

L4+RU+bQjojZTj0jvqPJ/f5zkpdYQkEYe5rux3LMPmc8HoY6UQgjW6vA9aWbmumi

If I can decrypt it in Ruby, it's success.

Post by Sylvain Daubert
Hi,
This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Post by Newell Zhu
Hi, guys
import
com.sun.org.apache.xml.internal.security.exceptions.

Base64DecodingException;

unsubscribe>

Post by Newell Zhu
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Unsubscribe: <mailto:ruby-talk-***@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Newell Zhu

2016-12-13 06:44:51 UTC

Permalink

Now I found the java implementation is so bad because it use random number
generator base on system information. Amadan
<http://stackoverflow.com/users/240443/amadan> give the best explanation

I give up to implement the same encryption in Ruby, As Felipe said, I try
to implement with pbkdf2.

Thank you very much for all.

Post by Ishaan Malhi
http://crypt.rubyforge.org/rijndael.html
Or if you want to use the java implementation, consider using jRuby.
Ishaan
Actually I find the warning about ECB mode from Ruby document.
As I mentioned before, I cannot control the java implementation,and I have
to implement encrypt and decrypt in Ruby.
Maybe the choice for java implementation is bad, but sometimes we had to
work with them.
L4+RU+bQjojZTj0jvqPJ/f5zkpdYQkEYe5rux3LMPmc8HoY6UQgjW6vA9aWbmumi
If I can decrypt it in Ruby, it's success.
Hi,
This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Post by Newell Zhu
Hi, guys
import

com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;

?subject=unsubscribe>

Post by Newell Zhu
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>

Continue reading on narkive:

Search results for 'How to do AES Encrypted in Ruby' (Questions and Answers)

replies

As- use to describe a function, use to compare, use to connect, what are the uses of as?

started 2007-02-20 03:46:23 UTC

words & wordplay

replies

Creating a "Why we should switch to Mac" Speech. Help Please?

started 2007-10-26 15:44:14 UTC

desktops

replies

How to make a encryptor, and in which language it's programmed any idea or link.?

started 2009-06-21 09:00:23 UTC

programming & design