Encrypting in PHP (mcrypt), Decrypting in Ruby (OpenSSL::Cipher) -
i'm working on cross language project wrapping ruby/sinatra api in php consumed team. none of information exposed api sensitive, prefer not accessible casual observer guessing url.
private function generatesliceidtoken($key){ $currentepoch = time(); $ivsize = mcrypt_get_iv_size(mcrypt_rijndael_128, mcrypt_mode_cbc); $iv = mcrypt_create_iv($ivsize, mcrypt_rand); $encryptedbytes = mcrypt_encrypt( mcrypt_rijndael_128, $key, $currentepoch.**passcode**, mcrypt_mode_cbc, $iv ); $ivandencryptedbytes = $iv . $encryptedbytes; return urlencode(urlencode(base64_encode($ivandencryptedbytes)));
the code above encrypts password , time stamp using mcrypt's rijndael implementation , encodes send off ruby api
if identifier.validate_token base64.decode64(uri.unescape( uri.unescape(params[:token])))
sinatra grabs , decodes it
def validate_token(token) cipher = openssl::cipher::aes.new(128, 'cbc') cipher.decrypt cipher.key = **key** cipher.iv = token[0,16] plain = cipher.update(token[16..-1]) + cipher.final return plain[10,8] == **passcode** end
and passes along decrypted
the problem is, decryption fails 'bad decrypt' error
i lead believe mcrypt's rijndael , cipher's aes compatible, assumption incorrect? can 1 helpful.
i lead believe mcrypt's rijndael , cipher's aes compatible, assumption incorrect?
you need tweak data being encoded make aes compatible. data must right padded, character , amount depending of current width:
$encode = $currentepoch.'**passcode**'; $len = strlen($encode); $pad = 16 - ($len % 16); $encode .= str_repeat(chr($pad), $pad);
also remember have $key
16 characters long. if shorter, ruby throws ciphererror, while php pads key null bytes. if longer, ruby uses first 16 character php pads again, , uses last 16 characters.
Comments
Post a Comment