How to do AES Encrypted in Ruby

El 12 dic. 2016 1:49 p. m., "Newell Zhu" <zlx.star@gmail.com> escribió:

Hi, guys

Here's a snippet of code of Java about AES encrypt:

import com.sun.org.apache.xml.internal.security.exceptions.
Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;

...

public static String encrypt(String content, String password) {
    try {
            KeyGenerator kgen = KeyGenerator.getInstance("AES");
            kgen.init(128, new SecureRandom(password.getBytes()));

            SecretKey secretKey = kgen.generateKey();
            byte enCodeFormat = secretKey.getEncoded();
            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");

            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.ENCRYPT_MODE, key);
            byte byteContent = content.getBytes("utf-8");
            byte result = cipher.doFinal(byteContent);
            return Base64.encode(result);
    } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
    } catch (NoSuchPaddingException e) {
            e.printStackTrace();
    } catch (InvalidKeyException e) {
            e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
    } catch (BadPaddingException e) {
            e.printStackTrace();
    }
    return null;
}

Now I try to implement it in Ruby(not work):

def self.aes128_encrypt(password, content)
  cipher = OpenSSL::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = password
  result = cipher.update(content) + cipher.final
  Base64.encode64(result).chomp
end

After some research, I think the problem is the cipher#key: In Java, it's
generate by securerandom with password as seed, But in Ruby, I use the
password directly.

So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.

Now, I want to ask help from guys familiar with Both Ruby and Java:

How can i implement the same AES encrypt in Ruby?

Or how to generate random string in Ruby with NativePRNG.

Thank you very much for each reply.

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Le 12/12/2016 à 13:49, Newell Zhu a écrit :

Hi, guys

Here's a snippet of code of Java about AES encrypt:

import
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;

...

public static String encrypt(String content, String password) {
    try {
            KeyGenerator kgen = KeyGenerator.getInstance("AES");
            kgen.init(128, new SecureRandom(password.getBytes()));

            SecretKey secretKey = kgen.generateKey();
            byte enCodeFormat = secretKey.getEncoded();
            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
            
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.ENCRYPT_MODE, key);
            byte byteContent = content.getBytes("utf-8");
            byte result = cipher.doFinal(byteContent);
            return Base64.encode(result);
    } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
    } catch (NoSuchPaddingException e) {
            e.printStackTrace();
    } catch (InvalidKeyException e) {
            e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
    } catch (BadPaddingException e) {
            e.printStackTrace();
    }
    return null;
}

Now I try to implement it in Ruby(not work):

def self.aes128_encrypt(password, content)
  cipher = OpenSSL::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = password
  result = cipher.update(content) + cipher.final
  Base64.encode64(result).chomp
end

After some research, I think the problem is the cipher#key: In Java,
it's generate by securerandom with password as seed, But in Ruby, I use
the password directly.

So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.

Now, I want to ask help from guys familiar with Both Ruby and Java:

How can i implement the same AES encrypt in Ruby?

Or how to generate random string in Ruby with NativePRNG.

Thank you very much for each reply.

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Try using a standar key derivation function on both sides (Java and Ruby)
Such as Bcrypt or pbkdf2 instead of using random numbers.

El 12 dic. 2016 1:49 p. m., "Newell Zhu" <zlx.star@gmail.com> escribió:

Hi, guys

Here's a snippet of code of Java about AES encrypt:

import
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;

...

public static String encrypt(String content, String password) {
    try {
            KeyGenerator kgen = KeyGenerator.getInstance("AES");
            kgen.init(128, new SecureRandom(password.getBytes()));

            SecretKey secretKey = kgen.generateKey();
            byte enCodeFormat = secretKey.getEncoded();
            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");

            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.ENCRYPT_MODE, key);
            byte byteContent = content.getBytes("utf-8");
            byte result = cipher.doFinal(byteContent);
            return Base64.encode(result);
    } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
    } catch (NoSuchPaddingException e) {
            e.printStackTrace();
    } catch (InvalidKeyException e) {
            e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
    } catch (BadPaddingException e) {
            e.printStackTrace();
    }
    return null;
}

Now I try to implement it in Ruby(not work):

def self.aes128_encrypt(password, content)
  cipher = OpenSSL::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = password
  result = cipher.update(content) + cipher.final
  Base64.encode64(result).chomp
end

After some research, I think the problem is the cipher#key: In Java, it's
generate by securerandom with password as seed, But in Ruby, I use the
password directly.

So I want to generate key like Java. But I find the random number
generator used by Java is NativePRNG, which I do not find the same
implementation so far.

Now, I want to ask help from guys familiar with Both Ruby and Java:

How can i implement the same AES encrypt in Ruby?

Or how to generate random string in Ruby with NativePRNG.

Thank you very much for each reply.

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Hi,

This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Le 12/12/2016 à 13:49, Newell Zhu a écrit :
> Hi, guys
>
> Here's a snippet of code of Java about AES encrypt:
>
> import
>
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
> import com.sun.org.apache.xml.internal.security.utils.Base64;
>
> ...
>
> public static String encrypt(String content, String password) {
> try {
> KeyGenerator kgen = KeyGenerator.getInstance("AES");
> kgen.init(128, new SecureRandom(password.getBytes()));
>
> SecretKey secretKey = kgen.generateKey();
> byte enCodeFormat = secretKey.getEncoded();
> SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
>
> Cipher cipher = Cipher.getInstance("AES");
> cipher.init(Cipher.ENCRYPT_MODE, key);
> byte byteContent = content.getBytes("utf-8");
> byte result = cipher.doFinal(byteContent);
> return Base64.encode(result);
> } catch (NoSuchAlgorithmException e) {
> e.printStackTrace();
> } catch (NoSuchPaddingException e) {
> e.printStackTrace();
> } catch (InvalidKeyException e) {
> e.printStackTrace();
> } catch (UnsupportedEncodingException e) {
> e.printStackTrace();
> } catch (IllegalBlockSizeException e) {
> e.printStackTrace();
> } catch (BadPaddingException e) {
> e.printStackTrace();
> }
> return null;
> }
>
>
> Now I try to implement it in Ruby(not work):
>
> def self.aes128_encrypt(password, content)
> cipher = OpenSSL::Cipher.new('AES-128-ECB')
> cipher.encrypt
> cipher.key = password
> result = cipher.update(content) + cipher.final
> Base64.encode64(result).chomp
> end
>
>
> After some research, I think the problem is the cipher#key: In Java,
> it's generate by securerandom with password as seed, But in Ruby, I use
> the password directly.
>
> So I want to generate key like Java. But I find the random number
> generator used by Java is NativePRNG, which I do not find the same
> implementation so far.
>
>
> Now, I want to ask help from guys familiar with Both Ruby and Java:
>
> How can i implement the same AES encrypt in Ruby?
>
> Or how to generate random string in Ruby with NativePRNG.
>
> Thank you very much for each reply.
>
>
>
> Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org
?subject=unsubscribe>
> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;
>

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

On 13-Dec-2016 7:12 am, "Newell Zhu" <zlx.star@gmail.com> wrote:

Hi,

This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Le 12/12/2016 à 13:49, Newell Zhu a écrit :
> Hi, guys
>
> Here's a snippet of code of Java about AES encrypt:
>
> import
> com.sun.org.apache.xml.internal.security.exceptions.
Base64DecodingException;
> import com.sun.org.apache.xml.internal.security.utils.Base64;
>
> ...
>
> public static String encrypt(String content, String password) {
> try {
> KeyGenerator kgen = KeyGenerator.getInstance("AES");
> kgen.init(128, new SecureRandom(password.getBytes()));
>
> SecretKey secretKey = kgen.generateKey();
> byte enCodeFormat = secretKey.getEncoded();
> SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
>
> Cipher cipher = Cipher.getInstance("AES");
> cipher.init(Cipher.ENCRYPT_MODE, key);
> byte byteContent = content.getBytes("utf-8");
> byte result = cipher.doFinal(byteContent);
> return Base64.encode(result);
> } catch (NoSuchAlgorithmException e) {
> e.printStackTrace();
> } catch (NoSuchPaddingException e) {
> e.printStackTrace();
> } catch (InvalidKeyException e) {
> e.printStackTrace();
> } catch (UnsupportedEncodingException e) {
> e.printStackTrace();
> } catch (IllegalBlockSizeException e) {
> e.printStackTrace();
> } catch (BadPaddingException e) {
> e.printStackTrace();
> }
> return null;
> }
>
>
> Now I try to implement it in Ruby(not work):
>
> def self.aes128_encrypt(password, content)
> cipher = OpenSSL::Cipher.new('AES-128-ECB')
> cipher.encrypt
> cipher.key = password
> result = cipher.update(content) + cipher.final
> Base64.encode64(result).chomp
> end
>
>
> After some research, I think the problem is the cipher#key: In Java,
> it's generate by securerandom with password as seed, But in Ruby, I use
> the password directly.
>
> So I want to generate key like Java. But I find the random number
> generator used by Java is NativePRNG, which I do not find the same
> implementation so far.
>
>
> Now, I want to ask help from guys familiar with Both Ruby and Java:
>
> How can i implement the same AES encrypt in Ruby?
>
> Or how to generate random string in Ruby with NativePRNG.
>
> Thank you very much for each reply.
>
>
>
> Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=
>
> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;
>

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Hi, if you want to use AES in Ruby try this :
http://crypt.rubyforge.org/rijndael.html

Or if you want to use the java implementation, consider using jRuby.

Ishaan

On 13-Dec-2016 7:12 am, "Newell Zhu" <zlx.star@gmail.com> wrote:

Actually I find the warning about ECB mode from Ruby document.

As I mentioned before, I cannot control the java implementation,and I have
to implement encrypt and decrypt in Ruby.

Maybe the choice for java implementation is bad, but sometimes we had to
work with them.

Here is an example result for java encryption:

L4+RU+bQjojZTj0jvqPJ/f5zkpdYQkEYe5rux3LMPmc8HoY6UQgjW6vA9aWbmumi

If I can decrypt it in Ruby, it's success.
Sylvain Daubert <sylvain.daubert@laposte.net>于2016年12月13日 周二01:18写道：

Hi,

This is avery bad idea to use ECB mode. You should use CBC or CTR mode
to avoid dictionary attack.

Le 12/12/2016 à 13:49, Newell Zhu a écrit :
> Hi, guys
>
> Here's a snippet of code of Java about AES encrypt:
>
> import
>
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
> import com.sun.org.apache.xml.internal.security.utils.Base64;
>
> ...
>
> public static String encrypt(String content, String password) {
> try {
> KeyGenerator kgen = KeyGenerator.getInstance("AES");
> kgen.init(128, new SecureRandom(password.getBytes()));
>
> SecretKey secretKey = kgen.generateKey();
> byte enCodeFormat = secretKey.getEncoded();
> SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
>
> Cipher cipher = Cipher.getInstance("AES");
> cipher.init(Cipher.ENCRYPT_MODE, key);
> byte byteContent = content.getBytes("utf-8");
> byte result = cipher.doFinal(byteContent);
> return Base64.encode(result);
> } catch (NoSuchAlgorithmException e) {
> e.printStackTrace();
> } catch (NoSuchPaddingException e) {
> e.printStackTrace();
> } catch (InvalidKeyException e) {
> e.printStackTrace();
> } catch (UnsupportedEncodingException e) {
> e.printStackTrace();
> } catch (IllegalBlockSizeException e) {
> e.printStackTrace();
> } catch (BadPaddingException e) {
> e.printStackTrace();
> }
> return null;
> }
>
>
> Now I try to implement it in Ruby(not work):
>
> def self.aes128_encrypt(password, content)
> cipher = OpenSSL::Cipher.new('AES-128-ECB')
> cipher.encrypt
> cipher.key = password
> result = cipher.update(content) + cipher.final
> Base64.encode64(result).chomp
> end
>
>
> After some research, I think the problem is the cipher#key: In Java,
> it's generate by securerandom with password as seed, But in Ruby, I use
> the password directly.
>
> So I want to generate key like Java. But I find the random number
> generator used by Java is NativePRNG, which I do not find the same
> implementation so far.
>
>
> Now, I want to ask help from guys familiar with Both Ruby and Java:
>
> How can i implement the same AES encrypt in Ruby?
>
> Or how to generate random string in Ruby with NativePRNG.
>
> Thank you very much for each reply.
>
>
>
> Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org
?subject=unsubscribe>
> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;
>

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;

Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk&gt;