OpenSSL::Cipher dad decrypt

[Pål Bergström]

I'm trying to implement a simple encrypt and decrypt function in Rails.
I've found this Ruby script using OpenSSL::Cipher::Cipher.

When I try with the "wrong" KEY value, just to test it, I get an error
saying "bad decrypt". How can I avoid the error, or read the error so I
can stop the script?

 

[Pål Bergström]

I'm trying to implement a simple encrypt and decrypt function in Rails.
I've found this Ruby script using OpenSSL::Cipher::Cipher.

When I try with the "wrong" KEY value, just to test it, I get an error
saying "bad decrypt". How can I avoid the error, or read the error so I
can stop the script?

dad? hehe.

Should be "bad" of course.

 

[Eleanor McHugh]

I'm trying to implement a simple encrypt and decrypt function in =20
Rails.
I've found this Ruby script using OpenSSL::Cipher::Cipher.

When I try with the "wrong" KEY value, just to test it, I get an error
saying "bad decrypt". How can I avoid the error, or read the error =20
so I
can stop the script?

Show us the code you're actually using and we can make constructive =20
suggestions
Also whilst the particular techniques may or may not be applicable, =20
you can find some examples of doing OpenSSL crypto in the =20
presentations linked in my sig: the Semantic DNS presentation has a =20
substantial example (using AES).


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net

 

[Pål Bergström]

On 2 May 2009, at 21:45, P�l Bergstr�m wrote:

Show us the code you're actually using and we can make constructive
suggestions
Also whilst the particular techniques may or may not be applicable,
you can find some examples of doing OpenSSL crypto in the
presentations linked in my sig: the Semantic DNS presentation has a
substantial example (using AES).

This is what I use. Would be good if I could catch the error and prevent
it from "hanging" the browser with an error (using Rails).

---

require 'openssl'
require 'digest/sha2'
require 'cgi'

module Crypto

def self.encrypt(plain_text)

cgi = CGI.new("html3")
passo = cgi.cookies["thecookie"].to_s

c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.encrypt
c.key = key = Digest::SHA2.digest(passo)
e = c.update(plain_text)
e << c.final
e = Base64.b64encode(e)
return e

end

def self.decrypt(cstring)

cgi = CGI.new("html3")
passo = cgi.cookies["thecookie"].to_s

etext = Base64.decode64(cstring)
c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key = key = Digest::SHA2.digest(passo)
d = c.update(etext)
d << c.final

return d

end



end

 

[Eleanor McHugh]

This is what I use. Would be good if I could catch the error and =20
prevent
it from "hanging" the browser with an error (using Rails).

def self.decrypt(cstring)
cgi =3D CGI.new("html3")
passo =3D cgi.cookies["thecookie"].to_s
etext =3D Base64.decode64(cstring)
c =3D OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key =3D key =3D Digest::SHA2.digest(passo)
d =3D c.update(etext)
d << c.final
return d
end

You need to do something along the lines of:

begin
c =3D OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key =3D key =3D Digest::SHA2.digest(passo)
d =3D c.update(etext)
d << c.final
d
rescue OpenSSL::CipherError =3D> e
"incorrect password"
rescue Exception =3D> e
"unknown error"
end

where you can have several rescue blocks, one for each exception =20
recovery behaviour you have a use for.


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net

 

[Pål Bergström]

begin
c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key = key = Digest::SHA2.digest(passo)
d = c.update(etext)
d << c.final
d
rescue OpenSSL::CipherError => e
"incorrect password"
rescue Exception => e
"unknown error"
end

Thanks. Got it working.

 

[Eleanor McHugh]

Thanks. Got it working.

Excellent


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net