对 php 实现的 aes-128-cbc 加密解密进行 ruby 翻译，不兼容？困惑

- 最近需要将一段 php 写的 aes-128-cbc 的加密和解密用 ruby 语言实现，翻译过程中没思路了，不知如何是好！
- 要达到的目的是：ruby 加密解密的结果能直接兼容这个被翻译的 php 加密机密方法。

==========================================================================================
- php 加密方法:

  public static function aes128cbcEncrypt($key, $text) {
    /* Open the cipher */
    $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
    if (! $td) {
      throw new GeneralSecurityException('Invalid mcrypt cipher, check your libmcrypt library and php-mcrypt extention');
    }
    // replaced MCRYPT_DEV_RANDOM with MCRYPT_RAND since windows doesn't have /dev/rand :)
    srand((double)microtime() * 1000000);
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
    /* Intialize encryption */
    mcrypt_generic_init($td, $key, $iv);
    /* Encrypt data */
    $encrypted = mcrypt_generic($td, $text);
    /* Terminate encryption handler */
    mcrypt_generic_deinit($td);
    /*
		 *  AES-128-CBC encryption.  The IV is returned as the first 16 bytes
		 * of the cipher text.
		 */
    return $iv . $encrypted;
  }

- php 解密方法:

  public static function aes128cbcDecrypt($key, $encrypted_text) {
    /* Open the cipher */
    $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
    if (is_callable('mb_substr')) {
      $iv = mb_substr($encrypted_text, 0, Crypto::$CIPHER_BLOCK_SIZE, 'latin1');
    } else {
      $iv = substr($encrypted_text, 0, Crypto::$CIPHER_BLOCK_SIZE);
    }
    /* Initialize encryption module for decryption */
    mcrypt_generic_init($td, $key, $iv);
    /* Decrypt encrypted string */
    if (is_callable('mb_substr')) {
      $encrypted = mb_substr($encrypted_text, Crypto::$CIPHER_BLOCK_SIZE, mb_strlen($encrypted_text, 'latin1'), 'latin1');
    } else {
      $encrypted = substr($encrypted_text, Crypto::$CIPHER_BLOCK_SIZE);
    }
    $decrypted = mdecrypt_generic($td, $encrypted);
    /* Terminate decryption handle and close module */
    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);
    /* Show string */
    return trim($decrypted);
  }

-------------------------------------------------------------------------

# 翻译demo
- ruby encryption:

require 'openssl'

text = "abcdefghijklmnopqrstuvwxyz"
key = "1234567890123456"
alg = "AES-128-CBC"
iv = "6543210987654321"
file_name = "ruby.encrypted"
file_name_2 = "ruby.decrypted"

puts %(clear text:    "#{text}")
puts %(symmetric key: "#{key}")
puts %(initialization vector: "#{iv}")
puts %(cipher alg:    "#{alg}")

puts "--Encrypting--"
des = OpenSSL::Cipher::Cipher.new(alg)
des.encrypt
des.key = key
des.iv = iv
cipher =  des.update(text)
cipher << des.final
puts %(encrypted text: #{cipher})
puts

file = File.open(file_name, "w")
file.truncate(0)
file << cipher
file.close

- ruby decryption:

require 'openssl'

text = "abcdefghijklmnopqrstuvwxyz"
key = "1234567890123456"
alg = "AES-128-CBC"
iv = "6543210987654321"
file_name = "ruby.encrypted"
file_name_2 = "ruby.decrypted"

puts %(clear text:    "#{text}")
puts %(symmetric key: "#{key}")
puts %(initialization vector: "#{iv}")
puts %(cipher alg:    "#{alg}")

file = File.open(file_name, "r")
text = file.read(999999)
file.close

puts "--Decrypting--"
des = OpenSSL::Cipher::Cipher.new(alg)
des.decrypt
des.key = key
des.iv = iv
out =  des.update(text)
out << des.final
puts %(decrypted text: "#{out}")
puts

file = File.open(file_name_2, "w")
file.truncate(0)
file << des.final
file.close

- php encryption:

$text = "abcdefghijklmnopqrstuvwxyz";
$key = "1234567890123456";
$alg = "rijndael-128";
$iv = "6543210987654321";
$file_name = "php.encrypted";
$file_name_2 = "php.decrypted";
$mode = "cbc";

echo("clear test: $text\n");
echo("symmetric key: $key\n");
echo("initialization vector: $iv\n");
echo("cipher alg: $alg\n");

$td = mcrypt_module_open($alg, NULL, $mode, NULL);
//$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), $iv);
mcrypt_generic_init($td, $key, $iv);
$result = mcrypt_generic($td, $text);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo "result: $result\n";

$file = fopen($file_name, "w");
fwrite($file, $result);
fclose($file);

- php decryption:

$text = "abcdefghijklmnopqrstuvwxyz";
$key = "1234567890123456";
$alg = "rijndael-128";
$iv = "6543210987654321";
$file_name = "php.encrypted";
$file_name_2 = "php.decrypted";
$mode = "cbc";

$file = fopen($file_name, "r");
$text = fread($file, filesize($file_name));
fclose($file);

echo("clear test: $text\n");
echo("symmetric key: $key\n");
echo("initialization vector: $iv\n");
echo("cipher alg: $alg\n");

$td = mcrypt_module_open($alg, NULL, $mode, NULL);
//$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), $iv);
mcrypt_generic_init($td, $key, $iv);
$result = mdecrypt_generic($td, $text);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo "result: >>>$result<<<\n";

$file = fopen($file_name_2, "w");
fwrite($file, $result);
fclose($file);

==========================================================================================
从demo的运行对比来看加密解密貌似不兼容，我只是最近才接触这个东西，在此希望这方面的高手同行给予些帮助，
Thanks.

评论

1 楼 xiaozi0lei 2014-09-09  

在php的加密解密部分, 你需要对字符串进行padding处理, 这样ruby这边才可以对接收到的字符串进行解密.
AES/ECB/PKCS5Padding
算法/模式/填充

参考:
http://blog.sina.com.cn/s/blog_5e2308c80102v7gy.html