Using Ruby and Node crypto library together

Problem

I’ve got a string encrypted using aes-128-cbc encryption using Ruby and the EzCrypto library.

Here’s my encryption code in Ruby:

require 'rubygems'
require 'ezcrypto'

@pwd = 'hello'; @salt = 'salt'

key = EzCrypto::Key.with_password @pwd,@salt, :algorithm=>"aes-128-cbc"

File.open('key.txt','w') do |file|
file.write(key.to_s)
end

File.open('secret.txt','w') do |file|
file.write(key.encrypt("hello"))
end

Now I’d like to decrypt that string with Node. And i’m getting nothing back. I must be doing something wrong here. Below is my Node code.

var crypto      = require('crypto');
var fs = require('fs');

var secret = fs.readFileSync('secret.txt', 'binary');
var key = fs.readFileSync('key.txt', 'base64');

var decipher = crypto.createDecipher('aes-128-cbc', key);
var string = decipher.update(secret, 'binary', 'utf8');
string += decipher.final('utf8');

console.log("STRING: ", string)

Which returns: STRING:

Any help would be much appreciated.

Problem courtesy of: jpoz

Solution

This turned out to be a issue with Ruby’s implementation of OpenSSL. If you dig down deep into Ruby’s source you find this:

[https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_cipher.c#L210][1]

Ruby always sets the iv or initialization vector to “OpenSSL for Ruby rulez!” which IMHO is ridiculous. Out of the box Ruby’s OpenSSL encryption will never work with another languages.

Meaning EzCrypto won’t work with Node :-(

I wrote my own cipher wrapper for Ruby which I set the IV manually. Everything else feel into place once that was fixed.

I really hope this helps someone else out. Took me forever to figure it out.

Solution courtesy of: jpoz

View additional discussion.