Decrypt AES-256-EAX encrypted string in Ruby? - ruby

I need to decrypt a AES-256-EAX encrypted string from Java in Ruby.
Ruby's built-in OpenSSL::Cipher provides functionality to decrypt AES-256-CBC, when I try to use AES-256-EAX, its throwing that the algorithm is not supported.
Is there any library/gem out there that decrypts AES-256-EAX string in Ruby?
Thanks in advance.

Are you sure that you got the right cipher string ? Googling for "AES-256-EAX" does yield only 8 hits for me and I've never heard of it before. And if OpenSSL doesn't support it you are out if luck, I guess.

Is it possible for you to run your ruby code with jruby ?
In this case you could use the java lib inside ruby code to decrypt your string.

Related

Using PGP in golang

I'm trying to encrypt a string using the openPGP package in golang, but so far I haven't been successful.
Nothing that I've tried so far has worked, so I'm looking for any sort of suggestions or fixes.
The only requirements I have is that it should take the public/private key and the string to decrypt as a string, not files.
I tried to use the examples from this post: http://julianyap.com/2014/07/04/gnu-privacy-guard-gpg-examples-using-golang.html
Specifically this example: https://gist.github.com/jyap808/8324818
But when I run that out of the box it saids the following when trying to read the key
openpgp: invalid argument: no armored data found
And I've found no other good example/working package.
I'm starting to run out of options, as I originally tried to do this in PHP, but failed horribly there too. Would be great if anyone could offer some suggestions!
Thanks in advance
Here's a PGP package for Golang that abstracts away most of the complications and is pretty easy to use:
https://github.com/jchavannes/go-pgp
Checkout the test file for an example:
https://github.com/jchavannes/go-pgp/blob/master/pgp/encrypt_test.go

Can I do AES-128-ECB encryption with Libsodium?

I need to encrypt a block of data using AES-128-ECB and would like to do so with libsodium and Ruby. I have prototyped a solution in Ruby using OpenSSL APIs as shown below:
aes = OpenSSL::Cipher::Cipher.new("AES-128-ECB")
aes.encrypt
aes.key = key
aes.update(data) + aes.final
This works, but I need other features from libsodium, so I would like to use it instead and get rid of my dependency on OpenSSL. Unfortunately, I don't see any APIs for ECB mode. I am also using the ruby wrapper RbNaCl, but I don't even see any way to do this using the base libsodium APIs. I do see ones for AES-128-CTR.
Is it possible to encrypt AES-128-ECB with libsodium?
libsodium intentionally doesn't support the ECB mode.
In this mode, the same block encrypted twice produces the same ciphertext twice.
A classic illustration of why this is terrible from a security perspective is the ECB penguin.
Instead of providing many primitives, modes and parameters to choose from, with many combinations actually being insecure, libsodium provides a cherry-picked set of secure constructions.
AES-ECB is not one of them, and will never be for the reasons stated above.
You really should switch to a different construction.

What methods exist to auto-generate ruby client stubs from WSDL files?

I'm using Ruby and the Savon gem to interact with SOAP/WS and would like to auto-generate the client request methods from the WSDL in Ruby.
Before I do this, I'd like to know if there's any other Ruby/SOAP library that does this?
Edit: Please note, I already know this isn't available in Savon out the box, in fact my intention is to add in the feature, I'm in the process checking if this exists somewhere else written in Ruby.
Since it's only few days since you asked this question, and I've run into same problem I've decided to create small script to do that.
Download - save as objects.rb for example and run with _bunde exec objects.rb path_to.wsdl_
https://gist.github.com/4622792
Let me know if it works ^^
Take a look at Savon's spec, it has pretty rich testing environment
I think ads_common by Google is relevant to you.
google-api-ads-ruby/ads_common at master ยท googleads/google-api-ads-ruby
rake generate can create the client libraries automatically from WSDL.
It is specialized for Google Ads, but this notion would be helpful to create a versatile client library automatically from WSDL in Ruby.

Is there a way to encrypt passwords in Ruby Watir automation scripts?

I need to create an automated test using Watir that requires a password to be written into a text field, but I don't want to have the password in plain view in the script. Is there a way to encrypt/decrypt a password within Watir?
I know python uses the base64 lib to do it, but I'm not sure how Ruby would do it.
Here's the code:
require 'watir'
ie = IE.new
ie.goto("https://test.domain.com")
ie.text_field(:name, "username").set("myUsername")
ie.textfield(:name, "password")set("myPassword")
Your test server shouldn't have sensitive data, and it shouldn't be publicly accessible. What danger are you trying to protect against / what damage can an unauthorized person do if they got the password? If it's really a test server, it seems like the worst case is that someone would mess with your test data.
Using base64 would only be security by obscurity because it's so easy to decode. If you really think this is sufficient for your needs, just use Base64.encode64 and Base64.decode64 .

REXML in Ruby (use of XML in Ruby)

I am new to Ruby. What I want to know is what's the use of XML in Ruby? I mean for what purpose REXML is there in Ruby? Could anybody give me example like by adding some XML documents in our Ruby program? We have this kind of benefit. It means I want to know for what purpose XML is used in Ruby. Sorry if it looks stupid question, but I want to know.
The XML is use in ruby like in other langage. You can use it to configure your programme or communicate with other stuff.
After we prefere JSON to communicate ad YAML to configure.

Resources