OpenSSL: AEC-CBCの初期ベクトル その2

pkcs5_keyivgenで適切にsaltを設定すればいいのかも。
試してみる。

require 'openssl'

passwd = 'foobarzoo'
source = 'じゅげむじゅげむ'

def encrypt(plain, passwd, salt = nil)
  cipher = OpenSSL::Cipher::Cipher.new('AES-256-CBC')
  cipher.encrypt
  cipher.pkcs5_keyivgen(passwd, salt)
  crypted = (cipher.update(plain) + cipher.final)
  crypted.unpack('H*').first
end

def decrypt(crypted, passwd, salt = nil)
  crypted = [crypted].pack('H*')
  cipher = OpenSSL::Cipher::Cipher.new('AES-256-CBC')
  cipher.decrypt
  cipher.pkcs5_keyivgen(passwd, salt)
  (cipher.update(crypted) + cipher.final)
end

3.times do
  crypted = encrypt(source, passwd)
  puts "#{crypted} -> #{decrypt(crypted, passwd)}"
end

puts '-----'

3.times do
  salt = OpenSSL::Random.random_bytes(8)
  crypted = encrypt(source, passwd, salt)
  puts "#{crypted} -> #{decrypt(crypted, passwd, salt)}"
end


30059b8aeaca8811722faa847e25463dae03792409bbaeeb5e53c06ea5cd4887 -> じゅげむじゅげむ
30059b8aeaca8811722faa847e25463dae03792409bbaeeb5e53c06ea5cd4887 -> じゅげむじゅげむ
30059b8aeaca8811722faa847e25463dae03792409bbaeeb5e53c06ea5cd4887 -> じゅげむじゅげむ

        • -

04649927ee04a19ac153d60ed1a7e0ef04bf73ff88c1f41d246bd25048bfb391 -> じゅげむじゅげむ
271db24e085532e0b97a07f2eedfe8ba83647a6eedcf8515219308189b895d1a -> じゅげむじゅげむ
e2d2991808efe3dded234a4ffb081a079ba53063dcc71334f6d8c1234f33d0cc -> じゅげむじゅげむ

あ、ちゃんと同一の文字列でも違う暗号になってる。