How to properly work with Mcrypt php function? Doesn't want to recover encrypted data

A

Andrew2012-10-03 16:25:24

Programming

Andrew, 2012-10-03 16:25:24

Maybe someone can tell me where is the error?

  // взято на http://stackoverflow.com/questions/5465148

  define('SECRET',md5('blabla'));

  function encrypt($value){
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    return mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv);
  }

  function decrypt($value){
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv));
  }
  
  if ( $hash== '' ) // $hash это сам хеш передаваемый в урле
    print base64_encode(encrypt($pass)); // шифрование
  else 
    print decrypt(base64_decode($hash));

For some reason, the decrypt function does not correctly restore the data received in the url, although if immediately after encryption output

print decrypt(base64_decode(base64_encode(encrypt($pass))));

then everything is decrypted correctly.

What can be wrong?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

AGvin, 2012-10-03
@dasty

Here is a much simpler example using mcrypt_encrypt / mcrypt_decrypt:

<?php
function encrypt_data($key, $text){
  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
  $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
  $encrypted_text = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
  return $encrypted_text;
}

function decrypt_data($key, $text){
  global $encryptionkey;
  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
  $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
  $decrypted_text = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
  return $decrypted_text;
}

$key = 'This is a very secret key';
$text = "Meet me at 11 o'clock behind the monument.";
echo $text .':'. mb_strlen ($text)."\n";

$crypttext = encrypt_data ($key,$text);

$decrypttext = decrypt_data ($key, $crypttext) ;
echo  $decrypttext.':'. mb_strlen ($decrypttext)."\n";
var_dump($decrypttext);

As a result of execution:

[[email protected] public]$ php test.php 
Meet me at 11 o'clock behind the monument.:42
Meet me at 11 o'clock behind the monument.:64
string(64) "Meet me at 11 o'clock behind the monument.\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"

As a cure, you can use $decrypttext= rtrim($decrypttext, '\0');
or fix the decrypt_data function:

<?php
function decrypt_data($key, $text){
  global $encryptionkey;
  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
  $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
  $decrypted_text = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
  return rtrim($decrypted_text, '\0');;
}

T

truekenny, 2012-10-03
@truekenny

The base64_encode result may have equal characters at the end, which must be escaped in the GET request.

U

unglued, 2013-08-12
@unglued

If you need simplicity and speed:

<?php
/* key and string */
$key = md5("key", true);
$input = "input";

/* encode */
$encrypted_data = urlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $input, MCRYPT_MODE_ECB)));

/* decode */
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key, base64_decode(urldecode($encrypted_data)),MCRYPT_MODE_ECB);

Y

Yuri Popov, 2012-10-04
@DjPhoeniX

As far as I know about AES, the initialization vector for encryption and decryption should be the same. And you have every encrypt / decrypt

$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

The fact that when the functions are executed “in a row” the result is correct, I attribute it to the features of random.