mysql DES revisited [closed, no solution]
Posted: Sun Jan 08, 2006 11:00 am
Hi Y'all. Thanks to Feyd I got the DES algorithm function working as desired, now, however I've been told it needs to decrypt data that was encrypted by MySQL's des_encrypt function..
(we wanted to upgrade our MYSQL on the server where we use it, but because of the fact that mysql with openssl is no longer supported , we cannot do that until we have a suitable replacement)
I already know we can simply use the existing mysql and decrypt the data, and re-encrypt it using the new function already written. However, that is "plan Z" (last resort option) , according to my employer, so what I need to do is develop a des decrypt and encrypt function that will *exactly* match the mysql des_encrypt and des_decrypt functions.
In other words, an exact drop in.
I have the known key with which the original data was encrypted , and I have some sample data to work with, and all else being equal, it appears I need one or both of the following:
I need the correct mcrypt_encrypt constant , and I need to determine the correct I.V. (Initialization Vector) to pass to the mcrypt_decrypt function that will exactly match MySQL's des_encrypt algorithm..
So far in reading both mysql manual and php manual, I cannot locate this information..
Would anyone here have even an inkling , if not having already accomplished it??
the following mysql query:
Gives me data 'x' , and I need to be able to *DECRYPT* that data using something like this:
and the echo of the value returned should *precisely* match (It's ok if \0 is appended , I can easily trim that off after) the original data ('known_string') that was encrypted by mysql above..
I believe I need to know what values to apply to the following parts of my des_decrypt function:
I am hoping that someone knows the correct values that would duplicate mysql's des_encrypt /des_decrypt algorithm... So far, I have not been able to duplicate it...
Any takers ?
(we wanted to upgrade our MYSQL on the server where we use it, but because of the fact that mysql with openssl is no longer supported , we cannot do that until we have a suitable replacement)
I already know we can simply use the existing mysql and decrypt the data, and re-encrypt it using the new function already written. However, that is "plan Z" (last resort option) , according to my employer, so what I need to do is develop a des decrypt and encrypt function that will *exactly* match the mysql des_encrypt and des_decrypt functions.
In other words, an exact drop in.
I have the known key with which the original data was encrypted , and I have some sample data to work with, and all else being equal, it appears I need one or both of the following:
I need the correct mcrypt_encrypt constant , and I need to determine the correct I.V. (Initialization Vector) to pass to the mcrypt_decrypt function that will exactly match MySQL's des_encrypt algorithm..
So far in reading both mysql manual and php manual, I cannot locate this information..
Would anyone here have even an inkling , if not having already accomplished it??
the following mysql query:
Code: Select all
$sql = "select des_encrypt('known string','known_key') as encrypted";Code: Select all
function des_decrypt($string,$key)
{
$iv_size = mcrypt_get_iv_size(MCRYPT_TRIPLEDES, MCRYPT_MODE_CFB); //returns integer 8
$iv = mcrypt_create_iv($iv_size); //returns a binary value
$cleartext = mcrypt_decrypt(MCRYPT_TRIPLEDES, $key, $string, MCRYPT_MODE_CFB, $iv);
return $cleartext;
}
echo des_decrypt('mysql_raw_encrypted_data','known_key');I believe I need to know what values to apply to the following parts of my des_decrypt function:
Code: Select all
MCRYPT_TRIPLEDES
MCRYPT_MODE_CFB
and/ or $iv part from mcrypt_decrypt(MCRYPT_TRIPLEDES, $key, $string, MCRYPT_MODE_CFB, $iv);Any takers ?