PHP Encryption

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Mute
Forum Newbie
Posts: 15
Joined: Mon Jul 10, 2006 9:02 am

PHP Encryption

Post by Mute »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


OK, have a problem with our server migration. Our TEA encryption does work anymore....

Works fine on the old server with PHP 4.4.2 but not on the server with 4.4.2....

Any ideas on this one? Code is below.

Code: Select all

<?php
//---------------------------------------------------------
// TEA Encryption Functions
// Encryption and decryption of text
// Using the Tiny Encryption Algorithm
	
function DecToHex( $x )
{
	$r = dechex( $x );
	while( strlen( $r ) < 8 )
		$r = '0'.$r;
	return $r;
}

function shiftRightOne( $n )
{
	$s = $n & 0x80000000;
	$n &= 0x7fffffff;
	$n >>= 1;
	if( $s ) $n |= 0x40000000;
	return $n;
}

function shiftRight( $n, $t )
{
	for( $i = 0; $i < $t; ++$i )
	{
		$n = shiftRightOne( $n );
	}
	return $n;
}

function tea_encipher($p1, $p2, $k)
{
	$temp = array( $p1, $p2 );
	$n = 32;
	$sum = 0;
	while ($n-- > 0)
	{
		$temp[0] += (($temp[1] << 4 ^ shiftRight( $temp[1], 5 )) + $temp[1] ^ $sum + $k[($sum & 3)]);
		$sum = $sum + 0x9E3779B9;
		$temp[1] += (($temp[0] << 4 ^ shiftRight( $temp[0], 5 )) + $temp[0] ^ $sum + $k[( shiftRight( $sum, 11 ) & 3)]);
	}
	return $temp;
}

function tea_decipher($p1, $p2, $k)
{
	$temp = array( $p1, $p2 );
	$n = 32;
	$sum = 0x9E3779B9 * $n;
	while ($n-- > 0)
	{
		$temp[1] -= (($temp[0] << 4 ^ shiftRight( $temp[0], 5 )) + $temp[0] ^ $sum + $k[(shiftRight( $sum, 11 ) & 3)]);
		$sum = $sum - 0x9E3779B9;
		$temp[0] -= (($temp[1] << 4 ^ shiftRight( $temp[1], 5 )) + $temp[1] ^ $sum + $k[($sum & 3)]);
	}
	return $temp;
}

function tea_encrypt($inString, $key)
{
	$outString = "";
	
	// pad the input so that it's a multiple of 8
	while ( strlen($inString) & 7 )
	{
		$inString .= ' ';
	}
	
	$i = 0;
	while($i < strlen($inString) )
	{
		// slam 4 bytes into a dword 
		$p1 = ord( substr( $inString, $i++, 1 ) );
		$p1 |= ord( substr( $inString, $i++, 1 ) ) << 8;
		$p1 |= ord( substr( $inString, $i++, 1 ) ) << 16;
		$p1 |= ord( substr( $inString, $i++, 1 ) ) << 24;
		// mask off 32 bits to be safe
		$p1 = $p1 & 0xFFFFFFFF;
		
		// slam 4 bytes into a dword
		$p2 = ord( substr( $inString, $i++, 1 ) );
		$p2 |= ord( substr( $inString, $i++, 1 ) ) << 8;
		$p2 |= ord( substr( $inString, $i++, 1 ) ) << 16;
		$p2 |= ord( substr( $inString, $i++, 1 ) ) << 24;
		// mask off 32 bits to be safe
		$p2 = $p2 & 0xFFFFFFFF;
		
		// send dwords to be enciphered
		$res = tea_encipher($p1, $p2, $key);
		$outString .= DecToHex($res[0]).DecToHex($res[1]);
	}
	// return encrypted string
	return $outString;
}

function tea_decrypt( $inString, $key)
{
	$outString = '';
	// loop through input string
	$i = 0;
	while ( $i < strlen($inString) )
	{
		// 8 hex chars make a dword 
		$p3 = intval( substr( $inString, $i, 4 ), 16 ); // read high 16 bit word
		$p3 <<= 16; // shift hi word correct position
		$i += 4;
		$p3 |= intval(substr( $inString, $i, 4 ), 16 ); // read low 16 bit word 
		$i += 4;
		
		$p4 = intval( substr( $inString, $i, 4 ), 16 ); // read high 16 bit word
		$p4 <<= 16; // shift hi word correct position
		$i += 4;
		$p4 |= intval(substr( $inString, $i, 4 ), 16 ); // read low 16 bit word 
		$i += 4;

		// pass dwords to decipher routine
		$res = tea_decipher($p3, $p4, $key);
		
		// transform results back into alphanumic characters
		// unpack first dword
		$outString .= chr( ( $res[0] & 0x000000FF ) );
		$outString .= chr( ( $res[0] & 0x0000FF00 ) >> 8 );
		$outString .= chr( ( $res[0] & 0x00FF0000 ) >> 16 );
		$outString .= chr( shiftRight( ( $res[0] & 0xFF000000 ), 24 ) );
		// unpack second dword
		$outString .= chr( ( $res[1] & 0x000000FF ) );
		$outString .= chr( ( $res[1] & 0x0000FF00 ) >> 8 );
		$outString .= chr( ( $res[1] & 0x00FF0000 ) >> 16 );
		$outString .= chr( shiftRight( ( $res[1] & 0xFF000000 ), 24 ) );
	}
	return trim($outString);
}

function tea_isValid( $plain, $crypt, $keys )
{
	return ( tea_encrypt( $plain, $keys ) == $crypt );
}

?>
The code gives no errors what so ever. But the encrypted string it returns is incorrect and when you try and decrypt that string or a correctly encrypted string, it doesn't do it, just gives gobblegook.

Here's some phpinfo from the old server which works and the new server which doesn't.

Old Server (works)
http://83.245.15.145/~check/test.php

New Server (doesn't work)
http://87.117.198.116/~chav0ly/test.php

Are there any blatant differences in variables or some such that could be causing this problem?


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Re: PHP Encryption

Post by Roja »

Mute wrote:Are there any blatant differences in variables or some such that could be causing this problem?
Tricky. I don't see any mcrypt_* functions in use, and the versions of php are the same on both. I mention mcrypt because it isn't installed on the new server, but since you don't use any of the functions (at least I dont notice any), that shouldnt matter.

Not sure.
Mute
Forum Newbie
Posts: 15
Joined: Mon Jul 10, 2006 9:02 am

Post by Mute »

Apparently this is a problem experienced by a few.

Anyone got any ideas on how to solve it?

http://www.codingforums.com/showthread.php?t=82741

Just makes no sense to me why the code works perfectly on one server and not on another.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

The maximum value that intval can return is system specific. Not sure if that is your problem or not though.
The maximum value depends on the system. 32 bit systems have a maximum signed integer range of -2147483648 to 2147483647. So for example on such a system, intval('1000000000000') will return 2147483647. The maximum signed integer value for 64 bit systems is 9223372036854775807.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The bitmath you've got here could be handled in individual bytes for the most part. Even in the depths of the "encryption," byte level changes could be employed.
Mute
Forum Newbie
Posts: 15
Joined: Mon Jul 10, 2006 9:02 am

Post by Mute »

Um, how do you mean?
Post Reply