Using PHP's mcrypt to encrypt/decrypt AES from other source
Posted: Thu Sep 18, 2008 7:25 am
Hi there!
I'm having something of a problem using mcrypt and I'm hoping someone can help. Now, I should preface this by saying that mcrypt itself may not be the real issue, but I'll get to that.
What I have is a program running in another programming language that correctly implements CBC and CFB encryption modes for AES, supporting 128, 192, and 256-bit keys. It also supports null-padding (which I believe is what mcrypt uses with CBC mode). Anyway, what I want to do is send an encrypted message from this program to a PHP script, decrypt it using mcrypt and then encrypt a response. However, I can't get it to work!
I have however managed to get the message to decrypt correctly using Java, and encrypt a response, so I know it's not my program's implementation of AES. So the problem is definitely somewhere within my mcrypt code, but I can't figure out where.
Anyway, here's a sample of the php code:
The CFB encrypted, base64 string should decrypt into the message "Hello world! I am a lovely message waiting to be encrypted!", but it does not, I just get garbage characters.
My suspicion at the moment is that it may be something to do with the way mcrypt works, and my inputs to it. It seems that mcrypt works using 8-bit characters (extended ASCII) which is fair-enough, as AES is a byte-manipulating cipher anyway. However, both my program and Java natively use UTF-16, and convert the output to UTF-8 before base64 encoding, and I have no idea how this affects PHP as I've never needed to worry about it before.
I've trauled examples, but all of them seem focused on encrypting/decrypting within PHP only, and have no notes on communicating with other AES implementations. I'd rather not port my own implementation to PHP as it is unlikely to be as fast as mcrypt (and duplicates a ton of work).
Any help is much appreciated!
P.S - I also have a sample CBC encrypted version of the same message which is NULL padded, if this is any easier to work-with:
slihkO6t9I/yfvfUpI0Rthagd/z8j1s5qh/PSbKGBg4N3PoQgUFdcCVnqOYku53cVx+IDgo8d0gPGaBR5YzORQ=
I'm having something of a problem using mcrypt and I'm hoping someone can help. Now, I should preface this by saying that mcrypt itself may not be the real issue, but I'll get to that.
What I have is a program running in another programming language that correctly implements CBC and CFB encryption modes for AES, supporting 128, 192, and 256-bit keys. It also supports null-padding (which I believe is what mcrypt uses with CBC mode). Anyway, what I want to do is send an encrypted message from this program to a PHP script, decrypt it using mcrypt and then encrypt a response. However, I can't get it to work!
I have however managed to get the message to decrypt correctly using Java, and encrypt a response, so I know it's not my program's implementation of AES. So the problem is definitely somewhere within my mcrypt code, but I can't figure out where.
Anyway, here's a sample of the php code:
Code: Select all
<?php
$myKey = pack('H*', '1234567890ABCDEF0123456789ABCDEF');
$myIV = pack('H*', '89ABCDEF0123456789ABCDEF01234567');
$myMsg = "Mdn6jGTwRPMOKTYTTdDKGm9KScz26LIz96KVOGAeMw3hpwByPfa07PDRHxRW4TIh5dmu5LlhKpTQChi=";
echo 'Key: ' . bin2hex($myKey) . '<br />';
echo 'IV: ' . bin2hex($myIV) . '<br />';
echo 'Decrypted: ' . getDecrypt(
$myMsg,
$myKey,
$myIV
);
function getEncrypt($sStr, $sKey, $sIV) {
return base64_encode(
mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
$sKey,
$sStr,
MCRYPT_MODE_CFB,
$sIV
)
);
}
function getDecrypt($sStr, $sKey, $sIV) {
return mcrypt_decrypt(
MCRYPT_RIJNDAEL_128,
$sKey,
base64_decode($sStr),
MCRYPT_MODE_CFB,
$sIV
);
}
?>My suspicion at the moment is that it may be something to do with the way mcrypt works, and my inputs to it. It seems that mcrypt works using 8-bit characters (extended ASCII) which is fair-enough, as AES is a byte-manipulating cipher anyway. However, both my program and Java natively use UTF-16, and convert the output to UTF-8 before base64 encoding, and I have no idea how this affects PHP as I've never needed to worry about it before.
I've trauled examples, but all of them seem focused on encrypting/decrypting within PHP only, and have no notes on communicating with other AES implementations. I'd rather not port my own implementation to PHP as it is unlikely to be as fast as mcrypt (and duplicates a ton of work).
Any help is much appreciated!
P.S - I also have a sample CBC encrypted version of the same message which is NULL padded, if this is any easier to work-with:
slihkO6t9I/yfvfUpI0Rthagd/z8j1s5qh/PSbKGBg4N3PoQgUFdcCVnqOYku53cVx+IDgo8d0gPGaBR5YzORQ=