I succeeded in encrypting the plaintext using PHP openssl, but with openssl_decrypt, I get this error.
�RC(�ɸ�gQ���삭
What is the reason for alien language to float? I think this is the problem:
openssl_random_pseudo_bytes (16).
openssl_random_pseudo_bytes(opensl_cipher_iv_length ("AES-128-CBC")); is the same situation.
function aes_encode($text, $s_key){
$iv = openssl_random_pseudo_bytes(16);
return base64_encode(openssl_encrypt($text, "AES-128-CBC", $s_key, 0, $iv));
}
$encrypt_text = aes_encode($plaintext, $s_key);
echo $encrypt_text;
function aes_decode($encrypt_text, $s_key){
$iv = openssl_random_pseudo_bytes(16);
return openssl_decrypt(base64_decode($encrypt_text), "AES-128-CBC", $s_key, 0, $iv);
}
$decrypt_text = aes_decode($encrypt_text, $s_key);
echo $decrypt_text;
<result>
QUxwTUxiSTkwWFc2WE0zcmtSOXNHR0cyKzU1RWIvNkxnaGJTZmdnVlB4VT0=
�RC(�ɸ�gQ���삭
You need to use the same IV you encrypted with when decrypting:
function aes_encode($text, $s_key, $iv){
return base64_encode(openssl_encrypt($text, "AES-128-CBC", $s_key, 0, $iv));
}
function aes_decode($encrypt_text, $s_key, $iv){
return openssl_decrypt(base64_decode($encrypt_text), "AES-128-CBC", $s_key, 0, $iv);
}
$plaintext = 'testtest';
$s_key = 'secret';
$iv = openssl_random_pseudo_bytes(16);
$encrypt_text = aes_encode($plaintext, $s_key, $iv);
echo $encrypt_text;
echo "\n";
$decrypt_text = aes_decode($encrypt_text, $s_key, $iv);
echo $decrypt_text;
Output
SVg2Y0FtV1h6RFZac2t5UjhxNDhpdz09
testtest
Related
I tried to decrypt a string that had been successfully encrypted but the string is not displayed correctly as original. I'm using codeigniter.
Example string to encrypt
$send_param = "sUserID=A1234&sReference=1003AB";
Result the encryption
ai1nFLjRDiyZvognuWe0y%2bhakXxaIydp2DUptUfJXL4NKi2chyhE8tZRTKMlPnslL6Gx7TxsR9%2bLwRmWTpd6FROOzD/rfZb70WTMAip
Result after i tried decrypt
Function to Encrypt
function encrypt($string_to_encrypt)
{
return $this->encryptRJ256($this->key,$this->iv,$string_to_encrypt);
}
function encryptRJ256($key,$iv,$string_to_encrypt)
{
$rtn = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_encrypt, MCRYPT_MODE_CBC, $iv);
$rtn = base64_encode($rtn);
return($rtn);
}
Function to Decrypt
function decrypt($string_to_encrypt)
{
return $this->decryptRJ256($this->key,$this->iv,$string_to_encrypt);
}
function decryptRJ256($key,$iv,$string_to_decrypt)
{
$string_to_decrypt = str_replace(" ", "+", $string_to_decrypt);
$string_to_decrypt = base64_decode($string_to_decrypt);
$rtn = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_decrypt, MCRYPT_MODE_CBC, $iv);
$rtn = rtrim($rtn, "\4");
return($rtn);
}
The mcrypt module is deprecated in PHP 7.1, so I have to refactor my old encrypt / decrypt functions with the openssl functions. Actually I found no way doing this.
My major problem is: The script still must be able to decrypt existing crypted data. I have no chance to decrypt with my function und re-crypt the data with a new function again!
Here's my existing code:
function _encrypt($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
if ($cleartext) {
$td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted_data_raw = mcrypt_generic($td, $cleartext);
$encrypted_data = bin2hex($encrypted_data_raw);
mcrypt_generic_deinit($td);
return $encrypted_data;
} else {
return false;
}
}
function _decrypt($crypttext, $key = "th1s1sav3rys3cr3tk3y") {
if ($crypttext) {
$td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = trim(mcrypt_decrypt(MCRYPT_TripleDES, $key, hex2bin($crypttext), MCRYPT_MODE_ECB, $iv));
mcrypt_generic_deinit($td);
return $decrypted_data;
} else {
return false;
}
}
UPDATE:
This is the way I tried so solve it - to get the same $iv i took simply the same code as in the old function and try to implement it in the way described here: php: mcrypt_encrypt to openssl_encrypt, and OPENSSL_ZERO_PADDING problems
function _encrypt2($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
$td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$message_padded = $cleartext;
if (strlen($message_padded) % 8) {
$message_padded = str_pad($message_padded,
strlen($message_padded) + 8 - strlen($message_padded) % 8, "\0");
}
$encrypted_openssl = openssl_encrypt($message_padded, "DES-EDE3-CBC", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, $iv);
return bin2hex($encrypted_openssl);
}
I hope you can give me good hints.
Finally I got the solution - thank you all for your help and support by pushing me into the right direction and asking the right questions. The main thing I missed was ECB-Mode (I took CBC...). So all the stuff with the $iv wasn't really needed.
To complete the answer here my new functions:
function _encrypt_openssl($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
if ($m = strlen($cleartext) %8) {
$cleartext .= str_repeat("\0", 8-$m);
}
$encrypted_openssl = openssl_encrypt($cleartext , "DES-EDE3-ECB", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, null);
return bin2hex($encrypted_openssl);
}
function _decrypt_openssl($crypttext, $key = "th1s1sav3rys3cr3tk3y") {
return openssl_decrypt(hex2bin($crypttext), 'DES-EDE3-ECB', $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, null);
}
I found a tutorial online on how to encrypt strings in php but when I call the function and try echo the processed data I'm getting 500 internal error. Here is my code below.
<?php
$iv_to_pass_to_decryption = 'mysecretpass';
function encrypt($text, $key)
{
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND);
$iv_to_pass_to_decryption = base64_encode($iv);
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv);
}
function decrypt($text, $key, $iv)
{
$text = base64_decode($text);
$iv = base64_decode($iv);
return mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv);
}
$txt = "hello";
$mykey = "mysecretkey";
$somedata = encrypt($txt, $mykey);
echo $somedata;
?>
The first problem is, you missed a ) in line 8.
The second problem is mcrypt_decrypt()function is deprecated.
The third problem is mcrypt_encrypt(): Key of size 11 not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported. The 'mysecretkey' key is wrong.
I can recommend use the crypt() function: http://php.net/manual/en/function.crypt.php
When validating passwords, a string comparison function that isn't
vulnerable to timing attacks should be used to compare the output of
crypt() to the previously known hash. PHP 5.6 onwards provides
hash_equals() for this purpose.
use below code hope it will help you
$iv_to_pass_to_decryption = 'mysecretpass';
function encrypt($text, $key)
{
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND);
$iv_to_pass_to_decryption = base64_encode($iv);
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv));
}
function decrypt($text, $key, $iv)
{
$text = base64_decode($text);
$iv = base64_decode($iv);
return mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv);
}
$txt = "hello";
$mykey = "mysecretkey12345";
$somedata = encrypt($txt, $mykey);
echo $somedata;
I am trying to decode a simple JSON string and the format to make it look correct. I actually copied the string and decode is with the same algorithm but without all the extra code and it worked fine.
print_r(json_decode('{"user_id":1,"issused":"2016-02-24 04:40:17","expire":"2016-03-02 04:40:17"}'));
That worked. But when I do
$hash = Hash::salt(32);
$issused = date('Y-m-d H:i:s');
$expire = date('Y-m-d H:i:s', strtotime('+1 week'));
$data = array('user_id' => 1, 'issused' => $issused, 'expire' => $expire);
$encrypt = Cipher::encrypt(json_encode($data), $hash);
$decrypt = Cipher::decrypt($encrypt, $hash);
echo $encrypt;
echo "<br><br>";
echo $decrypt;
echo "<br><br>";
print_r(json_decode($decrypt));
Where $decrypted is the valid formated JSON that I posted above. When I used:
echo json_last_erro();
It gave me an output of 3 which is JSON_ERROR_CTRL_CHAR
Any idea why this isn't being decoded correctly?
EDIT
Here is how I am encrypting data.
class Cipher {
public static function encrypt($string, $hash) {
$size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($size, MCRYPT_RAND);
$encrypted = mcrypt_encrypt(MCRYPT_BLOWFISH, $hash, utf8_encode($string), MCRYPT_MODE_ECB, $iv);
//$encoded = urlencode($encrypted);
$encoded = base64_encode($encrypted);
return $encoded;
}
public static function decrypt($string, $hash) {
//$decoded = urldecode($string);
$decoded = base64_decode($string);
$size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($size, MCRYPT_RAND);
$decrypted = mcrypt_decrypt(MCRYPT_BLOWFISH, $hash, $decoded, MCRYPT_MODE_ECB, $iv);
return $decrypted;
}
}
Here how I am creating the salt.
public static function salt($length) {
return mcrypt_create_iv($length); //base64_encode(openssl_random_pseudo_bytes($length));
}
The extra control characters (\0) are due to the cypher block padding. From the mcrypt_decrypt docs
data
The data that will be decrypted with the given cipher and mode. If
the size of the data is not n * blocksize, the data will be padded
with '\0'.
You can pad the input for the block size yourself in the encrypt and then remove the extra padding in decrypt() or you can trim the trailing zero bytes from the decoded message doing the below.
$decrypt = trim($decrypt, "\0");
Here are my encrypt and decrypt functions
public function encrypt($text){
$key = hash("md5", KEY);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_TWOFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
$result = base64_encode(mcrypt_encrypt(MCRYPT_TWOFISH, $key, $text, MCRYPT_MODE_CBC, $iv));
return $result;
}
public function decrypt($text){
$key = hash("md5", KEY);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_TWOFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
$result = trim(mcrypt_decrypt(MCRYPT_TWOFISH, $key, base64_decode($text), MCRYPT_MODE_CBC, $iv));
return $result;
}
When encryption is run on a JSON string to be stored as a text file and then retrieved and decrypted the front section of the resulting string has replacement and/or incorrect characters:
Expected:
{"players":[{"label":"...
Actual:
�Ӹ�!G#${�W�Rՙ�bel":"...
If it makes any difference the actual placement/incorrect chars are different each time I refresh the page on the same file.
In case anyone comes across this...
The IV needs to be prepended to the file before encoding, like so:
public function encrypt($text){
$key = hash("md5", KEY);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_TWOFISH, MCRYPT_MODE_CBC), MCRYPT_DEV_URANDOM);
$result = base64_encode($iv.mcrypt_encrypt(MCRYPT_TWOFISH, $key, $text, MCRYPT_MODE_CBC, $iv));
return $result;
}
Then when decrypting take the IV from the decoded string and use it to decrypt, like so:
public function decrypt($text){
$key = hash("md5", KEY);
$decode = base64_decode($text);
$iv = substr($decode, 0, 16);
$decrypt = substr($decode, 16);
$result = mcrypt_decrypt(MCRYPT_TWOFISH, $key, $decrypt, MCRYPT_MODE_CBC, $iv);
return $result;
}