Actually I'm using Mcrypt but I'm moving to OpenSSL and I need to be able to use it the exact same way as Mcrypt.
This is how I'm encrypting
mcrypt_encrypt(MCRYPT_DES, $key, $text, MCRYPT_MODE_cbc, "\0\0\0\0\0\0\0\0");
For the decryption, I already managed to do it in OpenSSL, both are working the same exact ways
//Using Mcrypt
mcrypt_decrypt(MCRYPT_DES, $key, $enc, MCRYPT_MODE_cbc, "\0\0\0\0\0\0\0\0");
//Using Openssl
openssl_decrypt($enc, 'des-cbc', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);
For the encryption using OpenSSL, this is my test code
$key = "123456SO";
$text = "name=louis&cp=75013";
$encMcrypt = mcrypt_encrypt(MCRYPT_DES, $key, $text, MCRYPT_MODE_cbc, "\0\0\0\0\0\0\0\0");
$encOpenssl = openssl_encrypt($text, "des-cbc", $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, "\0\0\0\0\0\0\0\0");
echo "Mcrypt : " . urlencode(base64_encode($encMcrypt));
echo " OpenSsl : " . urlencode(base64_encode($encOpenssl));
And this is the output :
Mcrypt : f0tF0ERITdKiI2SxrttYAJBVNBtoGR%2BD OpenSsl :
This is the official list of method, but I can't find the DES methods.
I know that Openssl declared DES weak, but I still need to use it in my situation.
How can I encrypt in DES-CBC using OpenSSL and make it behave the same way as the Mcrypt fonction ?
Edit:
If I removed the OPENSSL_ZERO_PADDING option, the result is almost the one expected
Code:
openssl_encrypt($text, "des-cbc", $key, OPENSSL_RAW_DATA , "\0\0\0\0\0\0\0\0");
output:
Mcrypt : f0tF0ERITdKiI2SxrttYAJBVNBtoGR%2BD
OpenSsl : f0tF0ERITdKiI2SxrttYANpJ%2BZaEiIFr
The first part of the string is correct but at the end it differs from the output of the Mcrypt encryption string.
Thanks to #Topaco I managed to make it work
I added the OPENSSL_ZERO_PADDING option to disable the PKCS7 padding, then I created a function to manually pad my string with 0x00
function zero_padding($text)
{
if (strlen($text) % 8)
$text = str_pad($text,strlen($text) + 8 - strlen($text) % 8, "\0");
return $text;
}
$key = "123456SO";
$text = "name=louis&cp=75013";
$encMcrypt = mcrypt_encrypt(MCRYPT_DES, $key, $text, MCRYPT_MODE_cbc, "\0\0\0\0\0\0\0\0");
$encOpenssl = openssl_encrypt(zero_padding($text), "des-cbc", $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, "\0\0\0\0\0\0\0\0");
$encMcrypt = urlencode(base64_encode($encMcrypt));
$encOpenssl = urlencode(base64_encode($encOpenssl));
echo "Mcrypt :" . $encMcrypt;
echo "OpenSsl:" . $encOpenssl;
Output:
Mcrypt : f0tF0ERITdKiI2SxrttYAJBVNBtoGR%2BD
OpenSsl: f0tF0ERITdKiI2SxrttYAJBVNBtoGR%2BD
Related
I used following codes to encrypt and decrypt the strings in php. I recently upgraded my server and now i can see that the codes i use is depreciated. Encryption code is hardcoded on my app so i need to decrypt on the server. Please provide the alternative to both encrypt and decrypt
Code for encryption.
function encrypt($data = '', $key = 'chiperbase65enus')
{
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, 'chiperbase65enus');
return base64_encode($encrypted);
}
And for decryption is below. I dont actually need encryption anymore but decryption is the must.
function decrypt($data = '', $key = 'chiperbase65enus')
{
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($data), MCRYPT_MODE_CBC,'chiperbase65enus');
return rtrim($decrypted, "\0");
}
$decrypted = openssl_decrypt(base64_decode($encrypted_string), "AES-128-CBC", "chiperbase65enus",OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, "chiperbase65enus");
I found the solution...
Since Mcrypt is deprecated, I want to use OpenSSL instead in my code since we already using php 7.0.17 in our server and there's no tell when they upgrade it.
Some third party API (hosted on PHP 5.x probably and using mcrypt), is taking encrypted data. They've provided methods which they are using to encrypt/decrypt strings.
Here are they
$secret = 'a0a7e7997b6d5fcd55f4b5c32611b87c' ;
public function encrypt128($str)
{
$block = mcrypt_get_block_size("rijndael_128", "ecb");
$pad = $block - (strlen($str) % $block);
$str .= str_repeat(chr($pad), $pad);
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $secret, $str, MCRYPT_MODE_ECB));
}
public function decrypt128($str)
{
$str = base64_decode($str);
$str = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $secret, $str, MCRYPT_MODE_ECB);
$len = strlen($str);
$pad = ord($str[$len - 1]);
return substr($str, 0, strlen($str) - $pad);
}
using these methods string small1 if encrypted becomes v7IXp5vVaFVXXlt/MN8BVw==
We want to use openssl_encrypt in our side such that if we encrypt same string with OpenSSL it must give same results as Mcrypt. I've researched that mcrypt using rijndael-128 Mode ecb should be compatible with OpenSSL aes-128-ecb.
For last few hours, I've been trying to make my own method to encrypt strings serving same result by using OpenSSL. So far I've come to this
public function sslEncrypt128($str)
{
$secret = 'a0a7e7997b6d5fcd55f4b5c32611b87c';
return base64_encode(openssl_encrypt($str, 'aes-128-ecb', $secret, OPENSSL_RAW_DATA));
}
But it produces different string SxJ3+EdaeItZx3/EwGTUbw== for same as above input. I don't know if it is flag's problem or padding's, any pointers will be welcome.
I've added the code here to test online https://3v4l.org/v2J2N
Thanks in advance.
Here is what worked for me:
<?php
$str = 'Content';
if (strlen($str) % 16) {
$str = str_pad($str, strlen($str) + 16 - strlen($str) % 16, "\0");
}
$key = 'KEY';
if (strlen($key) % 16) {
$key = str_pad($key, strlen($key) + 16 - strlen($key) % 16, "\0");
}
$res1 = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $str, MCRYPT_MODE_ECB);
echo strToHex($res1) . ' | mcrypt_encrypt';
echo "<hr>";
echo strToHex(openssl_decrypt($res1, "aes-128-ecb", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING)) . ' | openssl_decrypt';
echo "<hr>";
$res2 = openssl_encrypt($str, "aes-128-ecb", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);
echo strToHex($res2) . ' | openssl_encrypt';
echo "<hr>";
echo strToHex(openssl_decrypt($res2, "aes-128-ecb", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING)) . ' | openssl_decrypt';
function strToHex($string) {
$hex = '';
for ($i = 0; $i < strlen($string); $i++) {
$ord = ord($string[$i]);
$hexCode = dechex($ord);
$hex .= substr('0' . $hexCode, -2);
}
return strToUpper($hex);
}
In your specific example I've found that by changing aes-128-ecb to aes-256-ecb, it produces the same output as the legacy mcrypt_encrypt.
Most likely the key was expected to be used as hex (it already is in hex format) not as a string to be converted to hex.
mcrypt:
mcrypt does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding but the padding is being explicitly added prior to mcrypt.
The encryption v7IXp5vVaFVXXlt/MN8BVw== is the correct encryption based on PKCS#7 padding. ECB mode and the key as a string.
See: mcrypt - AES CALCULATOR.
In hex, notice the data padding is clearly visible:
key: 6130613765373939376236643566636435356634623563333236313162383763
data: 736D616C6C310A0A0A0A0A0A0A0A0A0A
encrypted: BFB217A79BD56855575E5B7F30DF0157
In Base64:
encrypted: v7IXp5vVaFVXXlt/MN8BVw==
OpenSSL:
Notice the key is 256-bits but the OpenSSL call with "aes-128-ecb" seems to imply a 128-but key. So the keys don't match.
See: OpenSSL - AES CALCULATOR
In hex, notice the data padding is clearly visible:
key: 61306137653739393762366435666364
data: 736D616C6C310A0A0A0A0A0A0A0A0A0A
encrypted: 4B1277F8475A788B59C77FC4C064D46F
In Base64:
encrypted: SxJ3+EdaeItZx3/EwGTUbw==
I have updated my php version to 7.1.
I had functions where i encrypt data using mcrypt.
Now this function is deprecated.
How can i decrypt the data anyway withoud going back to older versions of php.
This is the code i used:
public function encrypt($plaintext) {
$ivSize = mcrypt_get_iv_size(self::CIPHER, self::MODE);
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
$ciphertext = mcrypt_encrypt(self::CIPHER, $this->key, $plaintext, self::MODE, $iv);
return base64_encode($iv.$ciphertext);
}
public function decrypt($ciphertext) {
$ciphertext = base64_decode($ciphertext);
$ivSize = mcrypt_get_iv_size(self::CIPHER, self::MODE);
if (strlen($ciphertext) < $ivSize) {
throw new Exception('Missing initialization vector');
}
$iv = substr($ciphertext, 0, $ivSize);
$ciphertext = substr($ciphertext, $ivSize);
$plaintext = mcrypt_decrypt(self::CIPHER, $this->key, $ciphertext, self::MODE, $iv);
return rtrim($plaintext, "\0");
}
With Constants:
const CIPHER = MCRYPT_RIJNDAEL_128; // Rijndael-128 is AES
const MODE = MCRYPT_MODE_CBC;
I saw that it was recommended to use OpenSSL. That is what i will use from now on. But how can i decrypt the older data using this method?
Thanks
Edit:
I know i can use OpenSSL as alternative.
Thats what i am doing for the content from now on.
But i need to decrypt my mcrypted code from my old contents.
*Edit request #symcbean
Tried to decrypt with OpenSSL like this:
public function decrypt($ciphertext) {
$ciphertext = base64_decode($ciphertext);
if (!function_exists("openssl_decrypt")) {
throw new Exception("aesDecrypt needs openssl php module.");
}
$key = $this->key;
$method = 'AES-256-CBC';
$ivSize = openssl_cipher_iv_length($method);
$iv = substr($ciphertext,0,$ivSize);
$data = substr($ciphertext,$ivSize);
$clear = openssl_decrypt ($data, $method, $key, 'OPENSSL_RAW_DATA'|'OPENSSL_ZERO_PADDING', $iv);
return $clear;
}
Important thing to note is that mcrypt_encrypt zero-pads input data if it's not a multiple of the blocksize. This leads to ambiguous results if the data itself has trailing zeroes.
openssl_decrypt doesn't remove the zero-padding automatically, so you're left only with the possibility of trimming the trailing nulls.
Here's a trivial example:
$data = "Lorem ipsum";
$key = "1234567890abcdef";
$iv = "1234567890abcdef";
$encrypted = mcrypt_encrypt(
MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv);
echo bin2hex($encrypted) . "\n";
$decrypted = openssl_decrypt(
$encrypted, "AES-128-CBC", $key,
OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv);
echo var_export($decrypted, true) . "\n";
$result = rtrim($decrypted, "\0");
echo var_export($result, true) . "\n";
Output:
70168f2d5751b3d3bf36b7e6b8ec5843
'Lorem ipsum' . "\0" . '' . "\0" . '' . "\0" . '' . "\0" . '' . "\0" . ''
'Lorem ipsum'
I solved it.
Don't know if its the right way (guess not)
But connected remotely on a server with a lower php version.
Decrypted all the content and encrypted with OpenSSL.
Thanks for the suggestions!
I also had some problems decrypting data encrypted with mcrypt_encrypt with openssl_decrypt. The following small test encrypts a string with mcrypt and openssl (with added zero padding and without) and decrypts all strings with both methods. This example uses ECB mode but you can easily change this to CBC by adding an IV if needed.
// Setup key and test data
$key = hash("sha256", 'test', true);
$data = 'Hello World';
$enc = $dec = [];
// Encrypt with MCRYPT_RIJNDAEL_128 method
$enc['RIJ'] = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_ECB));
// Encrypt with OpenSSL equivalent AES-256
$enc['AES'] = base64_encode(openssl_encrypt($data, 'aes-256-ecb', $key, OPENSSL_RAW_DATA));
// Encrypt with OpenSSL equivalent AES-256 and added zero padding
if (strlen($data) % 8) $data = str_pad($data, strlen($data) + 8 - strlen($data) % 8, "\0");
$enc['AES0'] = base64_encode(openssl_encrypt($data, 'aes-256-ecb', $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING));
// Decrypt all strings with MCRYPT_RIJNDAEL_128
$dec['mRIJ'] = bin2hex(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($enc['RIJ']), MCRYPT_MODE_ECB));
$dec['mAES'] = bin2hex(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($enc['AES']), MCRYPT_MODE_ECB));
$dec['mAES0'] = bin2hex(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($enc['AES0']), MCRYPT_MODE_ECB));
// Decrypt all strings with OpenSSL equivalent AES-256
$dec['oRIJ'] = bin2hex(openssl_decrypt(base64_decode($enc['RIJ']), 'aes-256-ecb', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING));
$dec['oAES'] = bin2hex(openssl_decrypt(base64_decode($enc['AES']), 'aes-256-ecb', $key, OPENSSL_RAW_DATA));
$dec['oAES0'] = bin2hex(openssl_decrypt(base64_decode($enc['AES0']), 'aes-256-ecb', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING));
// Print results
print_r($enc);
var_dump($dec);
The print_r and var_dump output is the following:
Array
(
[RIJ] => YcvcTwAMLUMBCZXu5XqoEw==
[AES] => +AXMBwkWlgM1YDieGgekSg==
[AES0] => YcvcTwAMLUMBCZXu5XqoEw==
)
array(6) {
["mRIJ"]=>
string(32) "48656c6c6f20576f726c640000000000"
["mAES"]=>
string(32) "48656c6c6f20576f726c640505050505"
["mAES0"]=>
string(32) "48656c6c6f20576f726c640000000000"
["oRIJ"]=>
string(32) "48656c6c6f20576f726c640000000000"
["oAES"]=>
string(22) "48656c6c6f20576f726c64"
["oAES0"]=>
string(32) "48656c6c6f20576f726c640000000000"
}
If you need the same encrypted string with the openssl methods as you had with mcrypt, you'll have add the zero padding manually to the string (AES0 in the example). This way you'll get the exact same encrypted and decrypted strings as before. For some additional information about the zero padding, you should look at Joe's answer here: php: mcrypt_encrypt to openssl_encrypt, and OPENSSL_ZERO_PADDING problems
If you don't want to manually add the zero padding to all new messages, you'll need different flags for decrypting the old mcrypt-encrypted messages and the new messages encrypted with openssl. For the old messages you'll have to use the OPENSSL_ZERO_PADDING flag ($dec['oRIJ'] in the example), whereas you must not use it for the openssl encrypted messages ($dec['oAES'] in the example). In my case I used this approach, because the default behaviour of openssl seems more correct to me as the mcrypt one - if you encrypt a string with 11 bytes you get a string with 11 bytes back after decrypting it. As you can see in the example, this is not the case with mcrypt or with openssl and the added zero padding. In these cases you would have to remove the trailing zeros manually to get the original data back.
Mcrypt function has been deprecated as of PHP 7.1.0.
My deprecated string encode / decode functions:
$key: secret key
$str: string
$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $str, MCRYPT_MODE_CBC, md5(md5($key))));
$decoded = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($str), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
Can you suggest some alternatives?
You should use openssl_encrypt instead.
Consider using defuse or RNCryptor, they provide a complete solution, are being maintained and is correct.
For MCRYPT_RIJNDAEL_256 I posted a full answer for PHP7.3 here: https://stackoverflow.com/a/53937314/243782
snippet:
works like this with the phpseclib library
$rijndael = new \phpseclib\Crypt\Rijndael(\phpseclib\Crypt\Rijndael::MODE_ECB);
$rijndael->setKey(ENCRYPT_KEY);
$rijndael->setKeyLength(256);
$rijndael->disablePadding();
$rijndael->setBlockLength(256);
$decoded = $rijndael->decrypt($term);
echo encrypt_openssl($str, $key);
function encrypt_openssl($msg, $key, $iv = null) {
$iv_size = openssl_cipher_iv_length('AES-256-CBC');
if (!$iv) {
$iv = openssl_random_pseudo_bytes($iv_size);
}
$encryptedMessage = openssl_encrypt($msg, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedMessage);
}
mcrypt may be removed in PHP 7.1 alternative openssl
As mentioned above, open_ssl is a good alternative for mcrypt.
The only problem I had with open_ssl, is that it cannot be used for large strings.
I wrote a script (static class), which overcomes this problem (large strings are split up in chunks and encrypted/decrypted separately in the background).
See public gist:
https://gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba
$key = "12345678876543211234567887654321";
$iv = "1234567887654321";
$plaindata = "String to be encrypted.";
$enc = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaindata, MCRYPT_MODE_CBC, $iv));
echo($enc);
Output:
EIZDQJWOIepUeNjFL2wl3RYA5bDmFd05Xu6z4e0aiWQ=
How this could be decrypted in Perl???
Looks like you'll need a combination of MIME::Base64 and MCrypt.
There is a package in cpan .. MCrypt
http://search.cpan.org/perldoc?MCrypt
Check this out