PHP openssl_encrypt not always decryptable with C++

PHP openssl_encrypt not always decryptable with C++ - php

I have a function which encrypts certain strings for transfer to my client application in C++. The function I use in PHP to generate the encrypted string:
<?php
echo EncryptForTransfer("This is a test"); //returns: l4/r5AUDTrPTlIfVyG0=DJKlty0VgWPSNsM2XbzkOZ79ivQA2eBWTd18FKVfgslM6UmP
function EncryptForTransfer($EncryptMe) {
$Key = random_string(32);
$IV = random_string(16);
return openssl_encrypt($EncryptMe, "AES-256-CFB", (string)$Key, false, $IV).$IV.$Key;
}
?>
However, when I try to decrypt this result in C++ with the functions shown underneath, it is not returning me the string correctly (missing last parts).
int Decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) {
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cfb(), NULL, key, iv)) {
handleErrors();
}
if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) {
handleErrors();
}
plaintext_len = len;
if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) {
handleErrors();
}
plaintext_len += len;
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
string DecryptFromTransfer(string DecryptMe) {
long long DecryptFromTransferLength = DecryptMe.length();
string TransferKey = DecryptMe.substr(DecryptFromTransferLength - 32, 32);
string TransferIV = DecryptMe.substr(DecryptFromTransferLength - 32 - 16, 16);
string DecryptMeOriginal = DecryptMe.substr(0, DecryptFromTransferLength - 32 - 16);
return DecryptThis(DecryptMeOriginal, TransferKey, TransferIV);
}
cout << DecryptFromTransfer("l4/r5AUDTrPTlIfVyG0=DJKlty0VgWPSNsM2XbzkOZ79ivQA2eBWTd18FKVfgslM6UmP"); //returns: This is
Please note that for some strings the decryption in C++ works correctly. However, for other strings the output is as stated above, only partially decrypted and missing the last parts. Maybe it is some kind of padding issue since some strings are decrypted correctly? So, what is wrong with my code?
The used string in the code above is just an example string to clarify the issue.

Related

PHP AES-128-CTR has different output than GoLang and NodeJs

Can't figure out how does PHP openssl_encrypt work, and cannot reproduce its output in GoLang and NodeJs, here's a simplified code in PHP - outputs hvAB:
<?php
$string = 'aaa';
$cipher = "AES-128-CTR";
$options = 0;
$encryption_iv = '1234567890123456';
$encryption_key = 'bc7316929fe1545bf0b98d114ee3ecb8';
$encryption = openssl_encrypt($string, $cipher, $encryption_key, $options, $encryption_iv);
echo $encryption; // hvAB
In GoLang, assuming key must be hex decoded to get the desired length of 16 so that AES 128 will be used - outputs PQ5k:
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"encoding/hex"
"fmt"
)
func main() {
plainText := "aaa"
fmt.Println(encryption(plainText)) // PQ5k
}
func encryption(plainText string) string {
bytes := []byte(plainText)
blockCipher := createCipher()
stream := cipher.NewCTR(blockCipher, []byte("1234567890123456"))
stream.XORKeyStream(bytes, bytes)
return base64.StdEncoding.EncodeToString(bytes)
}
func createCipher() cipher.Block {
key, _ := hex.DecodeString("bc7316929fe1545bf0b98d114ee3ecb8")
block, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
return block
}
And in NodeJs - outputs PQ5k:
var crypto = require('crypto');
var algorithm = 'aes-128-ctr';
function encrypt(text, password) {
const key = Buffer.from(password, "hex").slice(0, 16);
const ivBuffer = Buffer.from("1234567890123456");
const cipher = crypto.createCipheriv(algorithm, key, ivBuffer);
let encrypted = cipher.update(text,'utf8','base64') + cipher.final('base64')
console.log(encrypted) // PQ5k
}
encrypt('aaa', 'bc7316929fe1545bf0b98d114ee3ecb8');
Thought it's an encoding issue at first, but I think that's correct - openssl_encrypt will return base64 value. I need to translate the PHP variant into GoLang, but an example in (almost) any other language will be much appreciated.

In the PHP code, the key is not hex decoded, but is a binary string that is 32 bytes in size and thus too large for AES-128.
PHP/OpenSSL implicitly truncates the key by considering only the first 16 bytes.
In Go simply use key := []byte("bc7316929fe1545b")
In NodeJS: const key = Buffer.from("bc7316929fe1545b", "utf8") to get the PHP result.
Conversely, in the PHP code the key can also be hex decoded using hex2bin().

Here c/c++ version, but output is not yet the same with golang/nodejs.
#include <openssl/aes.h>
#include <stdio.h>
#include <string.h>
int main() {
AES_KEY aes_key;
unsigned char key[AES_BLOCK_SIZE] = {0xbc, 0x73, 0x16, 0x92, 0x9f, 0xe1, 0x54, 0x5b, 0xf0, 0xb9, 0x8d, 0x11, 0x4e, 0xe3, 0xec, 0xb8 };
unsigned char iv[AES_BLOCK_SIZE] = {1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6};
unsigned char ecount[AES_BLOCK_SIZE]; memset( ecount, 0, 16 );
unsigned int num = 0 ;
const char *x = "aaa";
unsigned char out[16];
AES_set_encrypt_key(key, 128, &aes_key);
AES_ctr128_encrypt( (const unsigned char *) x, out, AES_BLOCK_SIZE, &aes_key, iv, ecount, &num);
for (int k = 0; k < 3; k++) printf("%02x", out[k]); // c9aa18
printf( "\n");
return 0;
}
// g++ -o aes-simple aes-simple.cpp -I/usr/local/ssl/include -L/usr/local/ssl/lib -g -lcrypto

Different result of aes encryption c++ and php

I'm going to implement AES encryption between CPP and PHP. But the result of each of them is different with each other and therefore they cannot decode each other. I use the OpenSsl library for encryption.
my php code:
$key = '1234567890123456';
$iv = '1234567890123456';
$enc = openssl_encrypt("hello wolrd", 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
$decrypted = openssl_decrypt($enc, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
and result: ��.�+'W�x�#�
my cpp code:
int aes_encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
unsigned char *iv, unsigned char *ciphertext)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the encryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
handleErrors();
ciphertext_len = len;
/*
* Finalise the encryption. Further ciphertext bytes may be written at
* this stage.
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
handleErrors();
ciphertext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
int aes_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
unsigned char *iv, unsigned char *plaintext)
{
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary.
*/
if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
handleErrors();
plaintext_len = len;
/*
* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
handleErrors();
plaintext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
/* A 256 bit key */
unsigned char *key = (unsigned char*)"1234567890123456";
/* A 128 bit IV */
unsigned char *iv = (unsigned char*)"1234567890123456";
/* Message to be encrypted */
unsigned char *plaintext = (unsigned char*)"hello wolrd";
/* Buffer for ciphertext. Ensure the buffer is long enough for the
* ciphertext which may be longer than the plaintext, dependant on the
* algorithm and mode
*/
unsigned char ciphertext[256];
/* Buffer for the decrypted text */
unsigned char decryptedtext[256];
int decryptedtext_len, ciphertext_len;
printf("Plaintext is:\n%s\n", plaintext);
/* Encrypt the plaintext */
ciphertext_len = aes_encrypt(plaintext, strlen((const char*)plaintext), key, iv,
ciphertext);
/* Do something useful with the ciphertext here */
printf("Ciphertext is %d bytes long:\n", ciphertext_len);
BIO_dump_fp(stdout, (const char*)ciphertext, ciphertext_len);
/* Decrypt the ciphertext */
decryptedtext_len = aes_decrypt(ciphertext, ciphertext_len, key, iv,
decryptedtext);
/* Add a NULL terminator. We are expecting printable text */
decryptedtext[decryptedtext_len] = '\0';
and result: �'^{�'ی�u�E��##�s
what is the problem?

what is the issue with encryption in c++ and decryption in php

Here, I have c++ program which encodes the string and I have to decrypt in php. I have verified that the key and the iv are same in both programs, still getting false in openssl_decrypt() command.
int main(int argc, char** args)
{
unsigned char *salt = (unsigned char*)"12345678";
unsigned char *data = (unsigned char*)"123456789123450";
unsigned int count = 5;
int dlen = strlen((char*)data);
unsigned int ksize = 16;
unsigned int vsize = 12;
unsigned char *key = new unsigned char[ksize];
unsigned char *iv = new unsigned char[vsize];
int ret = EVP_BytesToKey( EVP_aes_128_gcm() , EVP_sha1(), salt, data, dlen, count, key, iv);
const EVP_CIPHER* m_cipher = EVP_aes_128_gcm();
EVP_CIPHER_CTX* m_encode;
EVP_CIPHER_CTX* m_decode;
if (!(m_encode = EVP_CIPHER_CTX_new()))
cout << "ERROR :: In encode Initiallization"<< endl;
EVP_EncryptInit_ex(m_encode, m_cipher, NULL, key, iv);
if (!(m_decode = EVP_CIPHER_CTX_new()))
cout << "ERROR :: In decode Initiallization"<< endl;
EVP_DecryptInit_ex(m_decode, m_cipher, NULL, key, iv);
unsigned char* plain = (unsigned char*)"My Name IS DON !!!";
int len = strlen((char*)plain);
unsigned char* encData = new unsigned char[len];
int c_len = len;
int f_len = 0;
EVP_EncryptInit_ex(m_encode, NULL, NULL, NULL, NULL);
EVP_EncryptUpdate(m_encode, encData, &c_len, plain, len);
EVP_EncryptFinal_ex(m_encode, encData + c_len, &f_len);
len = c_len + f_len;
cout << string( encData, encData + len)<< endl;
}
And the following is decryption code in php. "./abc_enc.txt" contains encryption string of c++ code. As I mentioned above I am getting same key and iv for both programs but openssl_decrypt function returns false. Can someone figure out what is the mistake?
<?
function EVP_BytesToKey($salt, $password) {
$ivlen = 12;
$keylen = 16;
$iterations = 5;
$hash = "";
$hdata = "";
while(strlen($hash)<$ivlen+$keylen)
{
$hdata .= $password.$salt;
$md_buf = openssl_digest($hdata, 'sha1');
for ($i = 1; $i < $iterations; $i++) {
$md_buf = openssl_digest ( hex2bin($md_buf),'sha1');
}
$hdata = hex2bin($md_buf);
$hash.= $hdata;
}
return $hash;
}
function decrypt($ivHashCiphertext, $password) {
$method = "aes-128-gcm";
$salt = "12345678";
$iterations = 5;
$ivlen = openssl_cipher_iv_length($method);
$ciphertext = $ivHashCiphertext;
$genKeyData = EVP_BytesToKey($salt, $password);
$keylen = 16;
$key = substr($genKeyData,0,$keylen);
$iv = substr($genKeyData,$keylen,$ivlen);
//var_dump($key);
//var_dump($iv);
$ret = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
var_dump($ret);
return $ret;
}
$file = './abc_enc.txt';
$fileData = (file_get_contents($file));
$encrypted = $fileData;
$decrypted = decrypt($encrypted, '123456789123450');
?>

The GCM-mode provides both, confidentiality and authenticity. To verify authenticity the GCM-mode uses an authentication tag and defines a length between incl. 12 and 16 Byte for the tag. The authentication strength depends on the length of the tag, i.e. the longer the tag, the more secure the proof of authenticity.
However, in the current C++-code the authentication tag is not determined! This means that one of the main functionalities of the GCM-mode, authentication, is not used.
While the decryption in C++ using EVP is independent from the authentication (this means that the decryption is also performed even if the authentication tags differ), the decryption in PHP using openssl_decrypt is only done if the authentication is successful, i.e. in PHP the authentication tag is mandatory for decryption. Therefore, the authentication tag must be determined in the C++-code. For this purpose, the following code must be added after the EVP_EncryptFinal_ex-call:
unsigned int tsize = 16;
unsigned char *tag = new unsigned char[tsize];
EVP_CIPHER_CTX_ctrl(m_encode, EVP_CTRL_GCM_GET_TAG, tsize, tag);
Here a tagsize of 16 Byte is used. In addition, the authentication tag must be used in the PHP-code for decryption. This is done by passing the authentication tag as the 6th parameter of the openssl_decrypt-method:
$ret = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv, $tag);
Decryption can only be performed if the tag used for decryption matches the tag used for encryption.
For the data in the posted example the C++-code generates the following authentication tag (as hexadecimal string):
f7c18e8b99587f3063383d68230c0e35
Finally, a more detailed explanation for AES-GCM with OpenSSL can be found here for encryption and decryption (including the consideration of the authentication tag).

In short
I'm neither an openSSL nor a PHP specialist. But at first sight, it appears that you might experience problems because you read and write binary data using files in text mode.
More infos about the potential problem
The encrypted data resulting from your C++ code is binary data. Your code does not show how you write the file. But unless you explicitly request the file to be in binary mode, you will get a file in text mode.
This might cause multiple issues when writing the data, since text mode allows for OS-dependent transformations to happen. Typical examples are characters with value 0x0A (new lines), skipping trailing 0x20 (space character), adding a 0x0A at the end of the file if there isn't and similar undesired transformation.
Your PHP code might open the file in an incompatible default mode, which might add further transformation if it's text mode, or avoid reverting transformations if it's binary.
This means that in the end, the string you try to decode might not be the original encrypted string !
How to solve it ?
First inspect with a binary editor the content of the file to see if it matches the expectations. Or check the expected length of the encrypted source data, the length of the file, and the length of the loaded content. If they all match, my answer is not relevant.
If it is relevant, or if you intend sooner or later to allow cross platform exchanges (e.g. windows client communicating with a linux server), then you could:
either add the necessary statements to use binary mode on both sides.
or add a Base64 encoding to transform binary into a robust ascii string on the writing side, and retransforming Base64 into binary on the reading side (openssl provides for base64 encoding and PHP has everything needed as well)

c++ to php translation, decryption function

So, I'm trying to translate a piece of C++ code to php.
The C++ is from a external source, and my knowledge of both C++ and decryption is lacking, to say the least.
The source C++ is:
void parser_t::decrypt(buffer_t &replay_data, const unsigned char *key_data) {
/*\
|*| Performs an in place decryption of the replay using the given key.
|*| The decryption is a (broken) variant of CBC decryption and is performed as follows:
|*| -# Set the variable previous_block (with size of 16 bytes) to 0
|*| -# Decrypt a block with the given key
|*| -# XOR the block with the previous (decrypted) block
|*| -# Go back to step 2, until there are no more blocks.
\*/
BF_KEY key = {{0}};
BF_set_key(&key, 16, key_data);
const int block_size = 8;
size_t padding_size = (block_size - (replay_data.size() % block_size));
if (padding_size != 0) {
size_t required_size = replay_data.size() + padding_size;
replay_data.resize(required_size, 0);
}
unsigned char previous[block_size] = {0};
for (auto it = replay_data.begin(); it != replay_data.end(); it += block_size) {
unsigned char decrypted[block_size] = { 0 };
BF_ecb_encrypt(reinterpret_cast<unsigned char*>(&(*it)), decrypted, &key, BF_DECRYPT);
std::transform(previous, previous + block_size, decrypted, decrypted, std::bit_xor<unsigned char>());
std::copy_n(decrypted, block_size, previous);
std::copy_n(decrypted, block_size, reinterpret_cast<unsigned char*>(&(*it)));
}
if (padding_size != 0) {
size_t original_size = replay_data.size() - padding_size;
replay_data.resize(original_size, 0);
}
}
What I have got so far:
function decrypt($data){ // $data is a encrypted string
$key = array(0xDE, <.....>, 0xEF); // (16 entries in the array)
//BF_KEY key = {{0}}; // ?
//BF_set_key(&key, 16, key_data); // ?
$block_size = 8;
$padding_size = ($block_size - (strlen($data) % $block_size));
if ($padding_size != 0) {
$required_size = strlen($data) + $padding_size;
//replay_data.resize(required_size, 0);
// Seems unnecessary in php? string lengths are pretty dynamic.
}
$keyString = '';
for($i = 0; $i < count($key); $i++){
$keyString .= chr($key[$i]);
}
$output = '';
for ($i = 0; $i < stlen($data); $i += $block_size) {
$char = array(0, 0, 0, 0, 0, 0, 0, 0); // ?
$decrypted_piece = mcrypt_decrypt(MCRYPT_BLOWFISH, $keyString, $data, "cbc"); // ??
// And this is where I completely get lost.
$output = transform($in, $start, $end, $in2);
}
}
function transform($in, $start, $end, $in2){
$out = ''; // Yea, that won't work...
for($x = $start; $x < $end; $x++){
$out[$x] = $in[$x] ^ $in2[$x];
}
return $output
}
I realize I'm basically asking you guys to do something for me, but I'm really stuck at the contents of that for (auto it....
Hints / explanations that'd really help me along would be:
What does BF_ecb_encrypt do in this case? (In pseudocode or even php?) (slaps self on fingers. "don't ask for finished products")
Am I on the right track with the translation of the transform?
What is {{0}}, BF_set_key(&key, 16, key_data);?
What is reinterpret_cast<unsigned char*>(&(*it))?
I did get a look at these documentation pages, but to no avail:
php mcrypt-decrypt
BF_ecb_encrypt
C++ transform
The full source is available on github.
This specific code comes from src/parser.cpp

The "broken variant of CBC decryption" that the original code is doing can, equivalently, be described as ECB decryption followed by (cumulatively) XORing each plaintext block with the previous one.
For the XOR, you don't need anything fancy: the PHP bitwise XOR operator can operate on strings.
Thus, a simple PHP version of your C++ code could look something like this (warning: untested code):
function decrypt( $ciphertext, $key ) {
$plaintext = mcrypt_decrypt( MCRYPT_BLOWFISH, $key, $ciphertext, "ecb" );
$block_size = 8; // Blowfish block size = 64 bits = 8 bytes
$blocks = str_split( $plaintext, $block_size );
$previous = str_repeat( "\0", $block_size );
foreach ( $blocks as &$block ) {
$block ^= $previous;
$previous = $block;
}
return implode( $blocks );
}
Note that I haven't implemented any padding for truncated last blocks; there's something very screwy about the padding handling in the original code, and I don't see how it could possibly correctly decrypt messages whose length is not divisible by 8 bytes. (Does it, actually?) Rather than try to guess what the heck is going on and how to translate it to PHP, I just chose to ignore all that stuff and assume that the message length is divisible by the block size.

What does BF_ecb_encrypt do in this case?
BF_ecb_encrypt() is a function for encrypting using blowfish. The PHP equivalent (as previously mentioned by Ilmari Karonen) is $plaintext = mcrypt_decrypt( MCRYPT_BLOWFISH, $key, $ciphertext, "ecb" );
What is reinterpret_cast(&(*it))?
BF_ecb_encrypt() expects it's first parameter to be a unsigned char*. reinterpret_cast<unsigned char*>(&(*it)) is a type cast, casting 'it' into a unsigned char*. 'it' is an iterator of an unspecified type (at least in the code provided) and the keyword 'auto' is used to initialize 'it' as the correct type automatically. reinterpret_cast<unsigned char*>(&(*it)) is then used to convert it unsigned char* automatically.
What is {{0}}, BF_set_key(&key, 16, key_data);?
This is used to initialize BF_KEY 'key', and then set the key using the value of key_data. This has no PHP equivalent, mcrypt will set the key internally.
Am I on the right track with the translation of the transform?
By the looks of it, the C++ version handles padding in an odd way. This could be intentional to throw a wrench into cracking attempts. Translating into PHP is not really possible unless you fully understand the algorithm of the original C++ - not just the encryption algo, but the full process being used, including pre and post encryption.
Have you considered making a simple PHP extension using the existing C/C++ code rather than converting to PHP? This should be very strait forward, much easier than converting a more complicated algorithm from C++ into PHP. The existing code can more or less be copy-pasted into an extension, with buffer_t &replay_data likely being registered as a PHP resource.

Would this be helpful, using the php-cpp library (see http://www.php-cpp.com):
/**
* Decrypt function made accessible from PHP
*/
/**
* Dependencies
*/
#include <phpcpp.h>
#include <openssl/blowfish.h>
#include <algorithm>
/**
* Define buffer_t to be a vector
*/
typedef std::vector<uint8_t> buffer_t;
/**
* Function that should be ported to PHP
* #param data
* #param key_data
*/
static void decrypt(std::string &replay_data, const unsigned char *key_data) {
/*\
|*| Performs an in place decryption of the replay using the given key.
|*| The decryption is a (broken) variant of CBC decryption and is performed as follows:
|*| -# Set the variable previous_block (with size of 16 bytes) to 0
|*| -# Decrypt a block with the given key
|*| -# XOR the block with the previous (decrypted) block
|*| -# Go back to step 2, until there are no more blocks.
\*/
BF_KEY key = {{0}};
BF_set_key(&key, 16, key_data);
const int block_size = 8;
size_t padding_size = (block_size - (replay_data.size() % block_size));
if (padding_size != 0) {
size_t required_size = replay_data.size() + padding_size;
replay_data.resize(required_size, 0);
}
unsigned char previous[block_size] = {0};
for (auto it = replay_data.begin(); it != replay_data.end(); it += block_size) {
unsigned char decrypted[block_size] = { 0 };
BF_ecb_encrypt(reinterpret_cast<unsigned char*>(&(*it)), decrypted, &key, BF_DECRYPT);
std::transform(previous, previous + block_size, decrypted, decrypted, std::bit_xor<unsigned char>());
std::copy_n(decrypted, block_size, previous);
std::copy_n(decrypted, block_size, reinterpret_cast<unsigned char*>(&(*it)));
}
if (padding_size != 0) {
size_t original_size = replay_data.size() - padding_size;
replay_data.resize(original_size, 0);
}
}
/**
* The PHP function that will take care of this
* #param parameters
* #return Value
*/
static Php::Value php_decrypt(Php::Parameters &params)
{
// check number of parameters
if (params.size() != 2) throw Php::Exception("2 parameters expected");
// read in the parameters
std::string replay_data = params[0];
std::string key_data = params[1];
// decrypt it
decrypt(replay_data, (const unsigned char *)key_data.c_str());
// return the result
return replay_data;
}
/**
* Symbols are exported according to the "C" language
*/
extern "C"
{
// export the "get_module" function that will be called by the Zend engine
PHPCPP_EXPORT void *get_module()
{
// create extension
static Php::Extension extension("my_decrypt","1.0");
// add custom function
extension.add("my_decrypt", php_decrypt);
// return the extension module
return extension.module();
}
}
You can compile the code using the following command:
g++ -std=c++11 -fpic -shared my_decrypt.cpp -o my_decrypt.so -lphpcpp
The my_descript.so should be copied to you PHP extensions directory, and an "extension=my_decrypt.so" line should be added to your php.ini.

AES | Encrypt with OpenSSL, decrypt with mcrypt

I am using the following function to encrypt my data via the OpenSSL Library in Qt:
QByteArray Crypto::Encrypt(QByteArray source, QString password)
{
EVP_CIPHER_CTX en;
unsigned char *key_data;
int key_data_len;
QByteArray ba = password.toLatin1();
key_data = (unsigned char*)ba.data();
key_data_len = strlen((char*)key_data);
int nrounds = 28;
unsigned char key[32], iv[32];
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), NULL, key_data, key_data_len, nrounds, key, iv);
QByteArray bkey = reinterpret_cast<const char*>(key) //EDIT: Contains the key afterwards
QByteArray biv = reinterpret_cast<const char*>(iv) //EDIT: Is Null afterwards
EVP_CIPHER_CTX_init(&en);
EVP_EncryptInit_ex(&en, EVP_aes_256_cbc(), NULL, key, iv);
char *input = source.data();
char *out;
int len = source.size();
int c_len = len + 16, f_len = 0;
unsigned char *ciphertext = (unsigned char *)malloc(c_len);
EVP_EncryptInit_ex(&en, NULL, NULL, NULL, NULL);
EVP_EncryptUpdate(&en, ciphertext, &c_len, (unsigned char *)input, len);
EVP_EncryptFinal_ex(&en, ciphertext+c_len, &f_len);
len = c_len + f_len;
out = (char*)ciphertext;
EVP_CIPHER_CTX_cleanup(&en);
return QByteArray(out, len);
}
"source" is in that case "12345678901234567890123456789012abc".
"password" is "1hA!dh==sJAh48S8Ak!?skiitFi120xX".
So....if I got that right, then EVP_BytesToKey() should generate a key out of the password and supplied data to decrypt the string with later.
To Base64-Encoded that key would be: "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE="
I don't use a salt, so no IV (should be null).
So QByteArray bkey in Base64 leaves me with "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE="
QByteArray bvi is giving me Null
The encryptet text is "CiUqILbZo+WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr".
Now I am using the following PHP function to decrypt the ciphertext with the generated key again:
<?php
function decrypt_data($data, $iv, $key) {
$cypher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
//if(is_null($iv)) {
// $ivlen = mcrypt_enc_get_iv_size($cypher);
// $iv = substr($data, 0, $ivlen);
// $data = substr($data, $ivlen);
//}
// initialize encryption handle
if (mcrypt_generic_init($cypher, $key, $iv) != -1) {
// decrypt
$decrypted = mdecrypt_generic($cypher, $data);
// clean up
mcrypt_generic_deinit($cypher);
mcrypt_module_close($cypher);
return $decrypted;
}
return false;
}
$ctext = "CiUqILbZo+WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr";
$key = "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE=";
$res = decrypt_data(base64_decode($ctext), null, base64_decode($key));
echo $res;
?>
Now I'd expect a response like "12345678901234567890123456789012abc".
What I get is "7890123456789012abc".
My string seems to be decrypted in the right way, but it's cut in half and only the last 19 characters are displayed.
Can someone please help me with that?
I'm new to encryption and can't really figure out where exactly I went wrong.

This is probably because of a misinterpretation from your part. You say:
I don't use a salt, so no IV (should be null).
But there is no reason at all why that would be the case. The EVP_BytesToKey method provided both a key and an IV. The key is obviously correct, but the IV is not. This will result in random characters in your plain text (the IV only changes the first block). As this block will likely contain control characters and what more, it may not display well.
Remember that a salt and IV may have a few things in common (should not be repeated, can be public etc.) but that they are entirely different concepts in cryptography.
Please try again with your Qt code, and this time print out the IV as well as the key...

I solved the problem with the empty initialisation vector by trial and error now, though I have no clue why the following was a problem at all.
Maybe someone can explain that to me.
Changing the line: int nrounds = 28; did the trick.
If i put any other number than 28 in there, an IV is generated and when I use it afterwards in mcrypt the ciphertext is decrypted in the correct way.
Why was it a problem to generate the key with 28 rounds with the openssl-function EVP_BytesToKey()?
I reduced it to 5 rounds now, but I'm curious whether this problem might happen again with a password-rounds-combination that has the possibility to generate such a Null-IV.
I don't realy know how the process of the IV generation is handled in this function.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.