I have written a PHP code which take list id from get request and encrypt and return. This working fine when I run from command prompt in ubuntu but giving single same output every time when I am trying it from URL request. Its also not giving single error. cant understand. Any one can help ?
<?php
if( $_GET["list"]) {
$encryptionMethod = "AES-256-CBC";
$api_key ="2lYVdI37JfbUgys5kOAu";
$encrypted = version_compare(PHP_VERSION, '5.3.3') >= 0 ? openssl_encrypt($in, $encryptionMethod, $api_key, 0, '3j9hwG7uj8uvpRAT') : openssl_encrypt($in, $encryptionMethod, $api_key, 0);
$encrypted = str_replace('/', '892', $encrypted);
$encrypted = str_replace('+', '763', $encrypted);
$encrypted = str_replace('=', '', $encrypted);
echo $encrypted;
exit();
}
?>
Thanks in Advance.!
Got it. THanks #Volkerk.
I have assigned value and got it worked.
Thanks a Lot.
Related
thanks so much for reading.
I did so much research on this topic but did not get any further.
I have to decode data in PHP. This is the specification of the encryption (and there is no more specification to get from the encryptor):
keylength = 256
algorithm = AES/CBC/PKCS5Padding
keyspec = PBKDF2withHmacSHA1
iterations = 5000
What I also got, is a key, 49 characters long for decryption.
Each encrypted message is provided in an Array and it's base64 encoded
Example data:
$data = [
"iv" => "DoJQNS0WZRtWB...",
"salt" => "zkcHInm4ewweKG81...",
"encrypted_data" => "30MTuQEW4sVc3...",
];
I tried this:
$password = "supersecretkey";
$salt = base64_decode($data['salt']);
$iterations = 5000;
$key_length = 32;
$is_raw_output = true;
$key = hash_pbkdf2("sha1", $password, $salt, $iterations, $key_length, true);
$iv = base64_decode($data['iv']);
$encstr = base64_decode($data['encrypted_data']);
$output = openssl_decrypt($encstr, 'AES-256-CBC', $key, OPENSSL_ZERO_PADDING, $iv);
var_dump($output);
var_dump(openssl_error_string());
what I get here is
bool(false)
string(94) "error:0606508A:digital envelope routines:EVP_DecryptFinal_ex:data not multiple of block length"
I'm not sure if this is the correct approach. I tried also decoding directly without using the hash_pbkdf2 function but all I receive then is garbage.
So if I just use this
$key = "supersecretkey";
$iv = base64_decode($data['iv']);
$encstr = base64_decode($data['encrypted_data']);
$output = openssl_decrypt($encstr, 'AES-256-CBC', $key, OPENSSL_ZERO_PADDING| OPENSSL_RAW_DATA, $iv);
then I just get garbage data like
*+�l��_�y9�{(kNF7��gص��[Se!Y
I would appreciate any help on this topic as I already spent a lot of hours and read tons of documentation.
Unfortunately I do not get any more support from the entity that sends the encrypted data.
Thanks in advance!
Hi thanks all for helping me out.
The correct solution to this problem is below.
Obviously we were sent an incorrect encryption key. They generated a new one - but they insisted that the old one was correct - and then it worked like charm!
Thanks again.
$salt = base64_decode($datasend['salt']);
$iterations = 5000;
$key_length = 32;
$key = hash_pbkdf2("sha1", $e2ekey, $salt, $iterations, $key_length, true);
$iv = base64_decode($datasend['iv']);
$encstr = base64_decode($datasend['encryptedMessage']);
$datasend = openssl_decrypt($encstr, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
$datasend = json_decode($datasend,true);
I have the following decrypted message, which has previously been encrypted using AES-256-CBC
240dcbefc0f82fadc00ef8494488aaa81400000c2def01e79fec6c4d9a822358dd8a910cac606e8afcb607793cb442093a56b7b40b0b0b0b0b0b0b0b0b0b0b0b
I derive the following 20 BYTE HMAC from this message:
dd8a910cac606e8afcb607793cb442093a56b7b4
My goal is to re-create this HMAC using PHP, I attempt with the following code:
$iv = hex2bin('240dcbefc0f82fadc00ef8494488aaa8'); // random iv - first 16 bytes of the message
$message = hex2bin('1400000c2def01e79fec6c4d9a822358'); // the actual message being decrypted - next 16 bytes
$key = hex2bin('b109124b62e2c8b8248e9865990325fddcc61143'); // encryption key
$hmac = hash_hmac('sha1', $iv.$message, $key);
print($hmac); // 03634ba3f4a0c854a0b791d27f331ecdfad1e87e
$attempt2 = hash('sha256', $iv.$message, true);
$hmac = hash_hmac('sha1', $attempt2, $key);
print($hmac); // 39ad1fb94ab251cdaf3f21cf8673e070733f4e16
I know I'm missing something but I'm struggling to understand the HMAC process as it's very confusing to me. Any help or advise is appreciated, thanks.
I found a solution on a random blog post online :D
here is what worked for me:
function check_mac($seq, $type, $msg, $key) {
$SequenceNumber = pack("NN", 0, $seq);
$Type = pack("Cnn", $type, 0x0303, strlen($msg));
$data = $SequenceNumber . $Type . $msg;
$calculated_mac = hash_hmac("sha1", $data, $key, true);
print(bin2hex($calculated_mac) . "\n");
}
Also, the IV does not need to be included, just the message by itself as the $msg variable
Blog Post:
https://adayinthelifeof.nl/2013/12/30/decoding-tls-with-php/
I managed to make a code to encrypt and decrypt data in AES-CCM in PHP language. This code retrieves data, sends it to a server and adds it to a database via post URL. But if someone has access to the URL and sends it several times to the server, it will add data to the database each time.
Is there a simple way to prohibit this URL after one adding data?
Edit : I think I will add date and hour in the encryption part. Then when I will receive data, I will check date and hour with +-1min. And check if I have not already receive this message.
What do you think about this solution?! Is that easy is to crack it?!
This is my code (Fisrt part) :
$algo = 'aes-128-ccm';
$iv = random_bytes(openssl_cipher_iv_length($algo));
$key = "cd9344040aa9f9217871d46ee871c59c";
$data = '00000000010-3b57af';
$ciphertext = openssl_encrypt(
$data,
$algo,
$key,
OPENSSL_RAW_DATA,
$iv,
$tag
);
$ciphertext = bin2hex($ciphertext);
$iv = bin2hex($iv);
$tag = bin2hex($tag);
echo'"decrypte"';
?>
The second part :
$algo = 'aes-128-ccm';
$key = "cd9344040aa9f9217871d46ee871c59c";
$ciphertext = hex2bin($_GET['data']);
$iv = hex2bin($_GET['iv']);
$tag = hex2bin($_GET['tag']);
$decrypt = openssl_decrypt(
$ciphertext,
$algo,
$key,
OPENSSL_RAW_DATA,
$iv,
$tag
);
if (false === $decrypt) {
throw new Exception(sprintf(
"OpenSSL error: %s", openssl_error_string()
));
}
I have a small problem with php mcrypt_decrypt function. Firstly, I use a 16-byte string, and encrypt it using mcrypt_encrypt; then, I use base64_encode, and put the output to mcrypt_decrypt, in order to get the initial string.
But the output is not what's expected. I checked that my base64 decoded string input for decoding is the exact output produced by mcrypt_decrypt. Here is my code:
//encrypt
$str="KKQT9W4st7vmdkps";
$key="43625A8C1E4330BDF84DDEE3DD105037";
$block = mcrypt_get_block_size('rijndael_128', 'ecb');
$passcrypt=mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $str, MCRYPT_MODE_ECB);
echo $passcrypt;
That outputs PTfZ6Ephh8LTxXL4In33Og==. The decryption script is the following:
//decrypt
$str='PTfZ6Ephh8LTxXL4In33Og==';
$key='43625A8C1E4330BDF84DDEE3DD105037';
$str = base64_decode($str);
$str = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
$str, MCRYPT_MODE_ECB,''),"\0");
$block = mcrypt_get_block_size('rijndael_128', 'ecb');
echo $str;
And the output is not KKQT9W4st7vmdkps, but -nγ kk7Ζn’T instead. Any ideas? I'm using XAMPP and Apache server.
Thx guys for the feedback it was a silly mistake that i made...actually 'PTfZ6Ephh8LTxXL4In33Og==' was wrong in the decrypt function cause "I" was "l" in the end...so the decryption was not correct...but it was not my fault either since I was getting this string from a QR CODE scanner and both "I" and "l" are displayed the same...
For encryption, you need to:
1) Create an encryption resource
$str = "KKQT9W4st7vmdkps";
$key = "43625A8C1E4330BDF84DDEE3DD105037";
$r = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_ECB, '');
2) Randomly create encryption vector based on the size of $r
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($r),MCRYPT_RAND);
3) Initiliazing module using the resource,key and string vector
mcrypt_generic_init($r,$key,$iv);
4) Encrypt data/string using resource $r
$encrypted = mcrypt_generic($r,$str);
5) Encode it using base64_encode
$encoded = base64_encode($encrypted);
if(!mcrypt_generic_deinit($r) || !mcrypt_module_close($r))
$encoded = false;
6) Echoing it
echo 'Encrypted: '.$encoded;
For decryption, it's like a reverse process of encrypt
//Using the same enrypted string
$decoded = (string) base64_decode(trim($encoded));
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_ECB, '');
$ivs = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key, $ivs);
$decoded = (string) trim(mdecrypt_generic($td, $decoded));
if(!mcrypt_generic_deinit($td) || !mcrypt_module_close($td))
$decoded = false;
Echoing it
echo 'Decrypted: '. $decoded;
Hope this helps. More info here.
I need to decode a 3des string in a php and I have no experience in decripting so far...
First step is: get the key and the set of strings to decode - I have that already.
I have this information about algorythm:
type: CBC,
padding - PKCS5,
initialization vector (iv?) - array of eight zeros
I try this way:
// very simple ASCII key and IV
$key = "passwordDR0wSS#P6660juht";
$iv = "password";
//$iv = array('0','0','0','0','0','0','0','0');
//$iv = "00000000";
$cipher = mcrypt_module_open(MCRYPT_3DES, '', 'cbc', '');
//$iv = mcrypt_enc_get_iv_size($cipher);
// DECRYPTING
echo "<b>String to decrypt:</b><br />51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be<br /><br />";
echo "<b>Decrypted 3des string:</b><br /> ".SimpleTripleDesDecrypt('51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be')."<br />";
function SimpleTripleDesDecrypt($buffer) {
global $key, $iv, $cipher;
mcrypt_generic_init($cipher, $key, $iv);
$result = rtrim(mdecrypt_generic($cipher, hex2bin($buffer)), "\0");
mcrypt_generic_deinit($cipher);
return $result;
}
function hex2bin($data)
{
$len = strlen($data);
return pack("H" . $len, $data);
}
At the beginnig you see example data, and on this data code works fine. Problem starts when I try to use my own data I get from database by SOAP webservice. I see this error:
Warning: pack() [function.pack]: Type H: illegal hex digit in....
I get this despite making attempts with different types of codings in the script. Script file itself is in ANCI.
Also: as you see in comments I also have made some experiments with IV but it doesn't make sense without dealing with first problem I gues.
Another thing is padding == PKCS5. Do I need to use it, and how should I do it in my case?
I would really appreciate help with this.
Ok, I have found a solution based mostly on this post: PHP Equivalent for Java Triple DES encryption/decryption - thanx guys and +1.
$iv = array('0','0','0','0','0','0','0','0');
echo #decryptText($temp->patient->firstName, $deszyfrator->return->rawDESKey, $iv);
echo #decryptText($temp->patient->surname, $deszyfrator->return->rawDESKey, $iv);
function decryptText($encryptText, $key, $iv) {
$cipherText = base64_decode($encryptText);
$res = mcrypt_decrypt("tripledes", $key, $cipherText, "cbc", $iv);
$resUnpadded = pkcs5_unpad($res);
return $resUnpadded;
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
return substr($text, 0, -1 * $pad);
}
However I get a warning (hidden with # now). "Iv should have the same lenght as block size" - I tried all combinations I could figure out and I can't get rid of it. Any idea people?
Edit: secondary problem fixed to. This kode will fix the iv:
$iv_size=mcrypt_get_iv_size("tripledes","cbc");
$iv = str_repeat("\0", $iv_size); //iv size for 3des is 8