I am using the below php code for encryption:
$enc_request = base64_encode(
mcrypt_encrypt(MCRYPT_RIJNDAEL_256,
$this->_app_key,
json_encode($request_params),
MCRYPT_MODE_ECB)
);
Now trying to encrypt the in android and getting the different encrypted string. Below is the android code:
public void enc(){
byte[] rawKey = getRawKey("my_key".getBytes());
SecretKeySpec skeySpec = new SecretKeySpec(rawKey, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal("my_message".getBytes());
String result=Base64.encodeToString(encrypted, Base64.DEFAULT);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(256, sr);
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
Could any one help me, where I am wrong? And get same correct encrypted string in android too.
I've created a main method in Java using Bouncy Castle to show the inner workings of mcrypt_encrypt() used in your code sample.
This is mainly to show other developers that PHP's mcrypt_encrypt() is a very dangerous method to use. It won't fail much, but that is because it rather continues where it should have stopped long ago. For instance, it adds or removes values from the key. It emits a warning when it does do this, but it won't directly show in the code.
public static void main(String[] args) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
// just some constants
boolean ENCRYPT = true;
boolean DECRYPT = false;
// the key is either in binary in PHP or a string (dynamic isn't it?), lets assume ASCII
byte[] givenKey = args[0].getBytes(Charset.forName("ASCII"));
// determine the key size dynamically, somebody thought this was a good idea...
// NOTE: PHP will emit a warning if the key size is larger, but will simply use the
// largest key size otherwise
final int keysize;
if (givenKey.length <= 128 / Byte.SIZE) {
keysize = 128;
} else if (givenKey.length <= 192 / Byte.SIZE) {
keysize = 192;
} else {
keysize = 256;
}
// create a 256 bit key by adding zero bytes to the decoded key
byte[] keyData = new byte[keysize / Byte.SIZE];
System.arraycopy(givenKey, 0, keyData, 0, Math.min(givenKey.length, keyData.length));
KeyParameter key = new KeyParameter(keyData);
// create a Rijndael cipher with 256 bit block size, this is not AES
BlockCipher rijndael = new RijndaelEngine(256);
// use a padding method that only works on data that cannot end with zero valued bytes
ZeroBytePadding c = new ZeroBytePadding();
// use ECB mode encryption, which should never be used
PaddedBufferedBlockCipher pbbc = new PaddedBufferedBlockCipher(rijndael, c);
// initialize the cipher using the key (no need for an IV, this is ECB)
pbbc.init(ENCRYPT, key);
// create a plain text byte array
byte[] plaintext = args[1].getBytes(Charset.forName("UTF8"));
// create a buffer for the ciphertext
byte[] ciphertext = new byte[pbbc.getOutputSize(plaintext.length)];
int offset = 0;
offset += pbbc.processBytes(plaintext, 0, plaintext.length, ciphertext, offset);
offset += pbbc.doFinal(ciphertext, offset);
// show the ciphertext
System.out.println(new String(Hex.encode(ciphertext), Charset.forName("ASCII")));
// reverse the encryption
pbbc.init(DECRYPT, key);
byte[] decrypted = new byte[pbbc.getOutputSize(ciphertext.length)];
offset = 0;
offset += pbbc.processBytes(ciphertext, 0, ciphertext.length, decrypted, offset);
offset += pbbc.doFinal(decrypted, offset);
// this will probably print out correctly, but it isn't actually correct
System.out.println(new String(decrypted, Charset.forName("UTF8")));
// check out the zero's at the end
System.out.println(new String(Hex.encode(decrypted), Charset.forName("UTF8")));
// so lets make it a bit shorter... the PHP way
// note that in PHP, the string may *not* contain a null terminator
// add it yourself before printing the string
System.out.println(new String(decrypted, Charset.forName("UTF8")).replaceAll("\\x00+$", ""));
}
Warning: the above code contains ZeroBytePadding. I later discovered that there is a difference between Bouncy Castle and PHP in this respect: Bouncy Castle expects that you always have to pad, while PHP doesn't. So Bouncy adds 1..n bytes while PHP adds 0..(n-1) bytes, where n is the block size (32 bytes for Rijndael-256/256). So you may have to do the padding/unpadding yourself; be sure to test the edge cases!
Related
I have this php code
$plain_text = "abc";
$salt = "123";
echo $encrypted_text = openssl_encrypt($plain_text, "AES-128-ECB", $salt);
// result: kR/1uaFarptS5+n951MVsQ==
I have tried several methods (classes and functions) on vb.net, but the result of the encryption with this language is everytime not the same as above using php.
For example this one:
Public Function AES_Encrypt (ByVal input As String, ByVal pass As String) As String
Dim AES As New System.Security.Cryptography.RijndaelManaged
Dim Hash_AES As New System.Security.Cryptography.MD5CryptoServiceProvider
Dim encrypted As String = ""
Try
Dim hash (31) As Byte
Dim temp As Byte () = Hash_AES.ComputeHash (System.Text.ASCIIEncoding.ASCII.GetBytes (pass))
Array.Copy (temp, 0, hash, 0, 16)
Array.Copy (temp, 0, hash, 15, 16)
AES.Key = hash
AES.Mode = Security.Cryptography.CipherMode.ECB
Dim DESEncrypter As System.Security.Cryptography.ICryptoTransform = AES.CreateEncryptor
Dim Buffer As Byte () = System.Text.ASCIIEncoding.ASCII.GetBytes (input)
encrypted = Convert.ToBase64String (DESEncrypter.TransformFinalBlock (Buffer, 0, Buffer.Length))
Return encrypted
Catch ex As Exception
End Try
End Function
sEnc = AES_Encrypt("abc", "123")
Console.WriteLine(sEnc)
'result: Z3hCHcS0b2zJ7fEod3jcrw==
Please, with vb.net (no C#), how can I get the result "kR/1uaFarptS5+n951MVsQ==" which encryption of the text "abc" and salt "123" using the algorithm "AES-128-ECB"?
Due to the specification AES-128-ECB in the PHP code, AES-128 is used in ECB mode, i.e. the key is 16 bytes long. But since only a 3 bytes large key is applied (123), PHP pads to the necessary size of 16 bytes with 0x00 values. Note that if the key is too long, it will be truncated.
In the VB code a 32 bytes key is used. Since in .NET the keysize determines the AES variant, AES-256 is applied. Moreover, the passed key is not used directly, but the actual key is derived from the passed value with the digest MD5.
So that the VB code returns the result of the PHP code, the logic of the PHP code must be implemented in the VB code:
...
'Dim hash(31) As Byte
'Dim temp As Byte() = Hash_AES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
'Array.Copy(temp, 0, hash, 0, 16)
'Array.Copy(temp, 0, hash, 15, 16)
'AES.Key = hash
Dim keyPadded(15) As Byte
Dim key = System.Text.ASCIIEncoding.ASCII.GetBytes(pass)
Array.Copy(key, 0, keyPadded, 0, Math.Min(16, key.Length))
AES.Key = keyPadded
...
A few remarks:
In the PHP code the key is called $salt. This is misleading, because a salt has a different meaning.
The ECB mode is generally insecure.
AES-128 uses a 16 bytes key. 123 is not a strong key (but maybe this is just a dummy value).
If 123 does not represent a key, but a password from which a key is derived, then in general you should not use MD5, but specially designed algorithms like PBKDF2 or Argon2, see also here.
I'd like to encrypt a string in PHP and then decrypt it in C. I'm stuck on the decryption part.
(PHP) I first encrypt the string:
function encrypt($plaintext, $key) {
$iv = 'aaaaaaaaaaaaaaaa';
$ciphertext = openssl_encrypt($plaintext, "AES-256-CBC", $key, OPENSSL_RAW_DATA, $iv);
return $ciphertext;
}
echo encrypt('This is a test', 'test');
// output: 7q�7h_��8� ��L
(C) Then I want to decrypt it, I use tiny-AES-c library for the functions:
int test_decrypt_cbc(void) {
uint8_t key[] = "test";
uint8_t iv[] = "aaaaaaaaaaaaaaaa";
uint8_t str[] = "7q�7h_��8� ��L";
printf("%s", str);
printf("\n Decrypted buffer\n");
struct AES_ctx ctx;
AES_init_ctx_iv(&ctx, key, iv);
AES_CBC_decrypt_buffer(&ctx, str, sizeof(str));
printf("%s", str);
printf("\n");
return 1;
}
This outputs:
7q�7h_��8� ��L
Decrypted buffer
?L??Ɵ??m??Dˍ?'?&??c?W
It should instead output "This is a test".
How can I fix this?
In the PHP code, AES-256 is used. tiny-AES-c only supports AES-128 by default. In order for AES-256 to be supported, the corresponding constant must be defined in aes.h, i.e. the line //#define AES256 1 must be commented in, here.
PHP uses PKCS7 padding by default. The padding should be removed in the C code.
PHP implicitly pads too short keys with zero values to the specified length. Since AES-256-CBC was specified in the PHP code, the key test is extended as follows:
test\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
In the C code this extended key must be used (see also the comment of #r3mainer).
For the transfer of the ciphertext between the two codes a suitable encoding must be used, e.g. Base64 or hexadecimal (see also the comment of #Ôrel). For the latter, bin2hex can be applied to the ciphertext in the PHP code. An example of a hex decoding in C can be found here.
A possible C-implementation is:
// Pad the key with zero values
uint8_t key[] = "test\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
uint8_t iv[] = "aaaaaaaaaaaaaaaa";
uint8_t ciphertextHex[] = "3771e837685ff5d4173801900de6e14c";
// Hex decode (e.g. https://stackoverflow.com/a/3409211/9014097)
uint8_t ciphertext[sizeof(ciphertextHex) / 2], * pos = ciphertextHex;
for (size_t count = 0; count < sizeof ciphertext / sizeof * ciphertext; count++) {
sscanf((const char*)pos, "%2hhx", &ciphertext[count]);
pos += 2;
}
// Decrypt
struct AES_ctx ctx;
AES_init_ctx_iv(&ctx, key, iv);
AES_CBC_decrypt_buffer(&ctx, ciphertext, sizeof(ciphertext));
// Remove the PKCS7 padding
uint8_t ciphertextLength = sizeof(ciphertext);
uint8_t numberOfPaddingBytes = ciphertext[ciphertextLength - 1];
ciphertext[ciphertextLength - numberOfPaddingBytes] = 0;
printf("%s", ciphertext);
How do I encrypt a file contents in PHP using OpenSSL and decrypt it in C++?
Here's my code:
$dll = file('file.dll')[0];
$iv = substr(hash('sha256', 'test'), 0, 16);
$key = substr(hash('sha256', 'test'), 0, 32);
$dll_en = openssl_encrypt($dll, "AES-256-CBC", $key, 0, $iv);
and here's c++
int main() {
/* A 256 bit key */
byte* key = (byte*)"9f86d081884c7d659a2feaa0c55ad015";
/* A 128 bit IV */
byte* iv = (byte*)"9f86d081884c7d65";
std::vector<byte> data = base64_decode("CyeJtJecBChtVSxeTLw9mYKapHwLNJed/5VVuyGOHNSTksBzH1Ym2JwLJv/LvlT9tqMEahwcX7Yj9jYVRCSnTliz/zQYk0pIi8CKTEGkqffqZd8CdA6joLMl9Ym6d+5wERgHEotURq8Kn+H3/GbUuEBUtLL9Cd1+VsKWDyqkE1c=");
byte* ciphertext = new byte[data.size()];
for (size_t i = 0; i < data.size(); i++)
{
ciphertext[i] = data.at(i);
}
byte decryptedtext[8096];
int decryptedtext_len;
decryptedtext_len = decrypt(ciphertext, data.size(), key, iv, decryptedtext);
decryptedtext[decryptedtext_len] = 0;
std::cout << decryptedtext;
return 0;
}
The decrypt function is from here
The first line of the dll is
MZ����#���� �!�L�!This program cannot be run in DOS mode.
but all I get in console is MZÉ.
What am I doing wrong?
Nothing is wrong except your choice of output method!
Since you're passing a byte* to std::cout, the only way it knows when to stop is to treat the input as a C-string, a sequence of 8-bit bytes. When it encounters one with value ZERO, it thinks it's a null terminator and stops. It's working as it should.
But your input is not ASCII! It is arbitrary, "binary" data.
You should instead use something like std::cout.write(decryptedtext, decryptedtext_len), which just chucks all your bytes out to the output stream. It's then up to your console/teletype/printer to render that as it deems fit (which may still not be identical to what you're looking for, depending on settings).
Nothing, you just get things in ASCII instead of UTF-8 while printing a binary file, and characters are skipped until a 00 valued byte is encountered rather than printed out with as a diamond with a question mark. Perform a binary compare instead.
Of course you should note that key and IV calculation of the key and even more the IV is entirely insecure in PHP mode and that CBC mode doesn't provide authentication, so the code is not as secure as it should be.
Here, I have c++ program which encodes the string and I have to decrypt in php. I have verified that the key and the iv are same in both programs, still getting false in openssl_decrypt() command.
int main(int argc, char** args)
{
unsigned char *salt = (unsigned char*)"12345678";
unsigned char *data = (unsigned char*)"123456789123450";
unsigned int count = 5;
int dlen = strlen((char*)data);
unsigned int ksize = 16;
unsigned int vsize = 12;
unsigned char *key = new unsigned char[ksize];
unsigned char *iv = new unsigned char[vsize];
int ret = EVP_BytesToKey( EVP_aes_128_gcm() , EVP_sha1(), salt, data, dlen, count, key, iv);
const EVP_CIPHER* m_cipher = EVP_aes_128_gcm();
EVP_CIPHER_CTX* m_encode;
EVP_CIPHER_CTX* m_decode;
if (!(m_encode = EVP_CIPHER_CTX_new()))
cout << "ERROR :: In encode Initiallization"<< endl;
EVP_EncryptInit_ex(m_encode, m_cipher, NULL, key, iv);
if (!(m_decode = EVP_CIPHER_CTX_new()))
cout << "ERROR :: In decode Initiallization"<< endl;
EVP_DecryptInit_ex(m_decode, m_cipher, NULL, key, iv);
unsigned char* plain = (unsigned char*)"My Name IS DON !!!";
int len = strlen((char*)plain);
unsigned char* encData = new unsigned char[len];
int c_len = len;
int f_len = 0;
EVP_EncryptInit_ex(m_encode, NULL, NULL, NULL, NULL);
EVP_EncryptUpdate(m_encode, encData, &c_len, plain, len);
EVP_EncryptFinal_ex(m_encode, encData + c_len, &f_len);
len = c_len + f_len;
cout << string( encData, encData + len)<< endl;
}
And the following is decryption code in php. "./abc_enc.txt" contains encryption string of c++ code. As I mentioned above I am getting same key and iv for both programs but openssl_decrypt function returns false. Can someone figure out what is the mistake?
<?
function EVP_BytesToKey($salt, $password) {
$ivlen = 12;
$keylen = 16;
$iterations = 5;
$hash = "";
$hdata = "";
while(strlen($hash)<$ivlen+$keylen)
{
$hdata .= $password.$salt;
$md_buf = openssl_digest($hdata, 'sha1');
for ($i = 1; $i < $iterations; $i++) {
$md_buf = openssl_digest ( hex2bin($md_buf),'sha1');
}
$hdata = hex2bin($md_buf);
$hash.= $hdata;
}
return $hash;
}
function decrypt($ivHashCiphertext, $password) {
$method = "aes-128-gcm";
$salt = "12345678";
$iterations = 5;
$ivlen = openssl_cipher_iv_length($method);
$ciphertext = $ivHashCiphertext;
$genKeyData = EVP_BytesToKey($salt, $password);
$keylen = 16;
$key = substr($genKeyData,0,$keylen);
$iv = substr($genKeyData,$keylen,$ivlen);
//var_dump($key);
//var_dump($iv);
$ret = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
var_dump($ret);
return $ret;
}
$file = './abc_enc.txt';
$fileData = (file_get_contents($file));
$encrypted = $fileData;
$decrypted = decrypt($encrypted, '123456789123450');
?>
The GCM-mode provides both, confidentiality and authenticity. To verify authenticity the GCM-mode uses an authentication tag and defines a length between incl. 12 and 16 Byte for the tag. The authentication strength depends on the length of the tag, i.e. the longer the tag, the more secure the proof of authenticity.
However, in the current C++-code the authentication tag is not determined! This means that one of the main functionalities of the GCM-mode, authentication, is not used.
While the decryption in C++ using EVP is independent from the authentication (this means that the decryption is also performed even if the authentication tags differ), the decryption in PHP using openssl_decrypt is only done if the authentication is successful, i.e. in PHP the authentication tag is mandatory for decryption. Therefore, the authentication tag must be determined in the C++-code. For this purpose, the following code must be added after the EVP_EncryptFinal_ex-call:
unsigned int tsize = 16;
unsigned char *tag = new unsigned char[tsize];
EVP_CIPHER_CTX_ctrl(m_encode, EVP_CTRL_GCM_GET_TAG, tsize, tag);
Here a tagsize of 16 Byte is used. In addition, the authentication tag must be used in the PHP-code for decryption. This is done by passing the authentication tag as the 6th parameter of the openssl_decrypt-method:
$ret = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv, $tag);
Decryption can only be performed if the tag used for decryption matches the tag used for encryption.
For the data in the posted example the C++-code generates the following authentication tag (as hexadecimal string):
f7c18e8b99587f3063383d68230c0e35
Finally, a more detailed explanation for AES-GCM with OpenSSL can be found here for encryption and decryption (including the consideration of the authentication tag).
In short
I'm neither an openSSL nor a PHP specialist. But at first sight, it appears that you might experience problems because you read and write binary data using files in text mode.
More infos about the potential problem
The encrypted data resulting from your C++ code is binary data. Your code does not show how you write the file. But unless you explicitly request the file to be in binary mode, you will get a file in text mode.
This might cause multiple issues when writing the data, since text mode allows for OS-dependent transformations to happen. Typical examples are characters with value 0x0A (new lines), skipping trailing 0x20 (space character), adding a 0x0A at the end of the file if there isn't and similar undesired transformation.
Your PHP code might open the file in an incompatible default mode, which might add further transformation if it's text mode, or avoid reverting transformations if it's binary.
This means that in the end, the string you try to decode might not be the original encrypted string !
How to solve it ?
First inspect with a binary editor the content of the file to see if it matches the expectations. Or check the expected length of the encrypted source data, the length of the file, and the length of the loaded content. If they all match, my answer is not relevant.
If it is relevant, or if you intend sooner or later to allow cross platform exchanges (e.g. windows client communicating with a linux server), then you could:
either add the necessary statements to use binary mode on both sides.
or add a Base64 encoding to transform binary into a robust ascii string on the writing side, and retransforming Base64 into binary on the reading side (openssl provides for base64 encoding and PHP has everything needed as well)
So, I'm trying to translate a piece of C++ code to php.
The C++ is from a external source, and my knowledge of both C++ and decryption is lacking, to say the least.
The source C++ is:
void parser_t::decrypt(buffer_t &replay_data, const unsigned char *key_data) {
/*\
|*| Performs an in place decryption of the replay using the given key.
|*| The decryption is a (broken) variant of CBC decryption and is performed as follows:
|*| -# Set the variable previous_block (with size of 16 bytes) to 0
|*| -# Decrypt a block with the given key
|*| -# XOR the block with the previous (decrypted) block
|*| -# Go back to step 2, until there are no more blocks.
\*/
BF_KEY key = {{0}};
BF_set_key(&key, 16, key_data);
const int block_size = 8;
size_t padding_size = (block_size - (replay_data.size() % block_size));
if (padding_size != 0) {
size_t required_size = replay_data.size() + padding_size;
replay_data.resize(required_size, 0);
}
unsigned char previous[block_size] = {0};
for (auto it = replay_data.begin(); it != replay_data.end(); it += block_size) {
unsigned char decrypted[block_size] = { 0 };
BF_ecb_encrypt(reinterpret_cast<unsigned char*>(&(*it)), decrypted, &key, BF_DECRYPT);
std::transform(previous, previous + block_size, decrypted, decrypted, std::bit_xor<unsigned char>());
std::copy_n(decrypted, block_size, previous);
std::copy_n(decrypted, block_size, reinterpret_cast<unsigned char*>(&(*it)));
}
if (padding_size != 0) {
size_t original_size = replay_data.size() - padding_size;
replay_data.resize(original_size, 0);
}
}
What I have got so far:
function decrypt($data){ // $data is a encrypted string
$key = array(0xDE, <.....>, 0xEF); // (16 entries in the array)
//BF_KEY key = {{0}}; // ?
//BF_set_key(&key, 16, key_data); // ?
$block_size = 8;
$padding_size = ($block_size - (strlen($data) % $block_size));
if ($padding_size != 0) {
$required_size = strlen($data) + $padding_size;
//replay_data.resize(required_size, 0);
// Seems unnecessary in php? string lengths are pretty dynamic.
}
$keyString = '';
for($i = 0; $i < count($key); $i++){
$keyString .= chr($key[$i]);
}
$output = '';
for ($i = 0; $i < stlen($data); $i += $block_size) {
$char = array(0, 0, 0, 0, 0, 0, 0, 0); // ?
$decrypted_piece = mcrypt_decrypt(MCRYPT_BLOWFISH, $keyString, $data, "cbc"); // ??
// And this is where I completely get lost.
$output = transform($in, $start, $end, $in2);
}
}
function transform($in, $start, $end, $in2){
$out = ''; // Yea, that won't work...
for($x = $start; $x < $end; $x++){
$out[$x] = $in[$x] ^ $in2[$x];
}
return $output
}
I realize I'm basically asking you guys to do something for me, but I'm really stuck at the contents of that for (auto it....
Hints / explanations that'd really help me along would be:
What does BF_ecb_encrypt do in this case? (In pseudocode or even php?) (slaps self on fingers. "don't ask for finished products")
Am I on the right track with the translation of the transform?
What is {{0}}, BF_set_key(&key, 16, key_data);?
What is reinterpret_cast<unsigned char*>(&(*it))?
I did get a look at these documentation pages, but to no avail:
php mcrypt-decrypt
BF_ecb_encrypt
C++ transform
The full source is available on github.
This specific code comes from src/parser.cpp
The "broken variant of CBC decryption" that the original code is doing can, equivalently, be described as ECB decryption followed by (cumulatively) XORing each plaintext block with the previous one.
For the XOR, you don't need anything fancy: the PHP bitwise XOR operator can operate on strings.
Thus, a simple PHP version of your C++ code could look something like this (warning: untested code):
function decrypt( $ciphertext, $key ) {
$plaintext = mcrypt_decrypt( MCRYPT_BLOWFISH, $key, $ciphertext, "ecb" );
$block_size = 8; // Blowfish block size = 64 bits = 8 bytes
$blocks = str_split( $plaintext, $block_size );
$previous = str_repeat( "\0", $block_size );
foreach ( $blocks as &$block ) {
$block ^= $previous;
$previous = $block;
}
return implode( $blocks );
}
Note that I haven't implemented any padding for truncated last blocks; there's something very screwy about the padding handling in the original code, and I don't see how it could possibly correctly decrypt messages whose length is not divisible by 8 bytes. (Does it, actually?) Rather than try to guess what the heck is going on and how to translate it to PHP, I just chose to ignore all that stuff and assume that the message length is divisible by the block size.
What does BF_ecb_encrypt do in this case?
BF_ecb_encrypt() is a function for encrypting using blowfish. The PHP equivalent (as previously mentioned by Ilmari Karonen) is $plaintext = mcrypt_decrypt( MCRYPT_BLOWFISH, $key, $ciphertext, "ecb" );
What is reinterpret_cast(&(*it))?
BF_ecb_encrypt() expects it's first parameter to be a unsigned char*. reinterpret_cast<unsigned char*>(&(*it)) is a type cast, casting 'it' into a unsigned char*. 'it' is an iterator of an unspecified type (at least in the code provided) and the keyword 'auto' is used to initialize 'it' as the correct type automatically. reinterpret_cast<unsigned char*>(&(*it)) is then used to convert it unsigned char* automatically.
What is {{0}}, BF_set_key(&key, 16, key_data);?
This is used to initialize BF_KEY 'key', and then set the key using the value of key_data. This has no PHP equivalent, mcrypt will set the key internally.
Am I on the right track with the translation of the transform?
By the looks of it, the C++ version handles padding in an odd way. This could be intentional to throw a wrench into cracking attempts. Translating into PHP is not really possible unless you fully understand the algorithm of the original C++ - not just the encryption algo, but the full process being used, including pre and post encryption.
Have you considered making a simple PHP extension using the existing C/C++ code rather than converting to PHP? This should be very strait forward, much easier than converting a more complicated algorithm from C++ into PHP. The existing code can more or less be copy-pasted into an extension, with buffer_t &replay_data likely being registered as a PHP resource.
Would this be helpful, using the php-cpp library (see http://www.php-cpp.com):
/**
* Decrypt function made accessible from PHP
*/
/**
* Dependencies
*/
#include <phpcpp.h>
#include <openssl/blowfish.h>
#include <algorithm>
/**
* Define buffer_t to be a vector
*/
typedef std::vector<uint8_t> buffer_t;
/**
* Function that should be ported to PHP
* #param data
* #param key_data
*/
static void decrypt(std::string &replay_data, const unsigned char *key_data) {
/*\
|*| Performs an in place decryption of the replay using the given key.
|*| The decryption is a (broken) variant of CBC decryption and is performed as follows:
|*| -# Set the variable previous_block (with size of 16 bytes) to 0
|*| -# Decrypt a block with the given key
|*| -# XOR the block with the previous (decrypted) block
|*| -# Go back to step 2, until there are no more blocks.
\*/
BF_KEY key = {{0}};
BF_set_key(&key, 16, key_data);
const int block_size = 8;
size_t padding_size = (block_size - (replay_data.size() % block_size));
if (padding_size != 0) {
size_t required_size = replay_data.size() + padding_size;
replay_data.resize(required_size, 0);
}
unsigned char previous[block_size] = {0};
for (auto it = replay_data.begin(); it != replay_data.end(); it += block_size) {
unsigned char decrypted[block_size] = { 0 };
BF_ecb_encrypt(reinterpret_cast<unsigned char*>(&(*it)), decrypted, &key, BF_DECRYPT);
std::transform(previous, previous + block_size, decrypted, decrypted, std::bit_xor<unsigned char>());
std::copy_n(decrypted, block_size, previous);
std::copy_n(decrypted, block_size, reinterpret_cast<unsigned char*>(&(*it)));
}
if (padding_size != 0) {
size_t original_size = replay_data.size() - padding_size;
replay_data.resize(original_size, 0);
}
}
/**
* The PHP function that will take care of this
* #param parameters
* #return Value
*/
static Php::Value php_decrypt(Php::Parameters ¶ms)
{
// check number of parameters
if (params.size() != 2) throw Php::Exception("2 parameters expected");
// read in the parameters
std::string replay_data = params[0];
std::string key_data = params[1];
// decrypt it
decrypt(replay_data, (const unsigned char *)key_data.c_str());
// return the result
return replay_data;
}
/**
* Symbols are exported according to the "C" language
*/
extern "C"
{
// export the "get_module" function that will be called by the Zend engine
PHPCPP_EXPORT void *get_module()
{
// create extension
static Php::Extension extension("my_decrypt","1.0");
// add custom function
extension.add("my_decrypt", php_decrypt);
// return the extension module
return extension.module();
}
}
You can compile the code using the following command:
g++ -std=c++11 -fpic -shared my_decrypt.cpp -o my_decrypt.so -lphpcpp
The my_descript.so should be copied to you PHP extensions directory, and an "extension=my_decrypt.so" line should be added to your php.ini.