1

Short question: I have encrypted a string with AES-256 with the openssl commandline tool. How can I decrypt this with PHP's openssl library? (since Rijndael-256 and AES-256 are not the same, and there is no AES-256 option)

Thanks in advance, Jori.

Jori
  • 1,122
  • 2
  • 18
  • 36
  • Rijndael IS AES. When the NIST wanted to choose an algorithm to be the "Advanced Encryption Standard", Rijndael was one of the candidates. Rijndael won and is now the Advanced Encryption Standard. – Ranhiru Jude Cooray Jun 08 '12 at 16:37
  • According to http://php.net/manual/en/function.mcrypt-decrypt.php, it is not (first comment), but wikipedia says that AES is a subset of Rijdael. Is the comment wrong? – Jori Jun 08 '12 at 16:57
  • This seems to be an implementation specific difference. I am sorry I do not know about this difference in the PHP implementation. Also AES is **NOT** a subset of Rijndael but Rijandael was the crypto algorithm chosen to be the A.E.S. – Ranhiru Jude Cooray Jun 08 '12 at 17:01
  • @RanhiruCooray AES **is** a subset of Rijndael. "Strictly speaking, AES is the name of the standard, and the algorithm described is a (restricted) variant of Rijndael. However, in practice the algorithm is also referred to as "AES"." This is from WikiPedia, but you can rest assured that it is correct. – Maarten Bodewes Jun 08 '12 at 18:37

2 Answers2

2

You should use MCRYPT_RIJNDAEL_128 instead of MCRYPT_RIJNDAEL_256 but you should use a 256 bit key, preferably the one you encrypted the data with.

The X in MCRYPT_RIJNDAEL_X is the block size of the cipher. Rijndael has several block and key sizes, but only Rijndael with a block size of 128 bits and a key size of 128, 192 or 256 bits (and the key size specific vectors and number of rounds) should be called AES.

Make sure you also match the encryption mode (the unsafe ECB or CBC encoding) and make sure your (un)padding is correct.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • I thought the key size and block size had to be the same? – Jori Jun 09 '12 at 08:31
  • And why exactly can't I use MCRYPT_RIJNDAEL_256? I'm sorry its a little confusing to me haha! – Jori Jun 09 '12 at 09:01
  • Nope, key size and block size are not directly a function of each other. AES always has a block size of 128 bit. That's why you need to use that particular Rijndael configuration. – Maarten Bodewes Jun 09 '12 at 11:00
-1

Shouldn't it be acceptable to use any routine to decrypt, as long as it decrypts AES-256?

Try this, previously seen on stackoverflow... it was just a google away... PHP AES encrypt / decrypt

Community
  • 1
  • 1
starlocke
  • 3,407
  • 2
  • 25
  • 38