0

I need to decode a 3des string in a php and I have no experience in decripting so far...

First step is: get the key and the set of strings to decode - I have that already.

I have this information about algorythm:

type: CBC, padding - PKCS5, initialization vector (iv?) - array of eight zeros

I try this way:

// very simple ASCII key and IV
$key = "passwordDR0wSS@P6660juht";
$iv = "password";
//$iv = array('0','0','0','0','0','0','0','0');
//$iv = "00000000";

$cipher = mcrypt_module_open(MCRYPT_3DES, '', 'cbc', '');

//$iv = mcrypt_enc_get_iv_size($cipher);


// DECRYPTING
echo "<b>String to decrypt:</b><br />51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be<br /><br />";

echo "<b>Decrypted 3des string:</b><br /> ".SimpleTripleDesDecrypt('51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be')."<br />";

function SimpleTripleDesDecrypt($buffer) {
  global $key, $iv, $cipher;

  mcrypt_generic_init($cipher, $key, $iv);
  $result = rtrim(mdecrypt_generic($cipher, hex2bin($buffer)), "\0");
  mcrypt_generic_deinit($cipher);
  return $result;
}

function hex2bin($data)
{
  $len = strlen($data);
  return pack("H" . $len, $data);
}

At the beginnig you see example data, and on this data code works fine. Problem starts when I try to use my own data I get from database by SOAP webservice. I see this error:

Warning: pack() [function.pack]: Type H: illegal hex digit in....

enter image description here

I get this despite making attempts with different types of codings in the script. Script file itself is in ANCI.

Also: as you see in comments I also have made some experiments with IV but it doesn't make sense without dealing with first problem I gues.

Another thing is padding == PKCS5. Do I need to use it, and how should I do it in my case?

I would really appreciate help with this.

cristi _b
  • 1,783
  • 2
  • 28
  • 43
baron_bartek
  • 1,073
  • 2
  • 20
  • 39
  • possible duplicate of [PHP Equivalent for Java Triple DES encryption/decryption](http://stackoverflow.com/questions/8530312/php-equivalent-for-java-triple-des-encryption-decryption) – Maarten Bodewes Jan 03 '13 at 16:36

1 Answers1

0

Ok, I have found a solution based mostly on this post: PHP Equivalent for Java Triple DES encryption/decryption - thanx guys and +1.

$iv = array('0','0','0','0','0','0','0','0');
echo @decryptText($temp->patient->firstName, $deszyfrator->return->rawDESKey, $iv);
echo @decryptText($temp->patient->surname, $deszyfrator->return->rawDESKey, $iv);

function decryptText($encryptText, $key, $iv) {

    $cipherText = base64_decode($encryptText);
    $res = mcrypt_decrypt("tripledes", $key, $cipherText, "cbc", $iv);

    $resUnpadded = pkcs5_unpad($res);    
    return $resUnpadded;
}

function pkcs5_unpad($text)
{
    $pad = ord($text{strlen($text)-1});
    if ($pad > strlen($text)) return false;
    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
    return substr($text, 0, -1 * $pad);
}

However I get a warning (hidden with @ now). "Iv should have the same lenght as block size" - I tried all combinations I could figure out and I can't get rid of it. Any idea people?

Edit: secondary problem fixed to. This kode will fix the iv:

$iv_size=mcrypt_get_iv_size("tripledes","cbc");
$iv = str_repeat("\0", $iv_size);   //iv size for 3des is 8
Community
  • 1
  • 1
baron_bartek
  • 1,073
  • 2
  • 20
  • 39
  • Please do not ask additional questions in answers, create new question instead (after debugging etc. of course). – Maarten Bodewes Jan 03 '13 at 16:33
  • Thx for input owlstead. I asked the secondary question in order to produce best possible solution for the initial problem. All works just fine now. – baron_bartek Jan 11 '13 at 16:39