5

I have an encrypted bit of text that I need to decrypt. It's encrypted with AES-256-CBC. I have the encrypted text, key, and iv. However, no matter what I try I just can't seem to get it to work.

The internet has suggested that mcrypt's Rijndael cypher should be able to do this, so here's what I have now:

function decrypt_data($data, $iv, $key) {
    $cypher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');

    // initialize encryption handle
    if (mcrypt_generic_init($cypher, $key, $iv) != -1) {
        // decrypt
        $decrypted = mdecrypt_generic($cypher, $data);

        // clean up
        mcrypt_generic_deinit($cypher);
        mcrypt_module_close($cypher);

        return $decrypted;
    }

    return false;
}

As it stands now I get 2 warnings and the output is gibberish:

Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Key size too large; supplied length: 64, max: 32 in /var/www/includes/function.decrypt_data.php on line 8
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; supplied length: 32, needed: 16 in /var/www/includes/function.decrypt_data.php on line 8

Any help would be appreciated.

hakre
  • 193,403
  • 52
  • 435
  • 836
Jeremy Logan
  • 47,151
  • 38
  • 123
  • 143

2 Answers2

6

I'm not terribly familiar with this stuff, but it seems like trying MCRYPT_RIJNDAEL_256 in place of MCRYPT_RIJNDAEL_128 would be an obvious next step...

Edit: You're right -- this isn't what you need. MCRYPT_RIJNDAEL_128 is in fact the right choice. According to the link you provided, your key and IV are twice as long as they should be:

// How do you do 256-bit AES encryption in PHP vs. 128-bit AES encryption???
// The answer is:  Give it a key that's 32 bytes long as opposed to 16 bytes long.
// For example:
$key256 = '12345678901234561234567890123456';
$key128 = '1234567890123456';

// Here's our 128-bit IV which is used for both 256-bit and 128-bit keys.
$iv =  '1234567890123456';
Frank Farmer
  • 38,246
  • 12
  • 71
  • 89
  • Yeah, I tried it. According to http://www.chilkatsoft.com/p/php_aes.asp that is the block size, not the key size. – Jeremy Logan Oct 27 '09 at 00:55
  • Good catch. The link you provided has the answer to your question: You have to provide a 32 byte key, and a 16 byte IV. You're passing in values that are twice as long as they need to be. – Frank Farmer Oct 27 '09 at 16:18
  • 2
    It turns out the were hex encoded and just needed to be run through `pack('H*', $var)`. – Jeremy Logan Oct 27 '09 at 19:59
  • Sorry for sounding dumb, but what exactly do you pack() ? Ive been trying to do this myself, without any luck.. – Nils Munch Jun 23 '11 at 23:02
  • @NilsMunch You use pack() to convert the Hex representation to the actual binary 128/256 bit representation. – thinice Nov 26 '12 at 23:50
1

I send to you one example, Please, check the code, ok

$data_to_encrypt = "2~1~000024~0910~20130723092446~T~00002000~USD~F~375019001012120~0~0~00000000000~";
$key128 = "abcdef0123456789abcdef0123456789";
$iv = "0000000000000000";

$cc = $data_to_encrypt;
$key = $key128;
$iv =  $iv;
$length = strlen($cc);

$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'','cbc','');

mcrypt_generic_init($cipher, $key, $iv);
$encrypted = base64_encode(mcrypt_generic($cipher,$cc));
mcrypt_generic_deinit($cipher);

mcrypt_generic_init($cipher, $key, $iv);
$decrypted = mdecrypt_generic($cipher,base64_decode($encrypted));
mcrypt_generic_deinit($cipher);

echo "encrypted: " . $encrypted;
echo "<br/>";
echo "length:".strlen($encrypted);
echo "<br/>";
echo "decrypted: " . substr($decrypted, 0, $length);
Aron
  • 1,142
  • 1
  • 14
  • 26
  • Worked for me! The only suggestion I have is to use rtrim instead of substr for the decrypted text since you may not always know the length. rtrim($decrypted, "\0") – koga73 Jan 13 '17 at 17:08