1

I have a small problem with php mcrypt_decrypt function. Firstly, I use a 16-byte string, and encrypt it using mcrypt_encrypt; then, I use base64_encode, and put the output to mcrypt_decrypt, in order to get the initial string.

But the output is not what's expected. I checked that my base64 decoded string input for decoding is the exact output produced by mcrypt_decrypt. Here is my code:

//encrypt
$str="KKQT9W4st7vmdkps";
$key="43625A8C1E4330BDF84DDEE3DD105037";
$block = mcrypt_get_block_size('rijndael_128', 'ecb');
$passcrypt=mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $str, MCRYPT_MODE_ECB);
echo $passcrypt;

That outputs PTfZ6Ephh8LTxXL4In33Og==. The decryption script is the following:

//decrypt
$str='PTfZ6Ephh8LTxXL4In33Og==';
$key='43625A8C1E4330BDF84DDEE3DD105037';
$str = base64_decode($str);
$str = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
    $str, MCRYPT_MODE_ECB,''),"\0");
$block = mcrypt_get_block_size('rijndael_128', 'ecb');
echo $str;

And the output is not KKQT9W4st7vmdkps, but -nγ kk7Ζn’T instead. Any ideas? I'm using XAMPP and Apache server.

Rubens
  • 14,478
  • 11
  • 63
  • 92
Panos Mavr
  • 21
  • 3
  • Take a look at this one http://stackoverflow.com/questions/2448256/php-mcrypt-encrypting-decrypting-file – DevZer0 Jun 21 '13 at 00:46

2 Answers2

1

Thx guys for the feedback it was a silly mistake that i made...actually 'PTfZ6Ephh8LTxXL4In33Og==' was wrong in the decrypt function cause "I" was "l" in the end...so the decryption was not correct...but it was not my fault either since I was getting this string from a QR CODE scanner and both "I" and "l" are displayed the same...

Panos Mavr
  • 21
  • 3
0

For encryption, you need to:

1) Create an encryption resource 

$str = "KKQT9W4st7vmdkps";
$key = "43625A8C1E4330BDF84DDEE3DD105037";
$r = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_ECB, '');

2) Randomly create encryption vector based on the size of $r 

$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($r),MCRYPT_RAND);

3) Initiliazing module using the resource,key and string vector

mcrypt_generic_init($r,$key,$iv);

4) Encrypt data/string using resource $r

$encrypted = mcrypt_generic($r,$str);

5) Encode it using base64_encode

  $encoded = base64_encode($encrypted);
        if(!mcrypt_generic_deinit($r) || !mcrypt_module_close($r))
            $encoded = false;

6) Echoing it

echo 'Encrypted: '.$encoded;

For decryption, it's like a reverse process of encrypt

        //Using the same enrypted string       
        $decoded = (string) base64_decode(trim($encoded));
        $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_ECB, '');
        $ivs = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        mcrypt_generic_init($td,$key, $ivs);

        $decoded = (string) trim(mdecrypt_generic($td, $decoded));

        if(!mcrypt_generic_deinit($td) || !mcrypt_module_close($td))
            $decoded = false;

Echoing it

echo 'Decrypted: '. $decoded;

Hope this helps. More info here.

foxns7
  • 518
  • 2
  • 7
  • 18
  • The result is still the same..."-nγ kk7Ζn’T"...i think that the problem is not the code but the output format..maybe apache, i don't know... – Panos Mavr Jun 21 '13 at 07:57
  • I've edited the answer,the decryption part.. try it out again. – foxns7 Jun 21 '13 at 08:19
  • Thx the issue is solved...it was a mistake when I was passing the string 'PTfZ6Ephh8LTxXL4In33Og=='to aes decrypt.... "I" was "l" actually but since i was getting this from a QR CODE SCANNER i couldn't tell the difference cause "I" and "l" are displayed the same there...stupid really... – Panos Mavr Jun 21 '13 at 10:27