2

I have to do AES 128 encryption in CBC mode and match it with the same AES encyption in coldfusion.

Here is my code in PHP:

function pkcs5_pad($text, $blocksize) {
    $pad = $blocksize - (strlen($text) % $blocksize);
    return $text . str_repeat(chr($pad), $pad);
}

$key = "vRJ6XSUi7OGebUK+n1vKkA==";
$iv = "AF9iPTpJC+zEa2auUxuloQ==";
$data = $this->pkcs5_pad("Message to encrypt", 16);
echo openssl_encrypt($data, 'aes-128-cbc', $key, 0, base64_decode($iv));
echo "<br>";
echo base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, base64_decode($iv)));

mcrypt_encrypt is depreciated but gives me the same compatible result as in coldfusion: qLz13+xk19lZjSbfs92Ze5akuDbWOsNF2rYZN7aaEHc= but openssl_encrypt gives me a diffrent value: dnEcUy2tmvLZhZclnEwRpYHEbHajzmkpwbPorfNw5eN4d37MadEiPGLPvNAZmW4Q

How can I make openssl_encrypt give the same value as mcrypt_encrypt does? Isn't it supposed to be a replacement for it?

Morteza Asadi
  • 1,819
  • 2
  • 22
  • 39
oussama kamal
  • 1,027
  • 2
  • 20
  • 44
  • See [Use openssl_encrypt to replace Mcrypt for 3DES-ECB encryption](http://stackoverflow.com/q/39467008/608639), [Can't decrypt using pgcrypto from AES-256-CBC but AES-128-CBC is OK](http://stackoverflow.com/q/43550818/608639), [MCrypt rijndael-128 to OpenSSL aes-128-ecb conversion](http://stackoverflow.com/q/45218465/608639), etc. Also see [Upgrading my encryption library from Mcrypt to OpenSSL](http://stackoverflow.com/q/43329513), [Replace Mcrypt with OpenSSL](http://stackoverflow.com/q/9993909/608639) and [Preparing for removal of Mcrypt in PHP 7.2](http://stackoverflow.com/q/42696657) – jww Aug 19 '17 at 04:15

1 Answers1

3

Two problems:

  1. You aren't Base64 decoding the key, so you're passing a 24-byte (= 192-bit) key to both openssl_encrypt and mcrypt_encrypt. Apparently, these functions interpret such a key in different ways! base64_decode the key first for consistent results.

    Alternatively, if you really want to use the Base64-encoded string as a 192-bit key, pass 'aes-192-cbc' as the method to openssl_encrypt(). This is what mcrypt is doing here. (Which is not the same as what would happen if you passed MCRYPT_RIJNDAEL_192 as the cipher -- that changes the block size, not the key size!)

  2. openssl_encrypt uses PKCS5 padding automatically. Padding the data before passing it to this function ends up making the data get padded twice, leaving it one block longer than intended.

With these problems fixed, both functions now give the same result.

  • No no, that is not the point of my question, if I follow what you explained, I get indeed the same result but it is now different than the result I get from AES in coldfusion. mcrypt_encrypt was giving the result I need the one that matches and I need openssl to give the same one qLz13+xk19lZjSbfs92Ze5akuDbWOsNF2rYZN7aaEHc= as mcrypt_encrypt – oussama kamal Aug 18 '17 at 20:06
  • 1
    @oussamakamal Added a note about that. I've reproduced that output with the Base64-encoded key under `aes-192-cbc`. –  Aug 18 '17 at 20:14