php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #48730 Problems to decrypt an encrypted string with RIJNDAEL_256 and ECB_MODE
Submitted: 2009-06-30 05:01 UTC Modified: 2009-06-30 14:00 UTC
From: guljo at hotmail dot com Assigned:
Status: Not a bug Package: mcrypt related
PHP Version: 5.2.10 OS: OpenBSD and linuxes
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: guljo at hotmail dot com
New email:
PHP Version: OS:

 

 [2009-06-30 05:01 UTC] guljo at hotmail dot com 
Description:
------------
RIJNDAEL_256 with ECB_MODE does not work everytime properly, here is the example of a string that is encrypted and then cannot get decrypted to the original.

Reproduce code:
---------------
$string = "numero_documento_funcionario:=:31194443#&#seccional:=:Principal#&#correo_funcionario:=:cinterno@tulua.gov.co#&#fecha_solicitud:=:2009-04-30 00:00:00#&#numero_radicacion:=:000001#&#numero_camara:=:36###198";
echo "To encrypt: <br /><br />\n";
$key = "9c08eb33218aa11eb8f1423f85d5f554";
echo $string."<br /><br />\nEncrypted: <br /><br />\n";
$encrypted = cifrar($string, $key);
echo $encrypted."<br /><br />\nDecrypted ??: <br /><br />\n";
echo descifrar($encrypted, $key)."<br /><br /><br /><br />\n";

    function cifrar($message, $key){
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $enc=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $message, MCRYPT_MODE_ECB, $iv);
        $enc = base64_encode(trim($enc));
        return $enc;
    }
    function descifrar($enc, $key){
        $enc = base64_decode(trim($enc));
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc, MCRYPT_MODE_ECB, $iv));
    } 
    

Expected result:
----------------
I expect the decrypted string to be just the same as the original string.

Actual result:
--------------
The last characters are not decrypted properly. And this just happens with this very string, if you change any character, add or take away any character, it works. But it is a flaw as strings as this one are generated by my application and it fails at times.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-06-30 05:15 UTC] johanna at neiatec dot com 
Just to make it clear, this problem is with MCRYPT_RIJNDAEL_128 and MCRYPT_RIJNDAEL_256. The example I posted is with 128 but if changed to 256 it doesn't work either.
 [2009-06-30 08:41 UTC] derick@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

You can not trim the encoded string, as there might be required trailing 0's or something like that. Remove the trim from the following line and it works:

$enc = base64_encode(trim($enc));
 [2009-06-30 14:00 UTC] guljo at hotmail dot com 
Problem solved. Thank you.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Oct 29 17:00:02 2025 UTC