php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48730 Problems to decrypt an encrypted string with RIJNDAEL_256 and ECB_MODE
Submitted: 2009-06-30 05:01 UTC Modified: 2009-06-30 14:00 UTC
From: guljo at hotmail dot com Assigned:
Status: Not a bug Package: mcrypt related
PHP Version: 5.2.10 OS: OpenBSD and linuxes
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: guljo at hotmail dot com
New email:
PHP Version: OS:

 

 [2009-06-30 05:01 UTC] guljo at hotmail dot com
Description:
------------
RIJNDAEL_256 with ECB_MODE does not work everytime properly, here is the example of a string that is encrypted and then cannot get decrypted to the original.

Reproduce code:
---------------
$string = "numero_documento_funcionario:=:31194443#&#seccional:=:Principal#&#correo_funcionario:=:cinterno@tulua.gov.co#&#fecha_solicitud:=:2009-04-30 00:00:00#&#numero_radicacion:=:000001#&#numero_camara:=:36###198";
echo "To encrypt: <br /><br />\n";
$key = "9c08eb33218aa11eb8f1423f85d5f554";
echo $string."<br /><br />\nEncrypted: <br /><br />\n";
$encrypted = cifrar($string, $key);
echo $encrypted."<br /><br />\nDecrypted ??: <br /><br />\n";
echo descifrar($encrypted, $key)."<br /><br /><br /><br />\n";

    function cifrar($message, $key){
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $enc=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $message, MCRYPT_MODE_ECB, $iv);
        $enc = base64_encode(trim($enc));
        return $enc;
    }
    function descifrar($enc, $key){
        $enc = base64_decode(trim($enc));
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc, MCRYPT_MODE_ECB, $iv));
    } 
    

Expected result:
----------------
I expect the decrypted string to be just the same as the original string.

Actual result:
--------------
The last characters are not decrypted properly. And this just happens with this very string, if you change any character, add or take away any character, it works. But it is a flaw as strings as this one are generated by my application and it fails at times.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-06-30 05:15 UTC] johanna at neiatec dot com
Just to make it clear, this problem is with MCRYPT_RIJNDAEL_128 and MCRYPT_RIJNDAEL_256. The example I posted is with 128 but if changed to 256 it doesn't work either.
 [2009-06-30 08:41 UTC] derick@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

You can not trim the encoded string, as there might be required trailing 0's or something like that. Remove the trim from the following line and it works:

$enc = base64_encode(trim($enc));

 [2009-06-30 14:00 UTC] guljo at hotmail dot com
Problem solved. Thank you.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 19:01:29 2024 UTC