Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Issue with PHP mcrypt function

Tags:

php

mcrypt

I use the following function to decrypt data on my server:

function decrypt($key, $text) {
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
}

I have read a lot about NOT using ECB however (and know it is deprecated so wanted to switch to CBC. Simply switching the mode to:

function decrypt($key, $text) {
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($text), MCRYPT_MODE_CBC, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND)));
}

does not work however. No errors are generated but the data returned is still encrypted.

What am I missing?

Updated code - still with errors:

$key = "hello"; 

$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_DEV_RANDOM);

function encrypt($key, $text) {
    return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $text, MCRYPT_MODE_CBC, $iv)));
}


function decrypt($key, $text) { 
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($text), MCRYPT_MODE_CBC, $iv));
}


$text = 12345;

echo "Plain Number : " . $text . "<br><br>";

$encrypted = encrypt($key, $text);
echo "AES Number : " . $encrypted . "<br><br>";

echo "Plain Number : ". decrypt($key, $encrypted) . "<br><br>";

this should work - but it returns the error:

blocksize in

blocksize in> Warning: mcrypt_encrypt()

[function.mcrypt-encrypt]: The IV parameter must be as long as the blocksize inblocksize in

blocksize in

like image 265
JM4 Avatar asked Nov 10 '10 22:11

JM4


1 Answers

When you decrypt you need to use the same IV as when you encrypted. It looks like you're generating a new, random IV during decryption.

It's OK to append or prepend the IV to the ciphertext. IVs are not secret but they should be unique for each encrypted message and only used once.

like image 153
Cameron Skinner Avatar answered Oct 20 '22 00:10

Cameron Skinner