Fonctions Mcrypt
The PERL libraries have changed a little bit and getting PHP and PERL to mcrypt together can be confusing, so here is a current example;
PHP
===
<?php
$string = 'Some Secret thing I want to encrypt';
$iv = '12345678';
$passphrase = '8chrsLng';
$encryptedString = encryptString($string, $passphrase, $iv);
// Expect: 7DjnpOXG+FrUaOuc8x6vyrkk3atSiAf425ly5KpG7lOYgwouw2UATw==
function encryptString($unencryptedText, $passphrase, $iv) {
$enc = mcrypt_encrypt(MCRYPT_BLOWFISH, $passphrase, $unencryptedText, MCRYPT_MODE_CBC, $iv);
return base64_encode($enc);
}
?>
PERL
====
$encryptedString = '7DjnpOXG+FrUaOuc8x6vyrkk3atSiAf425ly5KpG7lOYgwouw2UATw==';
$iv = '12345678';
$passphrase = '8chrsLng';
$string = &decryptPhpEncrypted $encryptedString, $passphrase, $iv;
# Expect: Some Secret thing I want to encrypt
sub decryptPhpEncrypted() {
my ($encryptedString, $passphrase, $iv) = @_;
my $keysize = length($passphrase);
use Crypt::CBC;
$cipher = Crypt::CBC->new( {'key' => $encryptedString,
'cipher'=> 'Blowfish',
'iv' => $iv,
'keysize' => $keysize,
'regenerate_key' => 0,
'padding' => 'null',
'prepend_iv' => 0});
return $cipher->decrypt($encryptedString);
}
mcrypt_cbc
(PHP 4, PHP 5)
mcrypt_cbc — Chiffre/déchiffre des données en mode CBC
Description
string mcrypt_cbc
( int
$cipher
, string $key
, string $data
, int $mode
[, string $iv
] )
string mcrypt_cbc
( string
$cipher
, string $key
, string $data
, int $mode
[, string $iv
] )
La première syntaxe utilise libmcrypt 2.2.x, et la seconde
libmcrypt 2.4.x. Le paramètre mode doit être
MCRYPT_ENCRYPT ou
MCRYPT_DECRYPT.
mcrypt_cbc() ne doit plus être utilisée. Vous pouvez la remplacer par mcrypt_generic() et mdecrypt_generic().
Avertissement
Cette fonction est devenue obsolète depuis PHP 5.5.0. Son utilisation est fortement déconseillée.
add a note
User Contributed Notes
mcrypt_cbc - [5 notes]
Bubba at hines57 dot com ¶
9 months ago
dafuk at dafuk dot co dot il ¶
1 year ago
if you use blowfish and somehow when you compare strings before and after it was (usually when it's shorter than 8 or 16 bytes) you might notice the difference, it comes out that this function does not remove padding, as a result you get a bunch of nulls at the end.
use
$decrypted = rtrim($decrypted,"\0");
to fix it
Othman ¶
4 years ago
The following code is to
encrypt-->encode
decode-->decrypt
<?php
$stuff="String to enc/enc/dec/dec =,=,";
$key="XiTo74dOO09N48YeUmuvbL0E";
function nl() {
echo "<br/> \n";
}
$iv = mcrypt_create_iv (mcrypt_get_block_size (MCRYPT_TripleDES, MCRYPT_MODE_CBC), MCRYPT_DEV_RANDOM);
// Encrypting
function encrypt($string, $key) {
$enc = "";
global $iv;
$enc=mcrypt_cbc (MCRYPT_TripleDES, $key, $string, MCRYPT_ENCRYPT, $iv);
return base64_encode($enc);
}
// Decrypting
function decrypt($string, $key) {
$dec = "";
$string = trim(base64_decode($string));
global $iv;
$dec = mcrypt_cbc (MCRYPT_TripleDES, $key, $string, MCRYPT_DECRYPT, $iv);
return $dec;
}
$encrypted = encrypt($stuff, $key);
$decrypted = decrypt($encrypted, $key);
echo "Encrypted is ".$encrypted . nl();
echo "Decrypted is ".$decrypted . nl();
?>
Notes on the result
-o running the script from the command line 1 time
php script.php works correct
-o if i ran the script in a loop i.e.
#!/bin/bash
for x in `seq 100`
do
echo $x
php script.php >> LOG.text
sleep 1
done
it gets slower after the 10th time
+ inconsistent output
sometimes correct some with encrypted characters at the end of the decrypted string
-o Firefox on Linux it decrypts to the original string but appends
some encryption at the end of the decrypted sting
-o running the script on the browser from windows on Firefox,
Google Chrome, IE7 works fine for just few times
"refresh every few seconds"
if refresh fast it doesn't work correctly,
some times returns the decrypted as encrypted!
some times returns mix of encrypted & decrypted
I thought if sharing that test for those functions might be
useful for some body
Anonymous ¶
7 years ago
Here is a post similar to the one above, except this works for AES256
256 bit key and 128 bit block size... just make sure the $key variable is at least 48 characters long
---- PERL ---
my $key = '12345678901234567890123456789012345678901234567890';
my $CC = '4007000000027';
# You need Crypt::Rijndael installed for this to work
use Crypt::CBC;
my $cipher = Crypt::CBC->new( {'key' => substr($key,0,32),
'cipher'=> 'Rijndael',
'iv' => substr($key,32,16),
'regenerate_key' => 0,
'padding' => 'null',
'prepend_iv' => 0
});
my $encrypted = $cipher->encrypt($CC);
print "encrypted : ".$encrypted."\n";
print "decrypted : ".$cipher->decrypt($encrypted)."\n";
--- PHP ---
$key = '123456789012345678901234567890123456789012345678901234567890';
$CC = '4007000000027';
$encrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128,substr($key,0,32) ,$CC,MCRYPT_ENCRYPT,substr($key,32,16));
$decrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128,substr($key,0,32) ,$encrypted,MCRYPT_DECRYPT,substr($key,32,16));
echo "encrypted : ".bin2hex($encrypted);
eric at ez-llc dot com ¶
7 years ago
I was able get php and perl to play together with blowfish using cipher block chaining. The blowfish key needs to be atleast 8 chars (even though blowfish min is 8 bits, perl didn't like keys smaller than 8 chars) and max 56. The iv must be exactly 8 chars and padding needs to be null because php pads with nulls. Also, php needs libmcrypt >= 2.4.9 to be compatible with perl.
PERL
----
use Crypt::CBC;
$cipher = Crypt::CBC->new( {'key' => 'my secret key',
'cipher'=> 'Blowfish',
'iv' => '12345678',
'regenerate_key' => 0,
'padding' => 'null',
'prepend_iv' => 0
});
$cc = 'my secret text';
$encrypted = $cipher->encrypt($cc);
$decrypted = $cipher->decrypt($encrypted);
print "encrypted : ".$encrypted;
print "<br>";
print "decrypted : ".$decrypted;
PHP
---
$cc = 'my secret text';
$encrypted = mcrypt_cbc(MCRYPT_BLOWFISH,'my secret key',$cc,MCRYPT_ENCRYPT,'12345678');
$decrypted = mcrypt_cbc(MCRYPT_BLOWFISH, 'my secret key', $encrypted, MCRYPT_DECRYPT,'12345678');
echo "encrypted : ".$encrypted;
echo "<br>";
echo "decrypted : ".$decrypted;