From: johanna at neiatec dot com Operating system: OpenBSD and linuxes PHP version: 5.2.10 PHP Bug Type: mcrypt related Bug description: Problems to decrypt an encrypted string with RIJNDAEL_256 and ECB_MODE
Description: ------------ RIJNDAEL_256 with ECB_MODE does not work everytime properly, here is the example of a string that is encrypted and then cannot get decrypted to the original. Reproduce code: --------------- $string = "numero_documento_funcionario:=:31194443#&#seccional:=:Principal#&#correo_funcionario:=:cinte...@tulua.gov.co#&#fecha_solicitud:=:2009-04-30 00:00:00#&#numero_radicacion:=:000001#&#numero_camara:=:36###198"; echo "To encrypt: <br /><br />\n"; $key = "9c08eb33218aa11eb8f1423f85d5f554"; echo $string."<br /><br />\nEncrypted: <br /><br />\n"; $encrypted = cifrar($string, $key); echo $encrypted."<br /><br />\nDecrypted ??: <br /><br />\n"; echo descifrar($encrypted, $key)."<br /><br /><br /><br />\n"; function cifrar($message, $key){ $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $enc=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $message, MCRYPT_MODE_ECB, $iv); $enc = base64_encode(trim($enc)); return $enc; } function descifrar($enc, $key){ $enc = base64_decode(trim($enc)); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc, MCRYPT_MODE_ECB, $iv)); } Expected result: ---------------- I expect the decrypted string to be just the same as the original string. Actual result: -------------- The last characters are not decrypted properly. And this just happens with this very string, if you change any character, add or take away any character, it works. But it is a flaw as strings as this one are generated by my application and it fails at times. -- Edit bug report at http://bugs.php.net/?id=48730&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=48730&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=48730&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=48730&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=48730&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=48730&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=48730&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=48730&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=48730&r=needscript Try newer version: http://bugs.php.net/fix.php?id=48730&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=48730&r=support Expected behavior: http://bugs.php.net/fix.php?id=48730&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=48730&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=48730&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=48730&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=48730&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=48730&r=dst IIS Stability: http://bugs.php.net/fix.php?id=48730&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=48730&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=48730&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=48730&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=48730&r=mysqlcfg