From: johanna at neiatec dot com
Operating system: OpenBSD and linuxes
PHP version: 5.2.10
PHP Bug Type: mcrypt related
Bug description: Problems to decrypt an encrypted string with RIJNDAEL_256 and
ECB_MODE
Description:
------------
RIJNDAEL_256 with ECB_MODE does not work everytime properly, here is the
example of a string that is encrypted and then cannot get decrypted to the
original.
Reproduce code:
---------------
$string =
"numero_documento_funcionario:=:31194443#&#seccional:=:Principal#&#correo_funcionario:=:cinte...@tulua.gov.co#&#fecha_solicitud:=:2009-04-30
00:00:00#&#numero_radicacion:=:000001#&#numero_camara:=:36###198";
echo "To encrypt: <br /><br />\n";
$key = "9c08eb33218aa11eb8f1423f85d5f554";
echo $string."<br /><br />\nEncrypted: <br /><br />\n";
$encrypted = cifrar($string, $key);
echo $encrypted."<br /><br />\nDecrypted ??: <br /><br />\n";
echo descifrar($encrypted, $key)."<br /><br /><br /><br />\n";
function cifrar($message, $key){
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,
MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$enc=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $message,
MCRYPT_MODE_ECB, $iv);
$enc = base64_encode(trim($enc));
return $enc;
}
function descifrar($enc, $key){
$enc = base64_decode(trim($enc));
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,
MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc,
MCRYPT_MODE_ECB, $iv));
}
Expected result:
----------------
I expect the decrypted string to be just the same as the original string.
Actual result:
--------------
The last characters are not decrypted properly. And this just happens with
this very string, if you change any character, add or take away any
character, it works. But it is a flaw as strings as this one are generated
by my application and it fails at times.
--
Edit bug report at http://bugs.php.net/?id=48730&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=48730&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=48730&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=48730&r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=48730&r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=48730&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=48730&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=48730&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=48730&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=48730&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=48730&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=48730&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=48730&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=48730&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=48730&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=48730&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=48730&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=48730&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=48730&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=48730&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=48730&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=48730&r=mysqlcfg
