#48730 [Com]: Problems to decrypt an encrypted string with RIJNDAEL_256 and ECB_MODE

Mon, 29 Jun 2009 22:15:39 -0700 

 ID:               48730
 Comment by:       johanna at neiatec dot com
 Reported By:      johanna at neiatec dot com
 Status:           Open
 Bug Type:         mcrypt related
 Operating System: OpenBSD and linuxes
 PHP Version:      5.2.10
 New Comment:

Just to make it clear, this problem is with MCRYPT_RIJNDAEL_128 and
MCRYPT_RIJNDAEL_256. The example I posted is with 128 but if changed to
256 it doesn't work either.


Previous Comments:
------------------------------------------------------------------------

[2009-06-30 05:01:50] johanna at neiatec dot com

Description:
------------
RIJNDAEL_256 with ECB_MODE does not work everytime properly, here is
the example of a string that is encrypted and then cannot get decrypted
to the original.

Reproduce code:
---------------
$string =
"numero_documento_funcionario:=:31194443#&#seccional:=:Principal#&#correo_funcionario:=:cinte...@tulua.gov.co#&#fecha_solicitud:=:2009-04-30
00:00:00#&#numero_radicacion:=:000001#&#numero_camara:=:36###198";
echo "To encrypt: <br /><br />\n";
$key = "9c08eb33218aa11eb8f1423f85d5f554";
echo $string."<br /><br />\nEncrypted: <br /><br />\n";
$encrypted = cifrar($string, $key);
echo $encrypted."<br /><br />\nDecrypted ??: <br /><br />\n";
echo descifrar($encrypted, $key)."<br /><br /><br /><br />\n";

    function cifrar($message, $key){
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,
MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $enc=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $message,
MCRYPT_MODE_ECB, $iv);
        $enc = base64_encode(trim($enc));
        return $enc;
    }
    function descifrar($enc, $key){
        $enc = base64_decode(trim($enc));
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,
MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc,
MCRYPT_MODE_ECB, $iv));
    } 
    

Expected result:
----------------
I expect the decrypted string to be just the same as the original
string.

Actual result:
--------------
The last characters are not decrypted properly. And this just happens
with this very string, if you change any character, add or take away any
character, it works. But it is a flaw as strings as this one are
generated by my application and it fails at times.


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=48730&edit=1

Reply via email to