ID: 27455 Updated by: [EMAIL PROTECTED] Reported By: robert at peakepro dot com -Status: Closed +Status: Bogus Bug Type: mcrypt related Operating System: RH Linux, Mac OS X PHP Version: 4.3.4 New Comment:
Yup, it's something mistaken by a lot of people. (I set the status back to bogus, as this is not a bug in PHP). Previous Comments: ------------------------------------------------------------------------ [2004-03-02 14:51:25] robert at peakepro dot com Thanks for the quick reply. I'll look into this and ammend my contribution to the manual as appropriate. I'm guessing if this wasn't clear to me it may not have been clear to a lot of people. ------------------------------------------------------------------------ [2004-03-02 03:31:35] [EMAIL PROTECTED] This is not a bug at all; you HAVE to use the same IV for both encrypting and decrypting otherwise the algorithm is pointed in the wrong way. The reason why it works with ECB is because that is the only mode not using an IV. See also: http://talks.php.net/show/encryption-vancouver/14 and further slides, and http://talks.php.net/show/encryption-vancouver/24 ------------------------------------------------------------------------ [2004-03-02 03:14:23] robert at peakepro dot com Description: ------------ I noticed all the examples in the online documentation do not actually close out the mcrypt module, they simply deinit. This is not an accurate simulation of a real- world use, where an encrypted string may be stored and later retreived long after the module has been closed. I encountered this potential bug when running the loop I posted on the mcrypt main page. It seems that in all modes except ecb, mcrypt fails to decrypt encrypted strings after the module has been closed. At first I thought it was just my system or my libmcrypt, but I have tried this on multiple machines with the same results. Reproduce code: --------------- http://www.peakepro.com/workbench/mcrypt Expected result: ---------------- The same results as in the source code posted in mcrypt_module_open() i.e. the original string. Actual result: -------------- Garbled output that varies with each new call. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=27455&edit=1
