ID: 27746
Updated by: [EMAIL PROTECTED]
Reported By: taomyn at myway dot com
-Status: Open
+Status: Feedback
Bug Type: mcrypt related
Operating System: Windows Server 2003
PHP Version: 4.3.5
New Comment:
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try avoid embedding huge scripts into the report.
Previous Comments:
------------------------------------------------------------------------
[2004-03-29 03:30:57] taomyn at myway dot com
Description:
------------
My decrypting routines now fail to decrypt and in fact seem to return
the encrypted value.
Reproduce code:
---------------
function encrypt_pwd($password)
{
/* Return encrypted password */
global $config;
$password = trim($password);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$key = mhash(MHASH_MD5,substr($config['pass_phrase'], 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));
error_log("EP===".$password."===");
error_log("EK===".$key."===");
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$enc_pwd = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $password,
MCRYPT_MODE_ECB, $iv);
error_log("EE===".$enc_pwd."===");
return $enc_pwd;
}
function decrypt_pwd($password)
{
/* Return decrypted password */
global $config;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$key = mhash(MHASH_MD5,substr($config['pass_phrase'], 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));
error_log("DP===".$password."===");
error_log("DK===".$key."===");
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$dec_pwd = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $password,
MCRYPT_MODE_ECB, $iv);
error_log("DD===".trim(chop($dec_pwd))."===");
return trim(chop($dec_pwd));
}
Expected result:
----------------
[29-Mar-2004 09:35:31] EP===bubbles10===
[29-Mar-2004 09:35:31] EK===-�ñ� ã�WqG9î„\6‚===
[29-Mar-2004 09:35:31] EE===u!‚ž�+½_Y�i«¡Oât===
[29-Mar-2004 09:35:50] DP===u!‚ž�+½_Y�i«¡Oât===
[29-Mar-2004 09:35:50] DK===-�ñ� ã�WqG9î„\6‚===
[29-Mar-2004 09:35:50] DD===bubbles10===
Actual result:
--------------
[29-Mar-2004 09:35:31] EP===bubbles10===
[29-Mar-2004 09:35:31] EK===-�ñ� ã�WqG9î„\6‚===
[29-Mar-2004 09:35:31] EE===u!‚ž�+½_Y�i«¡Oât===
[29-Mar-2004 09:35:50] DP===u!‚ž�+½_Y�i«¡Oât===
[29-Mar-2004 09:35:50] DK===-�ñ� ã�WqG9î„\6‚===
[29-Mar-2004 09:35:50] DD===u!‚ž�+½_Y�i«¡Oât===
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=27746&edit=1
