Re: problem with encryption

2007-06-04 Thread Martin Baxter 

David Beck wrote:


I finally resolved the issue with PHP and Rev encryption and I wanted to 
share the resolution with the list. I was able to get aes-128 bit 
working - 256 is still a mystery. (I think there is a problem with Rev 
only looking at the first 16 bytes of the IV value for 256 bit, as it 
appears bytes after #16 do not affect the resulting encrypted value with 
Rev. I will log this as a bug.)



...snip...


Hope this is helpful to somebody in the future!



Thank you for posting that David. I've saved it for future reference. :-)

Martin Baxter
___
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

Re: problem with encryption

2007-06-04 Thread David Beck 


I finally resolved the issue with PHP and Rev encryption and I wanted to 
share the resolution with the list. I was able to get aes-128 bit 
working - 256 is still a mystery. (I think there is a problem with Rev 
only looking at the first 16 bytes of the IV value for 256 bit, as it 
appears bytes after #16 do not affect the resulting encrypted value with 
Rev. I will log this as a bug.)


The problem is that when the data being encrypted was not 16-byte 
aligned, meaning that the length of the data was not evenly divisible by 
16, the Rev and PHP mcrypt libraries would encrypt and dycrypt the 
values differently. I don't know if this is a bug in the mcrypt library 
or in Rev or a general lack of specification but that was the problem. 
Also PHP throws in some extra null characters when decrypting even 
16-byte aligned strings at the end, so what I am doing is including the 
length of the original data so that after the decryption is done with 
PHP just that data is used as the final decrypted string.


So to put all of this is technical terms, here is the Rev script to 
encrypt the data:


On encryptData theKey, @data
 -- first generate a random 16 byte IV value
 put getRandomSalt() into theIV

 put binaryEncode( "N", the number of chars in data ) into dataSize
 
 -- pad to size 16

 repeat while the number of chars in data mod 16 is not 0
   put numToChar( 0 ) after data
 end repeat

 encrypt data using "aes-128-cbc" with key theKey and iv theIV
 if the result is not empty then
   ci_NoteAlert "Error while encrypting:" && the result
   exit to top
 end if

 put dataSize & theIV & it into data

 return data
end encryptData

and the php to decode a chunk of data returned by the above script looks 
like:


function decryptData( $theKey, &$data )
{
   $dataLen = substr( $data, 0, 4 );
   $dataLenArr = unpack( "N*", $dataLen );
   $dataLen = $dataLenArr[1];
  
   $data = substr( $data, 4 );
  
   $iv = substr( $data, 0, 16 );

   $data = substr( $data, 16 );

   $td = mcrypt_module_open( MCRYPT_RIJNDAEL_128, '', 'cbc', '' );
   mcrypt_generic_init( $td, $theKey, $iv );
   $data = mdecrypt_generic( $td, $data );
   mcrypt_generic_deinit($td);
   mcrypt_module_close($td);

   $data = substr( $data, 0, $dataLen );
}

Hope this is helpful to somebody in the future!

David





___
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

Re: problem with encryption

2007-06-01 Thread David Beck 


Theirry -

Sorry about the confusion. The IV value was different (I've tried this 
many times with many IVs and must have slipped up) but even when the 
correction is made the two strings produced are still different. I can't 
produce the same string with any of the ciphers that both Rev and PHP 
support and I've tried them all (aes, blowfish, cast, rc2). Could there 
be something that Rev or PHP (the mcrypt library) is doing to the data 
or key / iv (for example padding) that the other is not?


Has anybody been able to get Rev and php encryption working together?

Thanks,

David


Hmm, possibly a typo,
but are you aware your IV value is a bit different ( 89 missing in  
the middle ) ?


HTH
Thierry



___
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

Re: problem with encryption

2007-06-01 Thread Thierry 


Le 1 juin 07 à 15:18, David Beck a écrit :



Despite all my efforts I can not ecnrypt a string the same way with  
Rev and php. The following rev code;


encrypt "hello" using "aes-128-cbc" with key "0123456789abcdef" and  
iv "01234567012345"


Hmm, possibly a typo,
but are you aware your IV value is a bit different ( 89 missing in  
the middle ) ?


HTH
Thierry


mcrypt_generic_init( $td, '0123456789abcdef', '0123456789012345' );
$data = mcrypt_generic( $td, 'hello' );
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo( $data );

should be exactly equivilent, but produces:

Ý~Õ xëCàñTš6

Does anybody know why these two are producing two different strings  
or has anybody been able to get rev and php successfully "talking  
the same encryption language"? I can not get encryption /  
decryption to work between platforms.


I have tried many different ciphers all with a

___
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

problem with encryption

2007-06-01 Thread David Beck 


Despite all my efforts I can not ecnrypt a string the same way with Rev 
and php. The following rev code;


encrypt "hello" using "aes-128-cbc" with key "0123456789abcdef" and iv 
"01234567012345"

put it

produces:

åU[·á$,^Ám¡u

The php code:

$td = mcrypt_module_open( MCRYPT_RIJNDAEL_128, '', 'cbc', '' );
mcrypt_generic_init( $td, '0123456789abcdef', '0123456789012345' );
$data = mcrypt_generic( $td, 'hello' );
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo( $data );

should be exactly equivilent, but produces:

Ý~Õ xëCàñTš6

Does anybody know why these two are producing two different strings or 
has anybody been able to get rev and php successfully "talking the same 
encryption language"? I can not get encryption / decryption to work 
between platforms.


I have tried many different ciphers all with a similar result.

Thanks very much for any help,

David
___
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution