1

I came across a strange problem with encryption/decryption in PHP. Look at the code below:

<?php

function encrypt($encrypt, $mc_key, $iv) 
{
    $passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mc_key, trim($encrypt), MCRYPT_MODE_ECB, $iv));
    $encode = base64_encode($passcrypt);
    return $encode;
}

function decrypt($decrypt, $mc_key, $iv)
{
    $decoded = base64_decode($decrypt);
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $mc_key, trim($decoded), MCRYPT_MODE_ECB, $iv));
    return $decrypted;
}

$key = 'SAtFIAI2g_r=supL43QkO#dTQYjS0JCt';
$iv = '#CvmQT1TlpINQgnc4q%9$k8mt170MXll';
$message = 'AAABzefYdjTYBAFLNMHfLHJZCtAkTKm';

$encrypted = encrypt($message, $key, $iv);
echo $encrypted."\n";

$decrypted = decrypt($encrypted, $key, $iv);
echo $decrypted."\n";

?>

I have $key, $iv which I use to encode $message. So second line should be my decrypted message. But it's not, see the output:

MXk9zteonXhz2zPVK7o4oUJJuXXQRlwOzTO7JbqbsA==
tq֞u�4�&�
        1P&���_pŬ�.��
_

But if you change the $message a bit it works fine. Ex. if $message is: AAABzefYdjTYBAFLNMHfLHJZCtAkTKn the output is:

fAEeJAkluHht8l6ain99YMAMHJtiUAg47XsJBECdrLA=
AAABzefYdjTYBAFLNMHfLHJZCtAkTKn

Any help in finding the solution will be appreciated.

keepkimi
  • 373
  • 3
  • 12

1 Answers1

2

I am not certain this is what's going on here, but it seems likely.

The variable $decoded holds the binary string after you have base64_decode()-ed it, and should therefore be the exact binary string as produced by your encrypt() function before you base64_encode()-ed it .Don't trim() the base64 decoded value you're calling mcrypt_decrypt() on. If there is a character that gets trimmed off, you're decrypting a different byte string than the one you originally encrypted.

function decrypt($decrypt, $mc_key, $iv)
{
    $decoded = base64_decode($decrypt);
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $mc_key, $decoded, MCRYPT_MODE_ECB, $iv));
    // Don't wrap $decoded as trim($decoded) here-----------------^^^^^^^^^^
    return $decrypted;
}

Edit

For completeness after comments, you should not trim() when encrypting either:

function encrypt($encrypt, $mc_key, $iv) 
{
    $passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mc_key, $encrypt, MCRYPT_MODE_ECB, $iv));
    // -------------------------------------------Don't trim()----^^^^^^^^^^
    $encode = base64_encode($passcrypt);
    return $encode;
}
Michael Berkowski
  • 267,341
  • 46
  • 444
  • 390
  • Thanks for your answer. Unfortunately it's not the case. I removed the trim() function from the line you pointed but the problem remains. – keepkimi Jul 19 '12 at 20:46
  • @keepkimi What if you removed `trim()` from both the encryption and decryption steps? – Palladium Jul 19 '12 at 20:47
  • You also need to remove trim from the encoding function in this line `$passcrypt = trim(...`. It's the same issue. – Marcus Adams Jul 19 '12 at 20:47
  • @MarcusAdams you're right. I shouldn't have trim encrypted string in `$passcrypt = `. Thanks all! – keepkimi Jul 19 '12 at 20:50