How to decrypt a Jasypt-encrypted string in PHP?

Question

This may be an impossible question, but I am migrating a legacy system from Java over to PHP, and I need to be able to decrypt strings encrypted with Jasypt in PHP.

According to the documentation, Jasypt uses the following algorithm:

Append a random salt (I think that is the same as an initialization vector for the cipher) to the data to be encrypted
Encrypt repeatedly 1000 times
Prepend the unencrypted salt/IV to the encrypted string
Base64 encode the entire string

The legacy application uses the PBEWithMD5AndDES Jasypt algorithm. I am fully aware that MD5 isn't designed to be decrypted, and that's not what I'm trying to do.

I simply want to DES-decrypt the string so that all I'm left with is the MD5 hash. I can't seem to get anything but binary garbage out of PHP. What am I missing?

<?php

#jasypt.algorithm=PBEWithMD5AndDES
$secret = 'secret-password';
$encrypted = 'xh/roK2diJPDfZGlT9DlwuG2TsS7t7F+';

$cipher = MCRYPT_DES;

$modes = array(
  'ecb' => MCRYPT_MODE_ECB, 
  'cbc' => MCRYPT_MODE_CBC, 
  'cfb' => MCRYPT_MODE_CFB,
  'ofb' => MCRYPT_MODE_OFB, 
  'nofb' => MCRYPT_MODE_NOFB,
  'stream' => MCRYPT_MODE_STREAM,
);

foreach($modes as $mode => $mc) {

  $iv_len = 0; //mcrypt_get_iv_size($cipher, $mode);

  $password = base64_decode($encrypted);
  $salt = substr($password, 0, $iv_len);
  $data = substr($password, $iv_len);

  for($i = 0; $i < 1000; $i++) {
    $data = @mcrypt_decrypt($cipher, $secret, $data, $mode, $salt);

  }

  var_dump("$mode: $i: $data");
}

Have you tried removing the @ in front of mcrypt_decrypt? Maybe it's throwing errors. — Bart S., Dec 21 '10 at 20:50

score 5 · Answer 1 · answered Dec 22 '10 at 00:30

5

You are not understanding the "PBEWithMD5AndDES" meaning.

PBEWithMD5AndDES means that the encryption password (a String) is hashed with MD5 in order to obtain an array of bytes used as encryption key input to the DES algorithm along with the text to be encrypted.

So, there is no way to unencrypt with DES in order to get a MD5 hash. That makes no sense. You simply need to decrypt that encrypted data using exactly that same algorithm, but in a PHP implementation.

And by the way, "PBEWithMD5AndDES" is not a "jasypt algorithm". It is a Java Cryptography Extension (JCE) algorithm. Jasypt does not implement any algorithms itself.

Hope this helps.

answered Dec 22 '10 at 00:30

Daniel Fernández

7,335
2
30
33

So are you saying that the md5 hash is used as the encryption key, or is it the initialization vector? It sounds like the latter, and I'd this is the case then my algorithm should have worked. Can you provide an example of how to decrypt in pseudocode? – Jonathon Hill Dec 23 '10 at 04:43
It is very simple, think it like this: An encryption algorithm (e.g. "DES") requires a key, and requires this key to be a byte[] of a specific length. But what you have is a password, and that is a String of a length which probably does not match the amount of bytes the encryption algorithm requires. On the other hand, a hash function takes a String of any length and creates a resulting hash which is a byte[] of a specific length. So, your String password is hashed into a byte[] of the required length (plus/minus some pad) which is then used as the real key to the encryption algorithm. – Daniel Fernández Jan 10 '11 at 13:51

score 1 · Answer 2 · answered Aug 09 '13 at 17:12

1

Php for Java simplified encryption here: https://github.com/kevwis/Phpsypt

answered Aug 09 '13 at 17:12

Kev Wis

36
2

You should post the relevant code here instead of a link-only answer. – Mike Aug 09 '13 at 17:28

Kevin Sandow · Answer 3 · 2021-08-16T07:45:33.190

1

You're missing generating the key.

I had to do the same thing for a customer of mine and wrote a few lines of code to help with issue: https://github.com/kevinsandow/PBEWithMD5AndDES

edited Aug 16 '21 at 07:45

answered Jan 28 '14 at 13:26

Kevin Sandow

4,003
1
20
33

If you will add a usage example solving the original problem that I asked about, I'll mark this as the accepted answer. Some documentation and examples in your GitHub repo would be helpful too. Thanks! – Jonathon Hill Jan 29 '14 at 00:31
Simply using the secret and encrypted string and omitting a salt lead to no usefull result either. So I was trying to decrypt your given data with the jasypt CLI, but that does't work either: decrypt input="xh/roK2diJPDfZGlT9DlwuG2TsS7t7F+" password="secret-password" algorithm=PBEWITHMD5ANDDES only leads to "Operation not possibe (Bad input or parameters)" - so I'm guessing there is still something missing used in the legacy implentation. – Kevin Sandow Feb 09 '14 at 15:59

How to decrypt a Jasypt-encrypted string in PHP?

3 Answers3