0

I am trying to compute a PHP function to have the 3DES (Triple DES) in ECB Mode. But I am getting the wrong result.

My result : 615EDC0E8EAD5DDE

Expected result : 7B66D9A5010A8035

(the expected result is computed with HSM and confirmed with the website) http://tripledes.online-domain-tools.com/

Here is my PHP function, taking as parameters :

$data = "3200000025381234"

$key = "98137332E06BBA25AEE51CFD150EA8E3"

function tripleDES($data, $key) {
   $key= hex2bin($key);
   $data = hex2bin($data);
   $enc = openssl_encrypt($data, 'des-ede3', $key, OPENSSL_RAW_DATA | 
           OPENSSL_ZERO_PADDING);

   return strtoupper(bin2hex($enc));
}

What am I doing wrong ?

Community
  • 1
  • 1
Besoul
  • 35
  • 6
  • 1
    You should also provide how the expected values are calculated. See a similar question [OpenSSL des-ede3-cbc Decryption php](https://stackoverflow.com/q/54420126/1820553) – kelalaka Jul 19 '19 at 12:07
  • 1
    In PHP a 24-byte key must be used for [3DES](https://en.wikipedia.org/wiki/Triple_DES). Since your key has 16 bytes, [Keying option 2](https://en.wikipedia.org/wiki/Triple_DES) (2TDEA) is used: `K1, K2, K3 = K1`, so that for PHP the key is: `98137332E06BBA25AEE51CFD150EA8E398137332E06BBA25` which provides the expected result. A shorter key is implicitly extended to 24 bytes by padding with `0`-values, which produces a different result. – Topaco Jul 19 '19 at 13:32
  • Note that the extension (or pruning) of the key data is specific to PHP. It's considered very bad practice - keys should not be extended or pruned. The only thing worse is OpenSSL / C where you just get a pointer and hope that there is a 16/24/32 byte key there. – Maarten Bodewes Jul 20 '19 at 23:35

1 Answers1

0

Thanks to the answer of Topaco, I understood my mistake. So I used this github project: https://github.com/gilfether/phpcrypt and corrected my code this way (using my 16-bytes key):

function triple_DES($data, $key){
   $key = hex2bin($key);
   $data = hex2bin($data);
   $crypt = new PHP_Crypt($key, PHP_Crypt::CIPHER_3DES, PHP_Crypt::MODE_ECB);
   $encrypt = $crypt->encrypt($data);

   return strtoupper(bin2hex($encrypt));
}
Besoul
  • 35
  • 6