0

I have a string encrypted in AES 128 + Zero Padding + IV and CBC mode.

  • About zero padding, if the length is not 128bit, the encryption will fill the remaining part 0x00 and reach 128 bit.
  • An IV value can be specified successfully only if both IV value and IV value confirm are set to the same value
  • The default value is all 0x00
  • So The Password exampl= ** bit + ** zeros

I've tried too many things to decrypt this, like

function decrypt($data, $key)
{
    $encryption_key = base64_decode($key);
    list($encrypted_data, $iv) = array_pad(explode('::', base64_decode($data), 2), 2, null);
    return openssl_decrypt($encrypted_data, 'aes-128-cbc', $encryption_key, 0, $iv);
}

I tried too many other things, nothing works, what am I doing wrong? I am using "exampl", as the key.

Lynob
  • 5,059
  • 15
  • 64
  • 114
  • 1
    Without example ciphertext and key we can't exactly test any of this, but based on the first line of your question I would wager that [that zero in the `openssl_decrypt()` call should be something else](https://www.php.net/manual/en/function.openssl-decrypt). – Sammitch Feb 08 '21 at 20:47
  • @Sammitch customers bought a system that encrypts a string and they want me to decrypt it, I doubt if I ask them for a ciphertext, they'd be able to provide it. – Lynob Feb 08 '21 at 20:56
  • The only key I have is the one used in production, can't share that. – Lynob Feb 08 '21 at 21:02
  • On what system runs the **encryption** and can you share the encryption code? When I'm counting right your examplePassword is of length of 14 characters - OpenSSL will fill it up to 16 chars but why do you know that it's AES 128 and not AES-256? Without a lot more on information we can't help you, sorry. – Michael Fehr Feb 08 '21 at 21:14
  • @MichaelFehr, I don't know on what system, I don't have access and it's a closed source software. I fixed "examplepasword", it's actually "exampl". I was told that it's a aes-128-cbc by the IT team. – Lynob Feb 08 '21 at 21:29
  • is key and data are stored as base64 ? why you are decoding them? and why you set the iv with null? i think it should be provided with each data? – Ahmed Ibrahim Feb 08 '21 at 21:52
  • typically, iv is generated with each encryption and its going to be saved next to cipher text and you will need that to decrypt the encrypted text, otherwise you won't be able to decrypt it – Ahmed Ibrahim Feb 08 '21 at 21:56

0 Answers0