Decrypt ciphertext from php mcrypt_encrypt using SynCrypto

ebz · 2014-01-02 02:29:51

I'm using SynCrypto to decrypt data returned from PHP function and vice verse, but not successful. Can anyone help me what's the problem here? Here my script both PHP dan Delphi :

PHP Script for encrypt and decrypt

function encrypt($key,$data) { 
	$key = hash('SHA256', $key, true);
	$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);	
	$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);	
	return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_ECB, $iv )));
} 

function decrypt($key,$data) { 
	$key = hash('SHA256', $key, true);
	$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);	
	$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);	
	return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($data), MCRYPT_MODE_ECB, $iv ));
}

Delphi code:

function TForm1.Encrypt(const pasw, data: String): string;
var
  key : TSHA256Digest;
  ECB : TAESECB;
  iv  : TAESBlock;
begin
  HexToBin(Pointer(SHA256(pasw)),@key,32);
  FillChar(iv,16,0);
  ECB := TAESECB.Create(key,256,iv);
  try
    Result := Base64Encode(ECB.EncryptPKCS7(data));
  finally
    ECB.Free;
  end;
end;

function TForm1.Decrypt(const pasw, data: String): string;
var
  key : TSHA256Digest;
  ECB : TAESECB;
  iv  : TAESBlock;
  _dt : RawByteString;
begin
  _dt := Base64Decode(data);
  HexToBin(Pointer(SHA256(pasw)),@key,32);
  FillChar(iv,16,0);
  ECB := TAESECB.Create(key,256,iv);
  try
    Result := ECB.DecryptPKCS7(_dt);
  finally
    ECB.Free;
  end;  
end;

ab · 2014-01-02 09:10:37

Are you sure the PHP version uses PKCS7 padding?

I'm no PHP expert, so it's difficult to find out what is not the same.

What I know is that SHA256 + AES/ECB + PKCS7 is working as expected in production on our side, and gives the same exact result as C# or Java version of the same algorithm.

ebz · 2014-01-02 11:57:28

PHP default is to use Zeros padding, as what the manual says

The key with which the data will be encrypted. If it's smaller than the required keysize, it is padded with '\0'.
The data that will be encrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.
The returned crypttext can be larger than the size of the data that was given by data.

But I think I found the clue from the comment in the manual
http://www.php.net/manual/en/function.m … ncrypt.php
I'll try first

ab · 2014-01-02 13:35:49

ebz wrote:

PHP default is to use Zeros padding, as what the manual says

So it is something diverse than PKCS7 ...

mORMot Open Source

#1 2014-01-02 02:29:51

Decrypt ciphertext from php mcrypt_encrypt using SynCrypto

#2 2014-01-02 09:10:37

Re: Decrypt ciphertext from php mcrypt_encrypt using SynCrypto

#3 2014-01-02 11:57:28

Re: Decrypt ciphertext from php mcrypt_encrypt using SynCrypto

#4 2014-01-02 13:35:49

Re: Decrypt ciphertext from php mcrypt_encrypt using SynCrypto

Board footer