Hi Galvao, the output of Zend\Crypt\Symmetric\Mcrypt::encrypt is $iv . $encrypted where $iv is the $config['crypto']['vector'] and $encrypted is the $crypt of your example code. Moreover, Zend\Crypt\Symmetric\Mcrypt execute the padding of the plaintext before the encryption, see here: https://github.com/zendframework/zf2/blob/master/library/Zend/Crypt/Symmetric/Mcrypt.php#L342 that is by default the PKCS7 padding (RFC 5652) that is basically contact the missing bytes of the last block with the different size ( https://github.com/zendframework/zf2/blob/master/library/Zend/Crypt/Symmetric/Padding/Pkcs7.php#L26 ).
So if you need to compare the Mcrypt encryption output with the Zend\Crypt\Symmetric\Mcrypt::encrypt you should consider these differences. Anyway, I strongly suggest to use Zend\Crypt\BlockCipher, instead of Zend\Crypt\Symmetric\Mcrypt, because it supports the authentication of the result, by default. The authentication part is missing with Mcrypt. From a security point of view, if you need to protect sensitive data you should always use encryption + authentication, the encryption alone is not enough (for instance, see the Padding Oracle Attack). Regards, Enrico On Mon, Feb 3, 2014 at 4:42 AM, Er Galvao Abbott <gal...@galvao.eti.br>wrote: > Greetings. > > I'm having some issues understanding Zend\Crypt. > What I'd like is the exact same result when using PHP's mcrypt > extension, what I'm receiving is exact same length strings (64 > characters using only Zend\Crypt\Symmetric\Mcrypt, 172 characters using > Zend\Crypt\BlockCipher along with Zend\Crypt\Symmetric\Mcrypt). > > When I use PHP's mcrypt with the same configuration I get the first > encryption with 28 characters and the second one with 4 characters. On > both cases (using ZF2 and using mcrypt) I run the encryption through > base64_encode to get the final result. > > Please ignore the fact that I'm using the same key for > Zend\Crypt\BlockCipher and Zend\Crypt\Symmetric\Mcrypt, since it's not > the issue (I use it only once when not using BlockCipher and yet get the > "same problematic result"). > > //Begin code: > > //Using ZF2: > > $mcrypt = new Zend\Crypt\Symmetric\Mcrypt(); > $mcrypt->setAlgorithm($config['crypto']['algorithm']); > $mcrypt->setKey($config['crypto']['key']); > $mcrypt->setMode($config['crypto']['mode']); > $mcrypt->setSalt($config['crypto']['vector']); > > $adapter = new Zend\Crypt\BlockCipher($mcrypt); > $adapter->setKey($config['crypto']['key']); > > //Using PHP's Mcrypt: > > $crypt = mcrypt_encrypt($config['crypto']['algorithm'], > $config['crypto']['key'], $data, $config['crypto']['mode'], > $config['crypto']['vector']); > > // End code > > > What am I missing? > > -- > Er Galvão Abbott > > -- > List: fw-general@lists.zend.com > Info: http://framework.zend.com/archives > Unsubscribe: fw-general-unsubscr...@lists.zend.com > > > -- Enrico Zimuel Senior PHP Engineer | enr...@zend.com Zend Framework Team | http://framework.zend.com Zend Technologies Ltd.http://www.zend.com
