Enrico: Thank you very much for this, it all makes sense now.
Cheers, Er Galvão Abbott > > Hi Galvao, > > the output of Zend\Crypt\Symmetric\Mcrypt::encrypt is $iv . $encrypted > where $iv is the $config['crypto']['vector'] and $encrypted is the > $crypt of your example code. > Moreover, Zend\Crypt\Symmetric\Mcrypt execute the padding of the > plaintext before the encryption, see > here: > https://github.com/zendframework/zf2/blob/master/library/Zend/Crypt/Symmetric/Mcrypt.php#L342 > that is by default the PKCS7 padding (RFC 5652) that is basically > contact the missing bytes of the last block with the different size > (https://github.com/zendframework/zf2/blob/master/library/Zend/Crypt/Symmetric/Padding/Pkcs7.php#L26). > > So if you need to compare the Mcrypt encryption output with the > Zend\Crypt\Symmetric\Mcrypt::encrypt you should consider these > differences. > > Anyway, I strongly suggest to use Zend\Crypt\BlockCipher, instead of > Zend\Crypt\Symmetric\Mcrypt, because it supports the authentication of > the result, by default. The authentication part is missing with > Mcrypt. From a security point of view, if you need to protect > sensitive data you should always use encryption + authentication, the > encryption alone is not enough (for instance, see the Padding Oracle > Attack). > > Regards, > Enrico > > > > On Mon, Feb 3, 2014 at 4:42 AM, Er Galvao Abbott <gal...@galvao.eti.br > <mailto:gal...@galvao.eti.br>> wrote: > > Greetings. > > I'm having some issues understanding Zend\Crypt. > What I'd like is the exact same result when using PHP's mcrypt > extension, what I'm receiving is exact same length strings (64 > characters using only Zend\Crypt\Symmetric\Mcrypt, 172 characters > using > Zend\Crypt\BlockCipher along with Zend\Crypt\Symmetric\Mcrypt). > > When I use PHP's mcrypt with the same configuration I get the first > encryption with 28 characters and the second one with 4 characters. On > both cases (using ZF2 and using mcrypt) I run the encryption through > base64_encode to get the final result. > > Please ignore the fact that I'm using the same key for > Zend\Crypt\BlockCipher and Zend\Crypt\Symmetric\Mcrypt, since it's not > the issue (I use it only once when not using BlockCipher and yet > get the > "same problematic result"). > > //Begin code: > > //Using ZF2: > > $mcrypt = new Zend\Crypt\Symmetric\Mcrypt(); > $mcrypt->setAlgorithm($config['crypto']['algorithm']); > $mcrypt->setKey($config['crypto']['key']); > $mcrypt->setMode($config['crypto']['mode']); > $mcrypt->setSalt($config['crypto']['vector']); > > $adapter = new Zend\Crypt\BlockCipher($mcrypt); > $adapter->setKey($config['crypto']['key']); > > //Using PHP's Mcrypt: > > $crypt = mcrypt_encrypt($config['crypto']['algorithm'], > $config['crypto']['key'], $data, $config['crypto']['mode'], > $config['crypto']['vector']); > > // End code > > > What am I missing? > > -- > Er Galvão Abbott > > -- > List: fw-general@lists.zend.com <mailto:fw-general@lists.zend.com> > Info: http://framework.zend.com/archives > Unsubscribe: fw-general-unsubscr...@lists.zend.com > <mailto:fw-general-unsubscr...@lists.zend.com> > > > > > > -- > Enrico Zimuel > Senior PHP Engineer | enr...@zend.com <mailto:enr...@zend.com> > Zend Framework Team | http://framework.zend.com > Zend Technologies Ltd. > http://www.zend.com -- List: fw-general@lists.zend.com Info: http://framework.zend.com/archives Unsubscribe: fw-general-unsubscr...@lists.zend.com
