#27746 [Opn]: Decrypt routines not working as per v4.3.4

taomyn at myway dot com Sun, 04 Apr 2004 01:51:11 -0800

 ID:               27746
 User updated by:  taomyn at myway dot com
-Summary:          Decrypt routines not working as pre v4.3.4
 Reported By:      taomyn at myway dot com
 Status:           Open
 Bug Type:         mcrypt related
 Operating System: Windows Server 2003
-PHP Version:      4.3.5
+PHP Version:      4.3.6RC1
 New Comment:


FYI.



Still broken in 4.3.6RC1 (which I installed to fix the dynamic
extensions problem in previous release).


Previous Comments:
------------------------------------------------------------------------

[2004-03-29 15:30:34] taomyn at myway dot com

<?

        $password = "muppets";



        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);

        $key = mhash(MHASH_MD5,substr("dimwits", 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));

        print "EP===".$password."===\n";

        print "EK===".$key."===\n";

        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); 

        $enc_pwd = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
$password,MCRYPT_MODE_ECB, $iv);

        print "EE===".$enc_pwd."===\n";



        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);

        $key = mhash(MHASH_MD5,substr("dimwits", 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));

        print "DP===".$password."===\n";

        print "DK===".$key."===\n";

        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

        $dec_pwd = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc_pwd,
MCRYPT_MODE_ECB, $iv);

        print "DD===".trim(chop($dec_pwd))."===\n";

?>



Under v4.3.4



EP===muppets===

EK===(�^&#8962;&#9658;�A�&#9617;z�&#9474;zE|&#9472;===

EE===&#9827;�&#9574;        &#8616;�6(Z&#9571;&#9571;k&#9668;F�`===

DP===muppets===

DK===(�^&#8962;&#9658;�A�&#9617;z�&#9474;zE|&#9472;===

DD===muppets===



Under v4.3.5



EP===muppets===

EK===(�^&#8962;&#9658;�A�&#9617;z�&#9474;zE|&#9472;===

EE===&#9827;�&#9574;        &#8616;�6(Z&#9571;&#9571;k&#9668;F�`===

DP===muppets===

DK===(�^&#8962;&#9658;�A�&#9617;z�&#9474;zE|&#9472;===

DD===&#9827;�&#9574;        &#8616;�6(Z&#9571;&#9571;k&#9668;F�`===



I.E. IT DOESN'T DECRYPT - HAPPY?

------------------------------------------------------------------------

[2004-03-29 11:46:29] [EMAIL PROTECTED]

Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc.

If possible, make the script source available online and provide
an URL to it here. Try avoid embedding huge scripts into the report.

------------------------------------------------------------------------

[2004-03-29 03:30:57] taomyn at myway dot com

Description:
------------
My decrypting routines now fail to decrypt and in fact seem to return
the encrypted value.

Reproduce code:
---------------
function encrypt_pwd($password)

{

/* Return encrypted password */

        global $config;

        $password = trim($password);

        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);

        $key = mhash(MHASH_MD5,substr($config['pass_phrase'], 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));

 error_log("EP===".$password."===");

 error_log("EK===".$key."===");

        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

        $enc_pwd = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $password,
MCRYPT_MODE_ECB, $iv);

 error_log("EE===".$enc_pwd."===");

        return $enc_pwd;

}



function decrypt_pwd($password)

{

/* Return decrypted password */

        global $config;

        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);

        $key = mhash(MHASH_MD5,substr($config['pass_phrase'], 0,
mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB)));

 error_log("DP===".$password."===");

 error_log("DK===".$key."===");

        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

        $dec_pwd = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $password,
MCRYPT_MODE_ECB, $iv);

 error_log("DD===".trim(chop($dec_pwd))."===");

        return trim(chop($dec_pwd));

}





Expected result:
----------------
[29-Mar-2004 09:35:31] EP===bubbles10===



[29-Mar-2004 09:35:31] EK===-� �WqG9�\6�===



[29-Mar-2004 09:35:31] EE===u!��+�_Yi��O�t===



[29-Mar-2004 09:35:50] DP===u!��+�_Yi��O�t===



[29-Mar-2004 09:35:50] DK===-� �WqG9�\6�===



[29-Mar-2004 09:35:50] DD===bubbles10===



Actual result:
--------------
[29-Mar-2004 09:35:31] EP===bubbles10===



[29-Mar-2004 09:35:31] EK===-� �WqG9�\6�===



[29-Mar-2004 09:35:31] EE===u!��+�_Yi��O�t===



[29-Mar-2004 09:35:50] DP===u!��+�_Yi��O�t===



[29-Mar-2004 09:35:50] DK===-� �WqG9�\6�===



[29-Mar-2004 09:35:50] DD===u!��+�_Yi��O�t===




------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=27746&edit=1

#27746 [Opn]: Decrypt routines not working as per v4.3.4

Reply via email to