Hi
Thanks for that info, was just what I needed :)
You can also create $iv with this:

$iv = pack("a".mcrypt_enc_get_iv_size($td),$iv);

I use base64_encode() and base64_decode() to store the result and send via 
the web.
Tom


At 01:02 PM 3/05/2002, Cédric Veilleux wrote:
>Hi,
>
>         I had an hard time converting my code from mcrypt 2.2.x to 2.4.x. 
> There is a
>big lack of info about the difference between the two and I could not find
>anything to help me make the move.
>
>         My problem was not getting things to work with either version of 
> mcrypt,
>there are plenty of examples available for both versions. My problem was
>getting libmcrypt 2.4.x decrypting the data previously encrypted by 2.2.x.
>
>         Here's some general info for anyone interested. I would have been 
> very
>pleased to find this will searching the archive and I didn't, so I am doing
>it for anybody else facing the same problem.
>
>1) PHP linked with libmcrypt 2.2.x is not too picky about Initialization
>Vectors, but with 2.4.x, it will give a warning message if you don't specify
>one with some of the functions or simply wont work with others. Check my
>example code below to see what I did.
>
>2) PHP will segfault if you use a key size with the wrong lenght with 2.4.x
>and it won't with 2.2.x. Be very careful about the lenght of your key in
>2.4.x, what worked previously might not work now.
>
>
>Decryption under libmcrypt 2.2.x:
>-----
>$clear_text = mcrypt_cbc ($cipher, $key, hex2bin($crypted_text),
>MCRYPT_DECRYPT);
>-----
>
>Encryption under libmcrypt 2.2.x:
>-----
>$crypted_text = bin2hex(mcrypt_cbc ($cipher, $key, $clear_text,
>MCRYPT_ENCRYPT));
>-----
>
>
>The following code is what I had to do to get a similar (compatible) 
>behaviour
>under libmcrypt 2.4.x. Note that I create an initialization vector filled
>with "\0" characters, which is, I believe, the default behavior with
>libmcrypt 2.2.x. The PHP manual somewhere recommends to use "0" if you do not
>want to use an initialization vector. This did not work for me, as this is
>not the default 2.2.x behavior. I think the manual should be modified as it
>greatly confiused me.
>
>Encryption under libmcrypt 2.4.x:
>-----
>$td = mcrypt_module_open ($cipher, "", MCRYPT_MODE_CBC, "");
>$i = 0;
>while ($i < mcrypt_enc_get_iv_size ($td)) {
>     $iv .= "\0";
>     $i++;
>}
>mcrypt_generic_init ($td, $key, $iv);
>$crypted_text = bin2hex(mcrypt_generic($td, $plain_text));
>mcrypt_generic_end ($td);
>-----
>
>Decryption under libmcrypt 2.4.x:
>-----
>$td = mcrypt_module_open ($cipher, "", MCRYPT_MODE_CBC, "");
>$i = 0;
>while ($i < mcrypt_enc_get_iv_size ($td)) {
>     $iv .= "\0";
>     $i++;
>}
>mcrypt_generic_init ($td, $key, $iv);
>$plain_text = mdecrypt_generic($td, hex2bin($crypted_text));
>mcrypt_generic_end ($td);
>-----
>
>
>In these snippets, $crypted_text is the encrypted data in hexadecimal format.
>This allows data to be stored (in DB's for example) or displayed without
>problems. You need the following function:
>
>function hex2bin($data) {
>     $len = strlen($data);
>     return pack("H" . $len, $data);
>}
>
>
>
>Hope this can help someone..
>
>
>Thank you,
>
>Cedric
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to