Jump to content

Archived

This topic is now archived and is closed to further replies.

vinny_bc

How do I PHP code to AESEncrypt a string in the format MidoriCrypt (ASP) is expe

Recommended Posts

How do I PHP code to AESEncrypt a string in the format MidoriCrypt (ASP) is expecting?

I am trying to pass an encrypted string to an ASP script on another server. The ASP script expects the string to be encrypted using the AESencode function in the MidoriCryp package (documentation viewable at http://download.paipai.net/texts/midCrypt.htm#doc).

Now, I’ve tried various methods, but it appears that my implementation is not working.  My current code sits as below:

[code]function AESEncrypt($string, $key){
/*
  This is a quick hack to get an AES encrypted string.  Since PHP doesn't have
  easily-accessible AES functionality, we'll use MySQL's in-built AES function.
*/

$mode = MCRYPT_MODE_CBC; 
  $enc = MCRYPT_RIJNDAEL_128;
 
  /* Open the cipher */
  $td = mcrypt_module_open($enc, '', $mode, '');
 
  /* Create the IV and determine the keysize length, used MCRYPT_RAND
    * on Windows instead */
//  $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
  $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
  $ks = mcrypt_enc_get_key_size($td);
 
  /* Create key */
  $key = substr(md5($key), 0, $ks);

  /* Intialize encryption */
  mcrypt_generic_init($td, $key, $iv);

  /* Encrypt data */
  $encrypted = mcrypt_generic($td, $string);

//  echo "encrypted is $encrypted - "; var_dump($encrypted); echo "<BR>";
  $encrypted = base64_encode(bin2hex($encrypted));
//  echo "encrypted is $encrypted - "; var_dump($encrypted); echo "<BR>"; exit;
  return $encrypted;

}[/code]


So there are a few areas where the above code could be wrong. My suspicons are that:
- the actual encryption parameters are incorrect AND/OR
- encryption is fine, but there is an issue when converting it to a base64 string

Example output of the above code:
[code]Key: 1234567812345678
String: 5583 8820 0001 1382
Output: NDJmMjhkYjk2ZjI4ZmMwZDE0OWE3OTI1NGY4ZDY3Yjk=[/code]



MidoriCryp’s AESencode function is documented as below:

[b]2.1.5 AesEncode[/b]

BSTR AesEncode(VARIANT key, VARIANT inData)
Encrypt a string or an array of bytes using the AES algorithm and the key specified in key. Return value id a base64 string. Use AesEncode2ByteArray if you want to encrypt to a binary byte Array insead of get a base 64 output.
Parameters:
key a VARIANT containing a the key to be used to encrypt.It can be almost any variant sub type, but it is better to use a string or a byte array.If key is a String, It will be used as unicode if not is passed a ASCII/Multibyte string.NOTE: if the key lenght isn't 16, 24 or 32, the key will be padded with spaces (or zeroes if the key is passed as an Array)
inString a VARIANT containing the data to encrypt.It should be a string or a byte array. Any other type will be converted to a string before processing.Note that strings are always handled as Unicode.
Returned Value:
A BSTR (String in Visual Basic) containing a base64 string. It contains only these characters:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz0123456789+ /
and the special termination character ' = '

[b]2.1.7 AesDecode[/b]

BSTR AesDecode(VARIANT key, VARIANT inData)

Decrypt data previously encrypted using AesEncode or AesEncode2ByteArray, specified in inData, using AES algorithm and the key specified in key. Return value is the original data contained in a string.
You should use this function if original data was a string.
Parameters:
key a VARIANT containing a the key to be used to encrypt.It can be almost any variant sub type, but it is better to use a string or a byte array.If key is a String, It will be used as unicode if not is passed a ASCII/Multibyte string.NOTE: if the key lenght isn't 16, 24 or 32, the key will be padded with spaces (or zeroes if the key is passed as an Array)
inData a VARIANT containing the data to decrypt.It can be the output of Cast128Encode or Cast128Encode2ByteArray functions: a base64 string or a raw byte array.
Returned Value:
A BSTR (String in Visual Basic) containing the original data.


Here is the source code for the 2 functions:

[code]STDMETHODIMP Ccipher::AesEncode(VARIANT key, VARIANT inData, BSTR *outData)
{

AES_KEY akey;

u8* pData = NULL;
long lData = 0;
BYTE* pOutData = NULL;
char* pB64 =NULL;
long lOutDataLen = 0;
CString strOutResult;
if (IsArray(&inData))
{
SafeArray2ByteArray(&inData, NULL, &lData);
if (lData > 0)
{
pData = new BYTE[lData];
SafeArray2ByteArray(&inData, pData, &lData);
}
}
else
{
CComBSTR bstrData;
Variant2CComBSTR(&inData, bstrData);
lData = bstrData.Length() * 2;
pData = new BYTE[lData];
memcpy(pData, bstrData.m_str, lData);
}

if (lData <= 0)
{
*outData = ::SysAllocString(L"");
return E_INVALIDARG;
}

// convert any input to a valid Aes key
VariantKey2AesKey(key, &akey, true);

if (*outData) ::SysFreeString(*outData);
*outData = NULL;


lOutDataLen = CBCAesEncryptData(&akey, pData, lData, &pOutData);
if (lOutDataLen >0 && pOutData)
{
int i;
int spare = lOutDataLen % 3;
int blocks = lOutDataLen / 3;
for (i=0; i<blocks; i++)
{
pB64 = base64enc((char*)pOutData+(i*3), 3);
strOutResult += pB64;
delete [] pB64;
pB64=NULL;

}
if (spare)
{
pB64 = base64enc((char*)pOutData+(blocks*3), spare);
strOutResult += pB64;
delete [] pB64;
pB64=NULL;
}
}

if (pOutData) delete[]pOutData;

*outData = strOutResult.AllocSysString();
return S_OK;
}[/code]

[code]STDMETHODIMP Ccipher::AesDecode(VARIANT key, VARIANT inData, BSTR *outData)
{
AES_KEY akey;
u8* pData = NULL;
long lData = 0, b64Blocks = 0;
BYTE* pOutData = NULL;
BYTE* pEcnryptedData = NULL;
long lEcnryptedData = 0, lOutData = 0;
long i;
char* pB64 = NULL;
CString strOutResult;

if (*outData) ::SysFreeString(*outData);
*outData = NULL;

if (IsArray(&inData))
{
SafeArray2ByteArray(&inData, NULL, &lEcnryptedData);
if (lEcnryptedData > 0)
{
pEcnryptedData = new BYTE[lEcnryptedData];
SafeArray2ByteArray(&inData, pEcnryptedData, &lEcnryptedData);
}
}
else
{
CString strInData;
LPCSTR pInData = NULL;
Variant2CString(&inData, strInData);
lData = strInData.GetLength();
pData = new BYTE[lData];
pInData = strInData.GetBuffer(0);
memcpy(pData, pInData, lData);
strInData.ReleaseBuffer();
lEcnryptedData = (lData /4) * 3;
pEcnryptedData = new BYTE[lEcnryptedData];
b64Blocks = lData / 4;

lEcnryptedData = 0;
for (i=0; i < b64Blocks; i++)
{
int len = 4;
pB64 = base64dec((char*)pData + (i*4), &len);
memcpy(pEcnryptedData + (i*3), pB64, len);
lEcnryptedData += len;
delete [] pB64;
pB64=NULL;
}
if (pData) delete[]pData;
pData = NULL;
}

// convert any input to a valid cast128 key
VariantKey2AesKey(key,&akey, false);


lOutData = ::CBCAesDecryptData(&akey, pEcnryptedData, lEcnryptedData, &pOutData);
if(pEcnryptedData) delete[]pEcnryptedData;
pEcnryptedData=NULL;

if (lOutData > 0)
{
CComBSTR bstr(lOutData/2, (LPCOLESTR)pOutData);
*outData = bstr.Detach();
}
else
*outData = ::SysAllocString(L"");

if (pOutData) delete[] pOutData;
pOutData=NULL;
return S_OK;
}[/code]

[b]Any help would be greatly appreciated![/b]

vinny_bc

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.