PHP AES 128 ECB Ciphers and Delphi AES 128 ECB

0
votes

I'm encryption "sifrelenecek" string with Delphi using AES 128 ECB using key as "KRPTTT101103" and it gives me "FBE4A4405D6C1B54503D9B213E41AE56", i'm checking with http://aes.online-domain-tools.com/ and it's correct. I'm trying to create same encryption with php using this function ;

function sifrele($str, $key){
 $block = mcrypt_get_block_size('rijndael_128', 'ecb');
 $pad = $block - (strlen($str) % $block);
 $str .= str_repeat(chr($pad), $pad);
 return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $str, MCRYPT_MODE_ECB)); }

print sifrele("sifrelenecek","KRPTTT101103")

but php gives me the result as "+wL2yf+72thixicjw0duQA==", how can i encrypt in Delphi and Decrypt in php or the opposit ?

Searched on the web and found so many functions but not any of those functions results are the same with Delphi or http://aes.online-domain-tools.com/

Thanks in advance.

2
phpdelphiencryptioncryptography
Looks like your Delphi cipher gives you hex representation of encrypted text, while PHP cipher returns BASE64 encoded representation. - Marko Paunovic
@Marko thanks for your response, i was thinking the same way, but in that web site how did they exactly get the same result, that's what i'm trying to do, it took almost my all day and i coluldn't figure it out. - Sheshman
The problem is that you're using base64_encode() function in PHP. I don't know PHP at all, but you have to encode mcrypt_encrypt() return value to hex, not to base64. bintohex() maybe. - Marko Paunovic
You probably want bin2hex(), which will take the binary garbage that mcrypt_encrypt spits out and convert it to a less-unfriendly hex string. - Marc B
You need to think about the code and understand what you are doing. One variant is clearly encoded using hex. The other with base64. And it's right there in the code you use. You won't get anywhere by trying things at random without actually endeavouring to understand them. And you are doing crypto too. Never something to be done with a lack of understanding. - David Heffernan

2 Answers

5
votes

You are mixing two different forms of padding. This is what is causing the mismatch. It's not merely a Base64/hex difference.

Your plaintext is 12 bytes: "sifrelenecek", encoded as:

[115, 105, 102, 114, 101, 108, 101, 110, 101, 99, 101, 107]

If you pad the plaintext with ZEROES, as apparently Delphi does, and as mcrypt_encrypt is documented as doing, then you are encrypting:

[115, 105, 102, 114, 101, 108, 101, 110, 101, 99, 101, 107, 0, 0, 0, 0]

The resulting ciphertext is ++SkQF1sG1RQPZshPkGuVg== in Base64 which, when decoded to plain bytes and re-encoded in hex, becomes "FBE4A4405D6C1B54503D9B213E41AE56" -- just what the online tool returns.

But if you pad the plaintext with PKCS#7 padding, as you do in your PHP code above:

$pad = $block - (strlen($str) % $block);
$str .= str_repeat(chr($pad), $pad);

then this plaintext is padded with FOURS and you are encrypting:

[115, 105, 102, 114, 101, 108, 101, 110, 101, 99, 101, 107, 4, 4, 4, 4]

The resulting ciphertext is +wL2yf+72thixicjw0duQA== -- just what you show above in your question.

Either pad on both sides with ZEROES, or pad on both sides with PKCS#7, and your results should match.

1
votes

As we can see you try to compare one which is clearly encoded using hex. The other with base64.

in php

  • let the pading away(this is done automatically).
  • don't do a base64_encode (that you have also not done in delphi).

php manual

Description :

string mcrypt_encrypt ( string $cipher , string $key , string $data , string $mode [, string $iv ] )

Encrypts the data and returns it.

......

data

The data that will be encrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.

The returned crypttext can be larger than the size of the data that was given by data.

ECB mode ignores the IV, so it is misleading to show an example using both MCRYPT_MODE_ECB and an IV (the example in the manual shows the same thing). Also, it's important to know that ECB is useful for random data, but structured data should use a stronger mode like MCRYPT_MODE_CBC

php Code

function encrypt($input) {
    // $iv = mcrypt_create_iv(32);
    $mcr = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, "KRPTTT101103",
                          $input, MCRYPT_MODE_ECB);
    $hex2 = bin2hex($mcr); // Convert binary data into hexadecimal representation
    return strtoupper($hex2);
    // base64_encode($mcr);
    }

$encryptedhextext = encrypt("sifrelenecek");

 if ($encryptedhextext == "FBE4A4405D6C1B54503D9B213E41AE56" ) {
   echo   "Encrypted Hex text in Delphi and php are equal<br />";    
   echo $encryptedhextext." == FBE4A4405D6C1B54503D9B213E41AE56";
 }

Output

Encrypted Hex text in Delphi and php are equal
FBE4A4405D6C1B54503D9B213E41AE56 == FBE4A4405D6C1B54503D9B213E41AE56