#10 crypt and decrypt produce different results after upgrading

open
nobody
Libmcrypt (2)
5
2014-07-17
2005-05-05
Alex Tearse
No

Groo...I'm in trouble now...

I've got a database of users with their sensitive data
nicely encrypted with RIJNDAEL 256 in CBC mode. I've
been using libmcrypt through PHP with this database for
nearly a year with no bother. However, after upgrading
the DLL being used to that my version is now 2.5.7
(you're gonna ask me what it was before now arentcha? I
really don't know!) all my data is scrambled. It
doesn't decrypt correctly. Furthermore even some simple
tests using examples given in the PHP mcrypt
documentation don't work. For example - this is the
example given more or less:

================================================================

/ Open the cipher /
$td = mcrypt_module_open('rijndael-256', '', 'cbc', '');

/ Create the IV and determine the keysize length, used
MCRYPT_RAND
* on Windows instead
/
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),
MCRYPT_RAND);
$ks = mcrypt_enc_get_key_size($td);

/ Create key /
$key = substr(md5('very secret key'), 0, $ks);

/ Intialize encryption /
mcrypt_generic_init($td, $key, $iv);

/ Encrypt data /
$encrypted = mcrypt_generic($td, 'secret message');

/ Terminate encryption handler /
mcrypt_generic_deinit($td);

/ Initialize encryption module for decryption /
mcrypt_generic_init($td, $key, $iv);

/ Decrypt encrypted string /
$decrypted = mdecrypt_generic($td, $encrypted);

/ Terminate decryption handle and close module /
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo <<<END



encrypted: {$encrypted}

decrypted again: {$decrypted}

END;

================================================================

and on my machine I get exactly the same values for
$encrypted as I do for $decrypted.

My mcrypt settings are as follows (from PHP info):

mcrypt support enabled
Version 2.5.7
Api No 20021217
Supported ciphers cast-128 cast-128 gost gost
rijndael-128 rijndael-128 twofish twofish arcfour
arcfour cast-256 cast-256 loki97 loki97 rijndael-192
rijndael-192 saferplus saferplus wake wake
blowfish-compat blowfish-compat des des panama panama
rijndael-256 rijndael-256 serpent serpent xtea xtea
blowfish blowfish enigma enigma rc2 rc2 tripledes tripledes
Supported modes cbc cfb ctr ecb ncfb nofb ofb stream

Directive Local Value Master Value
mcrypt.algorithms_dir no value no value
mcrypt.modes_dir no value no value

Can anyone point out the head slappingly obvious thing
I'm f**king up here, or am I destined to lose access to
all my precious data forever?

Yours in grovelling anticipation...

Alex Tearse

Discussion


Log in to post a comment.