Beefy Boxes and Bandwidth Generously Provided by pair Networks RobOMonk
Think about Loose Coupling
 
PerlMonks  

Re^2: Perl encryption not matching PHP encryption

by johnnytc4 (Novice)
on Apr 08, 2011 at 18:19 UTC ( #898422=note: print w/ replies, xml ) Need Help??


in reply to Re: Perl encryption not matching PHP encryption
in thread Perl encryption not matching PHP encryption

It looks like Crypt::Rijndeal supports 16byte keys but there is no way to communicate that to Crypt::CBC.


Comment on Re^2: Perl encryption not matching PHP encryption
Re^3: Perl encryption not matching PHP encryption
by Anonymous Monk on Apr 09, 2011 at 02:55 UTC

    Version 2.30 of C::CBC pod shows that new() accepts keysize via -keysize-value pair. And, currently only C::Blowfish supports variable keysize via Openssl ...

    The -keysize and -blocksize arguments can be used to force the cipher's keysize and/or blocksize. This is only currently useful for the Crypt::Blowfish module, which accepts a variable length keysize. If -keysize is not specified, then Crypt::CBC will use the maximum length Blowfish key size of 56 bytes (448 bits). The Openssl library defaults to 16 byte Blowfish key sizes, so for compatibility with Openssl you may wish to set -keysize=>16. There are currently no Crypt::* modules that have variable block sizes, but an option to change the block size is provided just in case.
      It looks like the encryption is getting closer, but not exact. From my php encrypted string, they always end in %3D. My perl encrytped string is slightly longer and ends in ...%3D%0A.
      #!/usr/bin/perl use Crypt::CBC; use Crypt::Rijndael; use Digest::MD5 qw(md5_hex md5_base64); use MIME::Base64; use URI::Escape; sub encrypt{ my $data = shift; $data = &get16($data); my $key = "HELLOKEY"; my $key_size = 16; my $key_hash = md5_hex($key); $AESKEY = substr($key_hash,0,$key_size); print "AESKEY->".$AESKEY."\n"; my $iv= Crypt::CBC->random_bytes(16); my $cipher = Crypt::CBC->new( -key => $AESKEY, -cipher => 'Rijndael', -padding => 'rijndael_compat', -keysize => $keysize, -header => 'none', -iv =>$iv ); $iv = $cipher->get_initialization_vector(); my $encrypted = $cipher->encrypt($data); print "After encryption:$encrypted\n"; $encrypted = $iv.$encrypted; $encrypted = encode_base64($encrypted); print "After base 64 encoding:$encrypted\n\n"; $encrypted = uri_escape($encrypted); print "After url_encoding: $encrypted\n"; } &encrypt("test123");
      Output: After encryption:7 NNf"G After base 64 encoding:W91lGKIvb4dyJhYx96ME2t83/YROzNpOZiJHvOjI+PY= After url_encoding: W91lGKIvb4dyJhYx96ME2t83%2FYROzNpOZiJHvOjI%2BPY%3D%0A

        There is typo in -keysize value.

        And, what does get16() do? Rhetorical question that is to point out that you should provide a working code if you expect others to do experiments on your behalf.

        In any case, note that 0x3d & 0x0a are converted by chr to "=" & newline characters. That newline character is coming most likely from &MIME::Base64::encode_base64 ...

        encode_base64($str)
        encode_base64($str, $eol)
        Encode data by calling the encode_base64() function. The first argument is the string to encode. The second argument is the line-ending sequence to use. It is optional and defaults to "\n". The returned encoded string is broken into lines of no more than 76 characters each and it will end with $eol unless it is empty. Pass an empty string as second argument if you do not want the encoded string to be broken into lines.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://898422]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (8)
As of 2014-04-19 10:41 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (480 votes), past polls