Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: port a function from php

by Crackers2 (Parson)
on Dec 10, 2013 at 16:21 UTC ( #1066456=note: print w/replies, xml ) Need Help??


in reply to port a function from php

Are you sure it's perl that's wrong? PHP is giving some weird results. I've added a print in both perl and php:

print "^:" . strlen($password ^ substr($enc_text, 0, $iv_len)) . "\n";

(s/strlen/length/ in perl of course), and the result in PHP is 4 instead of the expected 16. Adding a few more lines:

for ($x=0; $x<$iv_len; $x++) { printf("%02x ", ord(substr($enc_text,$x +,1))); } print "\n"; for ($x=0; $x<$iv_len; $x++) { printf("%02x ", ord(substr($password,$x +,1))); } print "\n"; for ($x=0; $x<$iv_len; $x++) { printf("%02x ", ord(substr($password,$x +,1))^ord(substr($enc_text,$x,1))); } print "\n";

shows what's going on. Output of those lines on both the perl and php versions shows:

5c 79 e1 71 1c cc ba 8e b7 46 aa 99 99 bc 56 d6 74 65 73 74 00 00 00 00 00 00 00 00 00 00 00 00 28 1c 92 05 1c cc ba 8e b7 46 aa 99 99 bc 56 d6

Looks like PHP is truncating the XOR when the shortest string run out, in this case your password, "test". Quick and dirty hack to make perl return the same result is:

sub md5_decrypt { my $iv_len = 16; my $enc_text = decode_base64(shift); my $password = shift; my $n = length($enc_text); my $i = $iv_len; my $plain_text; my $iv = substr($password ^ substr($enc_text,0,length($password)), + 0, 512); my $x; while ($i < $n) { my $block = substr($enc_text, $i, 16); $plain_text .= $block ^ pack('H*', md5_hex($iv)); $iv = substr($block . $iv, 0, length($password)) ^ $password; $i += 16; } #$plain_text =~ s/\x13\x00*$//; return $plain_text; }

But somehow I doubt that's actually the right thing to do.

Replies are listed 'Best First'.
Re^2: port a function from php
by oiskuu (Hermit) on Dec 10, 2013 at 17:22 UTC
    Well... Consider this perl code for example:
    sub ncp { ($_[0] ^ $_[1]) =~ m/\0*/; $+[0]; }
    This returns the common prefix length for two given strings. Except when it fails, that is. Which happens when NUL's are present in the (longer) string. A case that has actually bitten me before. The PHP semantics would be a win sometimes.
Re^2: port a function from php
by reqnode (Novice) on Dec 10, 2013 at 19:36 UTC
    Wow, your variant worked for 'very secret string' in perl, but when i put any other hash, for example:
    md5_decrypt('2EC0KFZ1aGghEdySB+5Y9nbAfMrk9ky/89vwlA4HyTU=', '34giu34hgiu34hg'); should return '34giu34hgiu34hg'
    perl returns some binaty data... really weird! Any solution?

      Hmm I'm not getting an issue with that particular example; it's coming out f234fgerg5g for me.

      I did say it was a quick hack though :)

      To really emulate php you'd probably want to create a new function, something like:

      sub php_xor { my ($p1,$p2) = @_; my $len = length($p1) < length($p2) ? length($p1) : length($p2); return substr($p1,0,$len) ^ substr($p2,0,$len); }

      and use that where you currently have ^, giving something like:

      use MIME::Base64; use Digest::MD5 qw(md5 md5_hex md5_base64); use strict; sub php_xor { my ($p1,$p2) = @_; my $len = length($p1) < length($p2) ? length($p1) : length($p2); return substr($p1,0,$len) ^ substr($p2,0,$len); } sub md5_decrypt { my $iv_len = 16; my $enc_text = decode_base64(shift); my $password = shift; my $n = length($enc_text); my $i = $iv_len; my $plain_text; my $iv = substr(php_xor($password,substr($enc_text,0,$iv_len)), 0, + 512); my $x; while ($i < $n) { my $block = substr($enc_text, $i, 16); $plain_text .= $block ^ pack('H*', md5_hex($iv)); $iv = php_xor(substr($block . $iv, 0, 512),$password); $i += 16; } #$plain_text =~ s/\x13\x00*$//; return $plain_text; } print md5_decrypt('2EC0KFZ1aGghEdySB+5Y9nbAfMrk9ky/89vwlA4HyTU=', '34g +iu34hgiu34hg') . "\n";
        Ahh it works now!!! THANK YOU SO MUCH , YOU ARE THE BEST

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1066456]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (5)
As of 2020-10-20 09:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My favourite web site is:












    Results (209 votes). Check out past polls.

    Notices?