Skip to main content
AI Assist is now on Stack Overflow. Start a chat to get instant answers from across the network. Sign up to save and share your chats.

Return to Answer

Code a little more refined
Source Link
AntDC
AntDC
  • 1.9k
  • 15
  • 24
<?php   class Foo { protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128; protected $mcrypt_mode = MCRYPT_MODE_CBC;  public function decryptdecrypt_full($key, $iv, $encrypted)  {  $dev = $this->pbkdf2("sha1", $key, $iv, 1000, 48, $iv_utftrue); $derived_key = mb_convert_encodingsubstr($iv$dev, 'UTF-8'0, 32);   //Keylength: 32 $derived_iv = substr($dev, 32, 16); // IV-length: 16 return mcrypt_decrypt($this->mcrypt_cipherMCRYPT_RIJNDAEL_128, $key$derived_key, base64_decode($encrypted), $this->mcrypt_modeMCRYPT_MODE_CBC, $iv_utf$derived_iv);  }    publicprivate function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)  {  $algorithm = strtolower($algorithm);  if(!in_array($algorithm, hash_algos(), true))  die('PBKDF2 ERROR: Invalid hash algorithm.');  if($count <= 0 || $key_length <= 0)  die('PBKDF2 ERROR: Invalid parameters.');    $hash_length = strlen(hash($algorithm, "", true));  $block_count = ceil($key_length / $hash_length);    $output = "";  for($i = 1; $i <= $block_count; $i++) {  // $i encoded as 4 bytes, big endian.  $last = $salt . pack("N", $i);  // first iteration  $last = $xorsum = hash_hmac($algorithm, $last, $password, true);  // perform the other $count - 1 iterations  for ($j = 1; $j < $count; $j++) {  $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));  }  $output .= $xorsum;  }  return substr($output, 0, $key_length);  }    }   //########################################################################################### $encrypted = "pLgIEjhNGDMfI0IynoAdbey3NKbOJzgUzYAlU14OWOpuZy7/lr7HRtFhiRKfjbZz"; $iv = "This_is_the_password_salt"; $key = "This_is_the_input_key"; $foo = new foo; $dev = $foo->pbkdf2("sha1", $key, $iv, 1000, 48, true); $derived_key = substr($dev, 0, 32); //Keylength: 32 $derived_iv = substr($dev, 32, 16); // IV-length: 16 echo "<br/>"; echo "Key: ".$derived_key."<br/>"; echo"Encrypted "IVString:  ".$derived_iv$encrypted."<br/>";   echo "Decrypted string: ".mcrypt_decrypt$foo->decrypt_full(MCRYPT_RIJNDAEL_128$key, $derived_key$iv, base64_decode($encrypted), MCRYPT_MODE_CBC, $derived_iv);."<br/>"; ?> 
Key: .g���13f^sI>M��j$\�+�od�mY#g���13f^sI>M��j$\�+�od�mY# �! IV: �2]��&y�q� WJ�� Decrypted: Co-operation is the key to success! 
<?php class Foo { protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128; protected $mcrypt_mode = MCRYPT_MODE_CBC;  public function decrypt($key, $iv, $encrypted)  {   $iv_utf = mb_convert_encoding($iv, 'UTF-8');   return mcrypt_decrypt($this->mcrypt_cipher, $key, base64_decode($encrypted), $this->mcrypt_mode, $iv_utf);  }    public function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)  {  $algorithm = strtolower($algorithm);  if(!in_array($algorithm, hash_algos(), true))  die('PBKDF2 ERROR: Invalid hash algorithm.');  if($count <= 0 || $key_length <= 0)  die('PBKDF2 ERROR: Invalid parameters.');    $hash_length = strlen(hash($algorithm, "", true));  $block_count = ceil($key_length / $hash_length);    $output = "";  for($i = 1; $i <= $block_count; $i++) {  // $i encoded as 4 bytes, big endian.  $last = $salt . pack("N", $i);  // first iteration  $last = $xorsum = hash_hmac($algorithm, $last, $password, true);  // perform the other $count - 1 iterations  for ($j = 1; $j < $count; $j++) {  $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));  }  $output .= $xorsum;  }  return substr($output, 0, $key_length);  }    }   $encrypted = "pLgIEjhNGDMfI0IynoAdbey3NKbOJzgUzYAlU14OWOpuZy7/lr7HRtFhiRKfjbZz"; $iv = "This_is_the_password_salt"; $key = "This_is_the_input_key"; $foo = new foo; $dev = $foo->pbkdf2("sha1", $key, $iv, 1000, 48, true); $derived_key = substr($dev, 0, 32); //Keylength: 32 $derived_iv = substr($dev, 32, 16); // IV-length: 16 echo "<br/>"; echo "Key: ".$derived_key."<br/>"; echo "IV:  ".$derived_iv."<br/>";   echo "Decrypted: ".mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $derived_key, base64_decode($encrypted), MCRYPT_MODE_CBC, $derived_iv); ?> 
Key: .g���13f^sI>M��j$\�+�od�mY# �! IV: �2]��&y�q� WJ�� Decrypted: Co-operation is the key to success! 
<?php   class Foo { public function decrypt_full($key, $iv, $encrypted) { $dev = $this->pbkdf2("sha1", $key, $iv, 1000, 48, true); $derived_key = substr($dev, 0, 32); //Keylength: 32 $derived_iv = substr($dev, 32, 16); // IV-length: 16 return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $derived_key, base64_decode($encrypted), MCRYPT_MODE_CBC, $derived_iv); } private function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) { $algorithm = strtolower($algorithm); if(!in_array($algorithm, hash_algos(), true)) die('PBKDF2 ERROR: Invalid hash algorithm.'); if($count <= 0 || $key_length <= 0) die('PBKDF2 ERROR: Invalid parameters.'); $hash_length = strlen(hash($algorithm, "", true)); $block_count = ceil($key_length / $hash_length); $output = ""; for($i = 1; $i <= $block_count; $i++) { // $i encoded as 4 bytes, big endian. $last = $salt . pack("N", $i); // first iteration $last = $xorsum = hash_hmac($algorithm, $last, $password, true); // perform the other $count - 1 iterations for ($j = 1; $j < $count; $j++) { $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true)); } $output .= $xorsum; } return substr($output, 0, $key_length); } } //########################################################################################### $encrypted = "pLgIEjhNGDMfI0IynoAdbey3NKbOJzgUzYAlU14OWOpuZy7/lr7HRtFhiRKfjbZz"; $iv = "This_is_the_password_salt"; $key = "This_is_the_input_key"; $foo = new foo; echo "<br/>"; echo "Encrypted String: ".$encrypted."<br/>"; echo "Decrypted string: ".$foo->decrypt_full($key, $iv, $encrypted )."<br/>"; ?> 
Key: .g���13f^sI>M��j$\�+�od�mY# �! IV: �2]��&y�q� WJ�� Decrypted: Co-operation is the key to success!
Source Link
AntDC
AntDC
  • 1.9k
  • 15
  • 24

Well - after finding a sandbox that could take hash_hmac I seem to have sussed it out spurred on by you guys and your comments......

Using this site.

and the following code in it (I just hope it behaves the same in a real situation)

<?php class Foo { protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128; protected $mcrypt_mode = MCRYPT_MODE_CBC; public function decrypt($key, $iv, $encrypted) { $iv_utf = mb_convert_encoding($iv, 'UTF-8'); return mcrypt_decrypt($this->mcrypt_cipher, $key, base64_decode($encrypted), $this->mcrypt_mode, $iv_utf); } public function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) { $algorithm = strtolower($algorithm); if(!in_array($algorithm, hash_algos(), true)) die('PBKDF2 ERROR: Invalid hash algorithm.'); if($count <= 0 || $key_length <= 0) die('PBKDF2 ERROR: Invalid parameters.'); $hash_length = strlen(hash($algorithm, "", true)); $block_count = ceil($key_length / $hash_length); $output = ""; for($i = 1; $i <= $block_count; $i++) { // $i encoded as 4 bytes, big endian. $last = $salt . pack("N", $i); // first iteration $last = $xorsum = hash_hmac($algorithm, $last, $password, true); // perform the other $count - 1 iterations for ($j = 1; $j < $count; $j++) { $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true)); } $output .= $xorsum; } return substr($output, 0, $key_length); } } $encrypted = "pLgIEjhNGDMfI0IynoAdbey3NKbOJzgUzYAlU14OWOpuZy7/lr7HRtFhiRKfjbZz"; $iv = "This_is_the_password_salt"; $key = "This_is_the_input_key"; $foo = new foo; $dev = $foo->pbkdf2("sha1", $key, $iv, 1000, 48, true); $derived_key = substr($dev, 0, 32); //Keylength: 32 $derived_iv = substr($dev, 32, 16); // IV-length: 16 echo "<br/>"; echo "Key: ".$derived_key."<br/>"; echo "IV: ".$derived_iv."<br/>"; echo "Decrypted: ".mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $derived_key, base64_decode($encrypted), MCRYPT_MODE_CBC, $derived_iv); ?>

The output is...

Key: .g���13f^sI>M��j$\�+�od�mY# �! IV: �2]��&y�q� WJ�� Decrypted: Co-operation is the key to success!

Can't wait to tell the PHP guys ;)