Home/ Questions/Q 570
Next

StackOverflow Latest Questions

Saralyn
  • 0
  • 0
Begginer
Asked: 2025-02-27T07:08:50+00:00 In:

php – phpseclib rijndael ECB 256 bit key problem moving from PHP5 to PHP8

  • 0
  • 0
php – phpseclib rijndael ECB 256 bit key problem moving from PHP5 to PHP8

Have a legacy app that moved to Debian 11 stuck with PHP 8.2 (PHP 5.6 no longer available for use). Original application utilized the first version of phpseclib but after being moved to new php 8.2 machine, no longer works, nothing in the log, it just returns unrecognizable data upon encryption calls.

This works on the old server it was moved from (works on PHP5, but not PHP8):

$rijndael = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB);

$rijndael->setKey('akeyof32btyeslongabcdefghijklmop');
$keylen = 256;
$rijndael->setKeyLength($keylen);
$rijndael->setBlockLength($keylen);

$decrypted1 = $rijndael->decrypt($EncryptedDataOf256bytes);

Tried upgrading to phpseclib3 with PHP 8.2 – data also returned unrecognizable.

$rijndael1 = new \phpseclib3\Crypt\Rijndael('ecb');
$keylen = 256;
$rijndael->setKey('akeyof32btyeslongabcdefghijklmop');
$rijndael1->setKeyLength($keylen);
$rijndael1->setBlockLength($keylen);
$rijndael1->disablePadding();         // tried with and without padding, 

$decrypted1 = $rijndael1->decrypt($bindata)

Looking into phpseclib3 it looks to have support for rijndael ECB 256 bit keys but the earlier version phpseclib didn’t, so not even sure at this point how it worked.

Update:

As suggested below, should have provided an isolated test of this because once that was done, it was obvious it had nothing to do with phpseclib. It was PHP 8 that didn’t like assigning ascii characters greater than 128 to the key string.

Here was the test:

function hex2str($hex) 
{      
    $str="";

    for($i=0;$isetKey('akeyof32btyeslongabcdefghijklmop');
$keylen = 256;
$rijndael->setKeyLength($keylen);
$rijndael->setBlockLength($keylen);

$decrypted1 = $rijndael->decrypt($BinData);

echo "Decrypted data\n";
echo $decrypted1;

// $decrypted result 
// "ThisIsATestStringOfTheDataBeingUsedWhenItIsUnencrypted123456789012345678901233456"

This worked by itself but tested with a key that had characters outside of 0-128, it failed because in php5 you could assign them directly as a text string. Under php8 this does not work and the key string had to be constructed byte by byte. There is probably a simple trick to do this but PHP is not my area of expertise.

Share

Leave an answer

You must login to add an answer.

Need An Account,