Pages
About Me
Links
Tags
PERSONAL 520
SPIRITUAL 416
LDS 312
BOOK OF MORMON 237
SCRIPTURES 154
STUDIO-JOURNEY 129
RELIGION 112
LINUX 79
COMPUTERS 65
LIFE 60
GENERAL CONFERENCE 46
GENTOO 39
MISCELLANEOUS 37
MUSIC 37
PROGRAMMING 33
CARS 29
MICROSOFT 23
FAMILY 23
AUDIO 21
I LOVE MY JOURNAL 18
FUN 15
CHILDREN 12
CURRENT EVENTS 10
NATURE'S WAY 10
VIDEO 9
DRM 9
CONEXM 7
BABBLINGS 7
PROVO CITY CENTER TEMPLE 6
FRIENDS 6
HEROD THE FINK 5
GAMES 5
COMPUTER HARDWARE 5
DRUMS 4
HAND OF GOD 3
ADVERSITY 3
KDENLIVE 3
AUDIO HARDWARE 3
GENERAL INSANITY 3
STUDIO 3
THANKS4GIVING 2
CATS 2
MY JOURNAL 1
POETRY 1
FOREVERGREEN 1
EVERYDAY THOUGHTS 1
GOSPEL 1
PARENTING 1
YOUTH CONFERENCE 1
CHURCH NOTES 1
POLITICS 1
RSS Feed
Subscribe!Mon - Mar 01, 2010 : 04:52 pm
okay
 |
|
|
|
|
rated 3 times |
AES and PHP
After receiving a warning in my PHP implementation of AES encryption (which is called Rijndael), I did a quick google, and found one match - and it happened to be in planet larry, so... I clicked on the link to go to the blog which contained the fix, and found it wasn't there anymore... So.. I thought I'd just copy the answer and keep it alive. It was written in 2008, but apparently is still applicable today. Here's the blog post.
PHP is sometimes really dumb.
While working on a library for Weave’s OAuth implementation (so 3rd party developers don’t have to understand the nitty-gritty of OAuth and can instead use a simple library in their favorite programming language), I ran across the need to do AES-256 decryption in PHP.
The best (and fastest) method would be to use PHP’s mcrypt extension, but mcrypt lists support for ‘Rijndael’ and not ‘AES’. They’re both practically the same, except for the very small difference of the IV (initialization vector) being different sizes. In Rijndael, the IV is always the same size as that of the key, but in AES, the IV is always 16 bytes.
Weave uses AES-256, which means we have a 32 byte key, and a 16 byte IV. mcrypt implements Rijndael, so my first try:
// $key is 32 bytes long$iv = 'sixteenbyteslong';$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');mcrypt_generic_init($td, $key, $iv);
failed with:
Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 16, needed: 32 in aes.php on line 26
Here’s the workaround:
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');mcrypt_generic_init($td, $key, $iv);
That’s right - you call mcrypt_module_open with Rijndael-128 instead of 256, but still pass a 32 byte key to mcrypt_generic_init and be on your merry way.
WTF, but I’m happy that it atleast works.
There ya go!
PHP is sometimes really dumb.
While working on a library for Weave’s OAuth implementation (so 3rd party developers don’t have to understand the nitty-gritty of OAuth and can instead use a simple library in their favorite programming language), I ran across the need to do AES-256 decryption in PHP.
The best (and fastest) method would be to use PHP’s mcrypt extension, but mcrypt lists support for ‘Rijndael’ and not ‘AES’. They’re both practically the same, except for the very small difference of the IV (initialization vector) being different sizes. In Rijndael, the IV is always the same size as that of the key, but in AES, the IV is always 16 bytes.
Weave uses AES-256, which means we have a 32 byte key, and a 16 byte IV. mcrypt implements Rijndael, so my first try:
// $key is 32 bytes long$iv = 'sixteenbyteslong';$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');mcrypt_generic_init($td, $key, $iv);
failed with:
Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 16, needed: 32 in aes.php on line 26
Here’s the workaround:
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');mcrypt_generic_init($td, $key, $iv);
That’s right - you call mcrypt_module_open with Rijndael-128 instead of 256, but still pass a 32 byte key to mcrypt_generic_init and be on your merry way.
WTF, but I’m happy that it atleast works.
There ya go!
Comment by Jeff Cours on Jun. 06, 2011 @ 12:15 pm
Worked like a charm. Thanks!
Comment by blagorod on Jul. 24, 2011 @ 12:04 am
hey did you try to create IV like so:
mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
Comment by Anon on Nov. 13, 2011 @ 12:22 pm
"You would think that MCRYPT_RIJNDAEL_256 specifies 256-bit encryption, but that is wrong. The three choices specify the block-size to be used with Rijndael encryption."
From http://www.chilkatsoft.com/p/php_aes.asp
Comment by Norbert on Feb. 20, 2012 @ 04:11 pm
Thanks for saving me a couple of hours!