TechQA.

Porting python aes ecb to php openssl

69 views Asked by At

I have python code

from Crypto.Cipher import AES


def pad(data):
    block_size = 16
    bytes_to_add = block_size - ((len(data) % block_size) or block_size)
    return data + (b'\0' * bytes_to_add)


cipher = AES.new(b"4452038393672345", AES.MODE_ECB)
body = pad("asa masa".encode('utf-8'))
content = base64.b64encode(cipher.encrypt(body)).decode('ascii')

I see result "sEP5RCWmdQdPYo/eeWVIwg=="

I want to port python code to php using openssl

function pad($data) {
  $block_size = 16;
  $bytes_to_add = $block_size - ((strlen($data) % $block_size) ?: $block_size);
  return $data . str_repeat("\0", $bytes_to_add);
}


$cipher = "AES-128-ECB";
$options = OPENSSL_RAW_DATA;
$plainText = pad("asa masa");
$key = '4452038393672345';
$encryptedText = openssl_encrypt($plainText, $cipher, $key, $options);
$encodedText = base64_encode($encryptedText);

I see result from openssl "c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0="

Another code in php

$rawData = openssl_encrypt(pad("asa masa"), 'AES-128-ECB', '4452038393672345');

return "sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk="

If anyone is interested, do it this way and everything is fine

If anyone is interested, do it this way and everything is fine
$encrypted = openssl_encrypt(pad("asa masa"), 'AES-128-ECB', '4452038393672345',OPENSSL_RAW_DATA | OPENSSL_DONT_ZERO_PAD_KEY | OPENSSL_ZERO_PADDING);
$encrypted=base64_encode($encrypted);

Result is "sEP5RCWmdQdPYo/eeWVIwg=="

Thanks

python php openssl aes ecb
Original Q&A
1

There are 1 answers

0
Unlucky On

if we refer to https://www.php.net/manual/en/function.openssl-encrypt.php

options is a bitwise disjunction of the flags OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING.

OPENSSL_RAW_DATA = 1 (binary: 01) OPENSSL_ZERO_PADDING = 2 (binary: 10)

so:

base64_encode(openssl_encrypt($plainText, $cipher, $key, 0)); // 00 = no flags
c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0=

base64_encode(openssl_encrypt($plainText, $cipher, $key, 1)); // 01 = OPENSSL_RAW_DATA
sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk=

base64_encode(openssl_encrypt($plainText, $cipher, $key, 2)); // 10 = OPENSSL_ZERO_PADDING
c0VQNVJDV21kUWRQWW8vZWVXVkl3Zz09

base64_encode(openssl_encrypt($plainText, $cipher, $key, 3)); // 11 = OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
sEP5RCWmdQdPYo/eeWVIwg==

and the pattern repeats since we're only looking for last 2 bits

base64_encode(openssl_encrypt($plainText, $cipher, $key, 4)); // (1)00
c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0=

base64_encode(openssl_encrypt($plainText, $cipher, $key, 5)); // (1)01
sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk=

base64_encode(openssl_encrypt($plainText, $cipher, $key, 6)); // (1)10
c0VQNVJDV21kUWRQWW8vZWVXVkl3Zz09

base64_encode(openssl_encrypt($plainText, $cipher, $key, 7)); // (1)11
sEP5RCWmdQdPYo/eeWVIwg==

OPENSSL_RAW_DATA | OPENSSL_DONT_ZERO_PAD_KEY | OPENSSL_ZERO_PADDING = 1 | 4 | 2 = 7 so we get openssl_encrypt($plainText, $cipher, $key, 7)

by default openssl_encrypt uses PKCS#7 padding which causes "double padding" (your zero pad + PKCS) that's why in you should use OPENSSL_ZERO_PADDING in your case (it's recommended to use default openssl_encrypt padding)

if you visit https://www.base64decode.org/ you can see that c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0= is base64 encoded sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk= and sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk= is just sEP5RCWmdQdPYo/eeWVIwg== with some additional stuff caused by double padding

Related Questions in PYTHON

Related Questions in PHP

Related Questions in OPENSSL

Related Questions in AES

Related Questions in ECB

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions