TripleDES ECB Encryption in Perl that's compatible with PHP mcrypt's implementation

1.8k views Asked by At

I'm trying to create a package in perl that is equivalent to our pre-existing class in php for handling data encryption.

The encryption type seems to be TripleDES in ECB mode however I cannot replicated the resulting cypher text using Crypt::CBC or Crypt::TripleDES.

I think the issue is to do with either padding or the key format (binary vs hex etc) yet searching though the documentation isn't helping me find an answer.

The current PHP class is as follows (trimmed down but with the same core functionality):

<?php
class Encryption {
    private $encryption_key;
    private $encryption_td;
    private $encryption_iv;

    private function __construct() {
        $this->encryption_key = 'abc123';
        $this->encryption_td = mcrypt_module_open( 'tripledes', '', 'ecb', '' );
        $this->encryption_iv = mcrypt_create_iv ( mcrypt_enc_get_iv_size( $this->encryption_td ), MCRYPT_RAND );

        mcrypt_generic_init( $this->encryption_td, $this->encryption_key, $this->encryption_iv );
    }

    public function __destruct() {
        mcrypt_generic_deinit( $this->encryption_td );
        mcrypt_module_close( $this->encryption_td );
    }   

    public static function instance($key = null, $iv = null, $algorithm = null, $mode = null) {
        static $instance;

        if (! $instance) {
            $instance = new Encryption( $key, $iv, $algorithm, $mode );
        }

        return $instance;
    }

    public function encrypt( $password ) {
        return base64_encode( mcrypt_generic( $this->encryption_td, $password ) );
    }

    public function decrypt( $password ) {
        return trim(mdecrypt_generic( $this->encryption_td, base64_decode( $password ) ) );
    }
}

function decrypt_password( $password ) {
    return Encryption::instance()->decrypt( $password );
}

function encrypt_password( $password ) {
    return Encryption::instance()->encrypt( $password );
}

print encrypt_password( 'wibblewobble123' ) . "\n";
print decrypt_password( encrypt_password( 'wibblewobble123' ) ) . "\n";
?>

My current perl package is as follows:

package Encryption;
use warnings;
use strict;
use MIME::Base64;
use Crypt::TripleDES;

sub new {
    my $class = shift;
    my $self = {};
    $self->{'encryption_key'} = 'abc123';
    $self->{'td'} = Crypt::TripleDES->new();
    bless( $self, $class );
    return $self;
}

sub decrypt {
    my( $self, $encrypted_password ) = @_;
    $encrypted_password = decode_base64( $encrypted_password );
    my $password = $self->{'td'}->decrypt3( $encrypted_password, $self->{'encryption_key'} );
    chomp( $password );
    return $password;
}

sub encrypt {
    my( $self, $password ) = @_;
    my $encrypted_password = $self->{'td'}->encrypt3( $password, $self->{'encryption_key'} );
    $encrypted_password = encode_base64( $encrypted_password );
    chomp( $encrypted_password );
    undef( $password );
    return $encrypted_password;
}

1;

And the test code:

use warnings;
use strict;

use Encryption;

sub decrypt {
    my $password = shift;
    my $eh = Encryption->new();
    return $eh->decrypt( $password );
}

sub encrypt {
    my $password = shift;
    my $eh = Encryption->new();
    return $eh->encrypt( $password );
}

print encrypt( 'wibblewobble123' ) . "\n";
print decrypt( encrypt( 'wibblewobble123' ) ) . "\n";

The output from each is as follows:

php:

xuRt3xxjPO1GUz+DccTVKw==
wibblewobble123

perl:

mmWuKkpvveHvnUsQ2NC6DA==
wibblewobble123

The expected result is perl's encryption subroutine returns the same output as php's encryption function with decrypt doing the same but in reverse.

If Crypt::TripleDES is the wrong way to be attacking this problem then I'm happy to use something else - This code is going to get re-written into something neater anyway.

As a side note this will need to work with multiple key lengths, so if it is a padding issue please explain how to calculate the correct padding based upon key length.

0

There are 0 answers