Reputation: 21278
Added whitespaces to encrpyted password?
I have implemented functions in my login model for decrypting/encrypting a users password (which in a encrypted version gets stored in a cookie). All works fine except when I restart the browser and try to login with the password through the cookies.
The parser tells me it's the wrong password even though I can see that it's the correct one when I echo it out. Therefore I tried a "strlen" to see how many characters the password has, and it says 32 (!). The only thing I can think of is that (in this case) 28 white spaces has been added, which cannot be seen with an echo.
I would really appreciate if someone can tell me what's going on and how to fix it?
function decrypt($encrypedText) {
$key = "The secret key is";
$decryptedText = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($encrypedText), MCRYPT_MODE_ECB);
echo $decryptedText; // "abcd" <- what I put in
echo strlen($decryptedText); // 32 (?)
return $decryptedText;
}
Upvotes: 1
Views: 94
Answers (2)
Reputation: 173642
That's because 32 bytes is the block size of Rijndael 256 (i.e. 32 = 256 / 8) and the decrypted data is padded with '\0' to match that length.
To correct this you can remove those characters like so:
return rtrim($decryptedText, '\0');
Upvotes: 3
Reputation: 5283
to remove the white spaces use the php trim() function
$password=trim($_COOKIE("value"));
it will remove white spaces from beginning and end
Upvotes: 1
Related Questions
- How to fix mcrypt character length on PHP Class
- PHP mcrypt_decrypt. Same result for two differents strings
- Avoid space from generated password code
- Extra Characters Output From mcrypt_decrypt
- Why is mcrypt_encrypt() putting binary characters at the end of my string?
- mcrypt encrypt adding s bunch of '%00' to end of string
- PHP: mcrypt mangles beginning of string to garbage
- php mcrypt: why to add spaces on string input?
- Removing whitespaces from encrypted data
- Allowing spaces in passwords