PHP mcrypt_decrypt randomly failing

Question

I'm struggling with PHP's mcrypt functions. I've never used them before, and they are working fine on my testing server (WAMP PHP 5.4.3), but they fail randomly on the production server (LAMP PHP 5.2.17). When I run the decrypt function I get random (binary?) characters like so: n��/�=�C_����+`�n{'a��6�Xh��fEe41Omk7DjQ6/n6leoTg==.

Below are the encrypt and decrypt functions. These are from a nonce class that I've been using.

Things I've tried:

• Remove the IV argument from both functions
• Create an IV in the encrypt function, store in a class property and then use that property in the decrypt function
• Store IV in encrypted output as described here.

Anything else I should be trying?

private function fnEncrypt($sValue)
{
return trim(
  base64_encode(
    mcrypt_encrypt(
      MCRYPT_RIJNDAEL_256,
      hash($this->hash, $this->secret, true), $sValue,
      MCRYPT_MODE_ECB,
      mcrypt_create_iv(
        mcrypt_get_iv_size(
          MCRYPT_RIJNDAEL_256,
          MCRYPT_MODE_ECB
        ),
        MCRYPT_RAND
      )
    )
  )
);
}

private function fnDecrypt($sValue)
{
return trim(
  mcrypt_decrypt(
    MCRYPT_RIJNDAEL_256,
    hash($this->hash, $this->secret, true),
    base64_decode($sValue),
    MCRYPT_MODE_ECB,
    mcrypt_create_iv(
      mcrypt_get_iv_size(
        MCRYPT_RIJNDAEL_256,
        MCRYPT_MODE_ECB
      ),
    MCRYPT_RAND
    )
  )
);
}

Answer 1

After several hours of banging my head against the wall on this one, I realized the problem didn't have anything to do with mcrypt. I simply needed to urlencode the encrypted string before I output it in a query string.

This was causing part of the encrypted string to be lost when I tried to $_REQUEST the encrypted string later for decryption. This explains why the failure was random because it depended on what "special" characters wound up in the encrypted string.