lockdown
Reputation: 1496
In PHP How would you validate PKCS#7 padding?
I know that in Python you would do something along the lines of this to check the validation of the PKCS#7 padding:
pad = ord(plaintext[-1]);
/* get the last N bytes of the plaintext */
all_padding = plaintext[-pad:];
for byte in all_padding:
assert byte == pad
Is there a working example in PHP somewhere using ECB/CBC ciphertext? Or does anyone know how to implement the changes to make this PHP?
Upvotes: 1
Views: 456
Answers (1)
lockdown
Reputation: 1496
After monkeying around a bit with what I knew about python I have come to this result which seems to be working correctly for me using CBC encryption:
$result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encrypt, MCRYPT_MODE_CBC, $iv);
$padLength = ord($result[strlen($result)-1]);
$padBytes = substr($result, -1 * $padLength);
if (strlen($padBytes) != $padLength || count(array_count_values(str_split($padBytes))) != 1) {
throw new Exception('invalid padding!');
}
return $result;
Upvotes: 1
Related Questions
- How to use PHP PKCS7 encrypt decrypt in JAVA
- AES 256 with PKCS7 padding
- PHP AES encryption PKCS5Padding
- How to add/remove PKCS7 padding from an AES encrypted string?
- AES 256 encryption PHP with Padding
- php7.1 openssl encrypt with aes_128 ecb PKCS 7padding get wrong result
- Remove padding function
- PHP script for DES/CBC/ with PKCS5Padding encryption and decryption
- PHP AES encryption padding NULL
- Specifying input format type when calling openssl_pkcs7_verify in PHP