Remove Special character when decrypt by editing encrypt string

Question

$secretKey = "MYSECRETKEY"; 

$plaintext = 'Plain Text Will Be here';

$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);

$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);  

$ivDecode = base64_encode(mcrypt_create_iv($iv_size, MCRYPT_RAND));

$encrypted = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, 
                            substr(sha1($secretKey), 0, 32),
                             $plaintext, 
                             MCRYPT_MODE_CBC, 
                             $iv), "\0..\32");

$encrypted = $iv . $encrypted;

$ciphertext_base64 = base64_encode($encrypted);

#echo  $ciphertext_base64 . "\n"; 
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
                             substr(sha1($secretKey), 0, 32),
                             base64_decode($ciphertext_base64),
                             MCRYPT_MODE_CBC,
                             base64_decode($ivDecode)), "\0..\32");

echo $decrypted;

when I run above code I got this output.

»_w>ø9â„6ÅkžPlain Text Will Be here

I can't edit $decrypted string because I can't access it. I just can edit $encrypted only. So how can remove extra special characters(»_w>ø9â„6Åkž) from out put by editing $encrypted string. I want to send encrypted text using JSON to the different server to decrypt it.

Answer 1

It is not possible to split the iv and encrypted data prior to Base64 decoding, first Base64 decode and then split them.

1. MCRYPT_RIJNDAEL_128 which is also AES has a block size of 128-bits or 16-bytes. The iv must be that size. Instead of including base64_decode($iv) as a parameter actually create a 16-byte iv. Base64 decoding the iv will not work if it is is not Base64 encoded, it isn't in this case.

2. The key should be 128, 192 or 256 bits (16, 24 or 32 bytes), exactly the correct size for interoperability, do not rely on padding by the encryption algorithms.

3. Similarly, for the input to be encrypted and the key prepare it in a separate statement so that debugging is easier.

4. Do not trim the output, the mcrypt_decrypt is correct. Padding may add an additional block, that is required.

5. Do not Base64 decode the result of the decryption, the plaintext was not Base64 encoded. – zaph just now edit

"text like this ïÕ[pI¤;Køv" probably occurs when attempting to print data as a string, not all binary bytes have a print representation and many have special characters as their print representation in the 0x80-0xff range.

Here is the concept, not tested, I have not used php in 20 years so fix any errors:

$secretKey = "1234567890123456"; # Note the length is 16-bytes, a full key
$plaintext = 'XXXXXXXXX';
echo  $plaintext . "\n";

# --- ENCRYPTION ---
$key = substr(sha1($secretKey), 0, 32)
$iv = mcrypt_create_iv(16, MCRYPT_RAND);  
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, 
                             $key,
                             $plaintext, 
                             MCRYPT_MODE_CBC, 
                             $iv);
# prepend the IV for it to be available for decryption
$ciphertext = $iv . $ciphertext;
$ciphertext_base64 = base64_encode($ciphertext);
echo  $ciphertext_base64 . "\n";

# --- DECRYPTION ---
$key = substr(sha1($secretKey), 0, 32)
$cipher_text_iv = base64_decode($ciphertext_base64)
# split the iv and encrypted text
$iv = substr($cipher_text_iv, 0, 16)
$ciphertext = substr($cipher_text_iv, 16)

$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
                             $key,
                             $ciphertext,
                             MCRYPT_MODE_CBC,
                             $iv);
echo $decrypted;