Reputation: 15
Porting python aes ecb to php openssl
I have python code
from Crypto.Cipher import AES
def pad(data):
block_size = 16
bytes_to_add = block_size - ((len(data) % block_size) or block_size)
return data + (b'\0' * bytes_to_add)
cipher = AES.new(b"4452038393672345", AES.MODE_ECB)
body = pad("asa masa".encode('utf-8'))
content = base64.b64encode(cipher.encrypt(body)).decode('ascii')
I see result "sEP5RCWmdQdPYo/eeWVIwg=="
I want to port python code to php using openssl
function pad($data) {
$block_size = 16;
$bytes_to_add = $block_size - ((strlen($data) % $block_size) ?: $block_size);
return $data . str_repeat("\0", $bytes_to_add);
}
$cipher = "AES-128-ECB";
$options = OPENSSL_RAW_DATA;
$plainText = pad("asa masa");
$key = '4452038393672345';
$encryptedText = openssl_encrypt($plainText, $cipher, $key, $options);
$encodedText = base64_encode($encryptedText);
I see result from openssl "c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0="
Another code in php
$rawData = openssl_encrypt(pad("asa masa"), 'AES-128-ECB', '4452038393672345');
return "sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk="
If anyone is interested, do it this way and everything is fine
If anyone is interested, do it this way and everything is fine
$encrypted = openssl_encrypt(pad("asa masa"), 'AES-128-ECB', '4452038393672345',OPENSSL_RAW_DATA | OPENSSL_DONT_ZERO_PAD_KEY | OPENSSL_ZERO_PADDING);
$encrypted=base64_encode($encrypted);
Result is "sEP5RCWmdQdPYo/eeWVIwg=="
Thanks
Upvotes: 0
Views: 85
Answers (1)
Reputation: 447
if we refer to https://www.php.net/manual/en/function.openssl-encrypt.php
options is a bitwise disjunction of the flags OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING.
OPENSSL_RAW_DATA = 1 (binary: 01)
OPENSSL_ZERO_PADDING = 2 (binary: 10)
so:
base64_encode(openssl_encrypt($plainText, $cipher, $key, 0)); // 00 = no flags
c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0=
base64_encode(openssl_encrypt($plainText, $cipher, $key, 1)); // 01 = OPENSSL_RAW_DATA
sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk=
base64_encode(openssl_encrypt($plainText, $cipher, $key, 2)); // 10 = OPENSSL_ZERO_PADDING
c0VQNVJDV21kUWRQWW8vZWVXVkl3Zz09
base64_encode(openssl_encrypt($plainText, $cipher, $key, 3)); // 11 = OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
sEP5RCWmdQdPYo/eeWVIwg==
and the pattern repeats since we're only looking for last 2 bits
base64_encode(openssl_encrypt($plainText, $cipher, $key, 4)); // (1)00
c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0=
base64_encode(openssl_encrypt($plainText, $cipher, $key, 5)); // (1)01
sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk=
base64_encode(openssl_encrypt($plainText, $cipher, $key, 6)); // (1)10
c0VQNVJDV21kUWRQWW8vZWVXVkl3Zz09
base64_encode(openssl_encrypt($plainText, $cipher, $key, 7)); // (1)11
sEP5RCWmdQdPYo/eeWVIwg==
OPENSSL_RAW_DATA | OPENSSL_DONT_ZERO_PAD_KEY | OPENSSL_ZERO_PADDING = 1 | 4 | 2 = 7
so we get openssl_encrypt($plainText, $cipher, $key, 7)
by default openssl_encrypt uses PKCS#7 padding which causes "double padding" (your zero pad + PKCS) that's why in you should use OPENSSL_ZERO_PADDING in your case (it's recommended to use default openssl_encrypt padding)
if you visit https://www.base64decode.org/ you can see that
c0VQNVJDV21kUWRQWW8vZWVXVkl3dWZPTjExZ21iUG1VQUI0c0EwaktVaz0= is base64 encoded sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk=
and sEP5RCWmdQdPYo/eeWVIwufON11gmbPmUAB4sA0jKUk= is just sEP5RCWmdQdPYo/eeWVIwg== with some additional stuff caused by double padding
Upvotes: -1
Related Questions
- Convert bytes to a string in Python 3
- What does the "yield" keyword do in Python?
- Does Python have a ternary conditional operator?
- What is the difference between @staticmethod and @classmethod in Python?
- How slicing in Python works
- How do I merge two dictionaries in a single expression in Python?
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- What are metaclasses in Python?
- How do I get the current time in Python?
- How can I access environment variables in Python?