PHP Encrypt/Decrypt with TripleDes, PKCS7, and ECB

php encryption pkcs#7 tripledes ecb
Brandon Green picture Brandon Green · Nov 12, 2012 · Viewed 12.7k times · Source

I've got my encryption function working properly however I cannot figure out how to get the decrypt function to give proper output.

Here is my encrypt function:

function Encrypt($data, $secret)
{    
  //Generate a key from a hash
  $key = md5(utf8_encode($secret), true);

  //Take first 8 bytes of $key and append them to the end of $key.
  $key .= substr($key, 0, 8);

  //Pad for PKCS7
  $blockSize = mcrypt_get_block_size('tripledes', 'ecb');
  $len = strlen($data);
  $pad = $blockSize - ($len % $blockSize);
  $data .= str_repeat(chr($pad), $pad);

  //Encrypt data
  $encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');

  return base64_encode($encData);

}

Here is my decrypt function:

function Decrypt($data, $secret)
{
    $text = base64_decode($data);

    $data = mcrypt_decrypt('tripledes', $secret, $text, 'ecb');

    $block = mcrypt_get_block_size('tripledes', 'ecb');
    $pad   = ord($data[($len = strlen($data)) - 1]);

    return substr($data, 0, strlen($data) - $pad);
}

Right now I am using a key of test and I'm trying to encrypt 1234567. I get the base64 output from encryption I'm looking for, but when I go to decrypt it returns nothing (a blank area).

I'm not very well versed in encryption/decryption so any help is much appreciated!!

Answer

Brandon Green picture Brandon Green · Nov 13, 2012

Thanks for anyone who took a look at my problem. I think I have solved it and here is my full solution. Hopefully it helps out someone else who is having a similar issue:

function Encrypt($data, $secret)
{    
  //Generate a key from a hash
  $key = md5(utf8_encode($secret), true);

  //Take first 8 bytes of $key and append them to the end of $key.
  $key .= substr($key, 0, 8);

  //Pad for PKCS7
  $blockSize = mcrypt_get_block_size('tripledes', 'ecb');
  $len = strlen($data);
  $pad = $blockSize - ($len % $blockSize);
  $data .= str_repeat(chr($pad), $pad);

  //Encrypt data
  $encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');

  return base64_encode($encData);

}

And here is the new decrypt function.

function Decrypt($data, $secret)
{

    //Generate a key from a hash
    $key = md5(utf8_encode($secret), true);

    //Take first 8 bytes of $key and append them to the end of $key.
    $key .= substr($key, 0, 8);

    $data = base64_decode($data);

    $data = mcrypt_decrypt('tripledes', $key, $data, 'ecb');

    $block = mcrypt_get_block_size('tripledes', 'ecb');
    $len = strlen($data);
    $pad = ord($data[$len-1]);

    return substr($data, 0, strlen($data) - $pad);
}

I had to add the same code for generating the key in the correct format before I ran the mycrypt_decrypt function.

Related questions

How to add/remove PKCS7 padding from an AES encrypted string?

I'm trying to encrypt/decrypt a string using 128 bit AES encryption (ECB). What I want to know is how I can add/remove the PKCS7 padding to it. It seems that the Mcrypt extension can take care of the encryption/…

Read More
How do you Encrypt and Decrypt a PHP String?

What I mean is: Original String + Salt or Key --> Encrypted String Encrypted String + Salt or Key --> Decrypted (Original String) Maybe something like: "hello world!" + "ABCD1234" --> Encrypt --> "2a2ffa8f13220befbe30819047e23b2…

Read More
Simplest two-way encryption using PHP

What is the simplest way of doing two way encryption in common PHP installs? I need to be able to encrypt data with a string key, and use the same key to decrypt on the other end. The security isn't …

Read More