mcrypt foreach loop crashing

Fengist · 02-15-2013, 01:17 PM

I'm trying to post multiple encrypted strings to a .php file. For some reason, mcrypt is crashing after the first one. If I comment out the decryption lines, it displays all of the encrypted strings as it should. If I use either of the methods I have here to decrypt, it shows only the first one properly decrypted then stops. No error, nothing in the server logs. What am I doing wrong????

PHP Code:


			
    $key = 'TestSSDB';

    $iv = 'abcdefghijklmnop';

    $bit_check=8;

    

function decrypt($encrypted_text,$key,$iv,$bit_check)

{

    $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'','ecb','');

    mcrypt_generic_init($cipher, $key, $iv);

    $decrypted = mdecrypt_generic($cipher,base64_decode($encrypted_text));

    mcrypt_generic_deinit($cipher);

    $last_char=substr($decrypted,-1);

    for($i=0;$i<$bit_check-1; $i++)

    {

        if(chr($i)==$last_char)

        {      

        $decrypted=substr($decrypted,0,strlen($decrypted)-$i);

        break;

           }

    }

       mcrypt_module_close($cipher);

    return $decrypted;

}

    foreach ($_POST['id'] as $item)

    {

        echo decrypt($item,$key,$iv,$bit_check)."\n\r";

        echo $item."\n\r";

        //echo mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,base64_decode($item),MCRYPT_MODE_ECB,$iv)."\n";

    }

Fou-Lu · 02-15-2013, 01:40 PM

Given the behaviour described and the unnecessary for loop within the function, this would lend favour to $_POST['id'] being an array of a single string. Use var_dump($_POST['id']);, that should say array(x) where x is the number of strings you have. If you have 1, than you have a single string within the array, and that is all of the encrypted strings concatenated together. That would effectively decrypt only the first item in the string, than leave the remainder encrypted.
You need to cut the string up. If you have just 1 item within it, you can explode it on a delimiter if you have it, or if there is no delimiter you can split it on. . . 24. So use $aItems = str_split($_POST['id'][0], 24); which would give you an array of each of the items (non delimited) within $_POST['id'][0].

Actually, the 24 may be incorrect. At what point did you run base64_encode?

Fengist · 02-15-2013, 01:48 PM

Quote:

Originally Posted by Fou-Lu

Given the behaviour described and the unnecessary for loop within the function, this would lend favour to $_POST['id'] being an array of a single string.

var_dump gives array(175)
{
proceeds to list all 175 strings in the array.
}

And my encrypted strings are pretty variable in length (24, 44, 88). Good guess but I'd already checked that with print_r to verify I was getting an array.

I'm actually posting these from a Delphi program. The base64 comes after the encryption.

It decrypts the first string just dandy. The rest, it ignores.

Fou-Lu · 02-15-2013, 02:25 PM

Oh yeah right sorry I'm thinking hashing.
Okay, so each of the strings within the array is base64 encoded then correct? I'm just taking a look at the mdecrypt_generic here as well, and see that it may pad the string, so the loop now makes sense. You can get away with trim there if you provide the chars as the items to rtrim off.

Lets start easy. Perhaps the issue is not a decryption or an iteration one, rather a display one. Try this:

PHP Code:


			
    foreach ($_POST['id'] as $item)
    {
        echo htmlenties($item)."\n\r";
        echo htmlentities(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,base64_decode($item),MCRYPT_MODE_ECB,$iv))."\n";
    }

If at any point either a decrypted string or an encrypted one encounters the < followed immediately by any non-white space char, and does not find a corresponding >, than the HTML will still render it as an element anyway.

Try that out.

If that still produces no results, lets make sure you are iterating them all. A simple:

PHP Code:


			
$i = 0;
    foreach ($_POST['id'] as $item)
    {
        ++$i;
        //...
    }
printf("Iterated %d items (array has %d items)" . PHP_EOL, $i, count($_POST['id']));

Fengist · 02-15-2013, 02:41 PM

Html entities shows nothing new. Just the one encrypted and one decrypted string then stops.

If I leave out the decrypt command, it iterates through all of the 175 strings showing just the encrypted string.

Your second foreach loop goes through all 175 of them with no problem. BUT, if I modify your loop to this:

PHP Code:


			
$i = 0;

    foreach ($_POST['id'] as $item)

    {

        ++$i;

        echo mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,base64_decode($item),MCRYPT_MODE_ECB,$iv);

        printf("Iterated %d items (array has %d items)" . PHP_EOL, $i, count($_POST['id']));  

   }

It never even gets to the printf command.

Fou-Lu · 02-15-2013, 04:44 PM

Really? Now that sure is strange.
Also, did you have the mcrypt_decrypt call within the loop the first time you tried as well? If so, it sounds like it is actually iterating everything, but its bizarre that htmlentities shows no HTML rendering chars AND you don't see the printf.

Lets try iterating and dumping to a new array.

PHP Code:


			
$aDecrypted = array();
foreach ($_POST['id'] AS $item)
{
    $aDecrypted[] = mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,base64_decode($item),MCRYPT_MODE_ECB,$iv);
}
var_dump($aDecrypted);

Does that one give you the decrypted array? You can use walking as well to prevent the loop, but the purpose here is to figure out what's wrong with the loop in the first place.

Fengist · 02-15-2013, 06:49 PM

Ok, tried all this and nothing worked so I got to goofing around and even though I haven't gotten the solution yet, it's got to be in the way I'm encrypting.

Apparently my encryption is only partially correct. I built a php form to decrypt what Delphi encrypts, it only partially decrypts the string. The first 16 characters are correct, the rest is garbage. Since the first string I was passing decrypted to less than 16 characters, I'm guessing mcrypt tried to decrypt the string, got the first part right and then ran into a character that somehow jammed it up. I've tried decrypting other strings and they're only partially correct.

Sorry to make you think this hard. Apparently, this is a screwup outside of PHP. It would have been nice though if it spit some sort of error back out at me.

Thanks for you help.

Fou-Lu · 02-15-2013, 07:20 PM

Ah, that's okay. I was thinking of this as a possibility as well, but I would have expected that you'd always get the $item (which is the encrypted one), without a matching decrypted side (ie: returned null or empty string).
Working between multiple languages is such a pain :/

Fengist · 02-16-2013, 05:37 AM

By the way, for anyone else who happens to read this post and is going through the same aggravation, here's my problems and how I fixed them.

First, I was encrypting in CBC ad decrypting in ECB. For whatever reason, this did get the first 16 characters correct and led me off on a wild goose chase thinking the encryption package was bugged.

Once I corrected that, I again, had the same problem with PHP halting after displaying the first correctly decrypted string in the array. But, if I put each encrypted string into a form, PHP decrypted it properly. I echoed a urlencode($input) of the first decrypted string in the array and noticed the decrypted string was padded with null characters (%00). I did a trim($input,"\00") and the the array decrypted and displayed correctly.

Apparently null characters at the end of a PHP string causes PHP to halt rather unexpectedly.

My final PHP decrypt code looks like this:

PHP Code:


			
    foreach ($_POST['id'] AS $item)

    {

        echo trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,base64_decode($item),MCRYPT_MODE_CBC,$iv),"\00")."\n\r";    

    }

Hope this helps someone else.