Skip to content
Advertisement

PHP encrypt/decrypt – AES-256-ECB [closed]

I am trying to decrypt an email address using AES-256-ECB. Its been a bit of a struggle as every source is showing a different method and I get a different result. Of course, I don’t get the result I want. Please take it easy commenting on the code I tried – this function changed about a million times by now.

Desired output: https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B’option’:’Hex’,’string’:’9cc25c7879fc94d5a19eeb8e47573b8423becb608a9a4e9d3c25c20aa7e04357’%7D,%7B’option’:’Hex’,’string’:”%7D,’ECB’,’Raw’,’Hex’,’Ciphertext’)AES_Decrypt(%7B’option’:’Hex’,’string’:’9cc25c7879fc94d5a19eeb8e47573b8423becb608a9a4e9d3c25c20aa7e04357’%7D,%7B’option’:’Hex’,’string’:”%7D,’ECB’,’Hex’,’Raw’,%7B’option’:’Hex’,’string’:’undefined’%7D,”/disabled/breakpoint)&input=dGVzdHVzZXJAZ21haWwuY29t

Crap code:

function my_simple_crypt( $string, $action = 'e' ) {
    
    $secret_key = hex2bin('9cc25c7879fc94d5a19eeb8e47573b8423becb608a9a4e9d3c25c20aa7e04357');
 
    $output = false;
    $encrypt_method = "AES-256-ECB";

    //$secret_key = openssl_digest($secret_key, $encrypt_method, true);

    //$key = hash( 'sha256', $secret_key );
 
    if( $action == 'e' ) {

        $output = openssl_encrypt( $string, $encrypt_method, $secret_key, 3 );
        
        //$output = bin2hex($output);
        //$output = unpack('H*', $output);

    } else if( $action == 'd' ) {
        $output = openssl_decrypt( $string, $encrypt_method, $secret_key, 3 );
        
        //$output = base64_encode($output);
        $output = bin2hex($output);
    }
    
    return $output;
}

echo '<pre>';
print_r(my_simple_crypt( 'testuser@gmail.com', 'e' ));
echo '</pre>';

echo 'Encrypt: ' . my_simple_crypt( 'testuser@gmail.com', 'e' ) . '<br>';
echo 'Decrypt: ' . my_simple_crypt( hex2bin('8dd714df21027133cd422d0301af3cb973374ee72008c3f9bd255f6d236da65e'), 'd' );

Advertisement

Answer

As your key and ciphertext are in hex encoding you need to convert them back to binary data before you can feed them to the decryption function.

The following code gives this output:

plaintext decrypted: testuser@gmail.com
plaintext expected:  testuser@gmail.com

**Security warning: the following code uses the UNSECURE ECB mode:

<?php

$keyHex = '9cc25c7879fc94d5a19eeb8e47573b8423becb608a9a4e9d3c25c20aa7e04357';
$ciphertextHex = '8dd714df21027133cd422d0301af3cb973374ee72008c3f9bd255f6d236da65e';
$plaintextExpected = 'testuser@gmail.com';

$key = hex2bin($keyHex);
$ciphertext = hex2bin($ciphertextHex);

$plaintext = openssl_decrypt($ciphertext, 'aes-256-ecb', $key, true);
echo 'plaintext decrypted: ' . $plaintext . PHP_EOL;
echo 'plaintext expected:  ' . $plaintextExpected . PHP_EOL;
User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement