PHP解密AES返回字符串前面的填充？ [英] PHP Decrypting AES returns padding at front of string?

问题描述

我一直在摔角解密一个给定的字符串，由远程ColdFusion服务器生成，在PHP使用AES在CBC模式与PKCS5填充。我已经到了我可以完全解密字符串的地方，问题是在字符串的开头似乎有一些cruft。我认为填充发生在结束，但看看解密的字符串，结尾没有什么，但开始填充，所以字符串是64个字符长（原来的字符串是32个字符长。）我试图切换我的填充删除代码来查看开始而不是结束，但是这些字符不提供任何信息，我可以用来解析删除多少填充，所以我认为他们来自别的地方。这是我的代码到目前为止

 函数decrypt（$ hash）{
 $ enc_key =Oq2vh + gswPn2CRPccODtKg == ; 
 $ cipher =rijndael-128; 
 
 $ str = mcrypt_decrypt（$ cipher，base64_decode（$ enc_key），base64_decode（$ hash），MCRYPT_MODE_CBC）; 
 $ block = mcrypt_get_block_size（MCRYPT_RIJNDAEL_128，MCRYPT_MODE_CBC）; 
 $ pad = ord（$ str [（$ len = strlen（$ str）） -  1]）; 
 $ len = strlen（$ str）; 
 $ decrypted = substr（$ str，0，strlen（$ str） -  $ pad）; 
 
 if（$ decryptpted！= NULL）{
 $ params = explode（'|'，$ decryptpted）; 
} 
 
 return（object）array（
'input'=> $ hash，
'pad'=> $ pad，
' len'=> $ len，
'blocksize'=> $ block，
'aes_key'=> $ enc_key，
'cipher'=> $ cipher，
'result'=> $ params，
'decryptpted'=> $ decryptpted，
'padded'=> $ str 
）;如果我加密字符串（使用ColdFusion，'AES / CBC / PKCS5Padding'算法和base64编码）：
 test@example.com|test|1400863515
  
我得到加密的字符串：
  QRO04vmtw76Qvl0hscmYZ / SFGNv / 8d88H9kT60JA5IJdg / KMT7udrn2IZuQzkOPvLjXoc4novzTMGsk0CMxjvg == 
  
，当我通过上述PHP函数运行这个时，输出：
 ¹¾Sò' - >äe¿fÏäJwardlytest@example.com| test | 1400863515 
  
这些字符在开头是什么？为什么最后没有填充？我已经阅读了几十个在SO和其他地方的帖子（这是我得到了这么远），但这最后一块我抓了我的头。
解决方案
（从注释...）
 
 
 
 CBC模式需要 iv 。  使用不正确的IV解密会导致第一个明文块变为损坏...  。尝试在两侧使用相同的 iv  
 
I've been wrestling with decrypting a given string, generated by a remote ColdFusion server, in PHP using AES in CBC mode with PKCS5 padding. I've gotten to the point where I can decrypt the string almost perfectly, the issue is there appears to be some cruft at the beginning of the string. I thought padding happened at the end, but looking at the decrypted string, there's nothing at the end, but the beginning is padded out so the string is 64 characters long (the original string is 32 characters long.) I attempted to switch my padding removal code to look at the beginning instead of the end, but those characters don't provide any information I can use to decipher how much padding to remove, so I think they are coming from somewhere else. Here's my code so far
function decrypt($hash) {
  $enc_key = "Oq2vh+gswPn2CRPccODtKg==";
  $cipher = "rijndael-128";

  $str = mcrypt_decrypt($cipher, base64_decode($enc_key), base64_decode($hash), MCRYPT_MODE_CBC);
  $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
  $pad = ord($str[($len = strlen($str)) - 1]);
  $len = strlen($str);
  $decrypted = substr($str, 0, strlen($str) - $pad);

  if($decrypted != NULL) {
    $params = explode ('|', $decrypted);
  }

  return (object)array(
    'input' => $hash,
    'pad' => $pad,
    'len' => $len,
    'blocksize' => $block,
    'aes_key' => $enc_key,
    'cipher' => $cipher,
    'result' => $params,
    'decrypted' => $decrypted,
    'padded' => $str
  );
If I encrypt the string (using ColdFusion, '"AES/CBC/PKCS5Padding"' algorithm and base64 encoding):
"test@example.com|test|1400863515"
I get the encrypted string:
QRO04vmtw76Qvl0hscmYZ/SFGNv/8d88H9kT60JA5IJdg/KMT7udrn2IZuQzkOPvLjXoc4novzTMGsk0CMxjvg==
and when I run this through the above PHP function, I get this as output:
¹¾Sò'->äe¿fÏäJ±test@example.com|test|1400863515
What are those characters at the beginning? Why is there no padding at the end? I've read through dozens of posts on SO and elsewhere (which is how I got this far) but this last piece has me scratching my head.
解决方案
(From comments ...)

CBC mode requires an iv. "Decrypting with the incorrect IV causes the first block of plaintext to be corrupt ...". Try using the same iv on both sides

                        
这篇关于PHP解密AES返回字符串前面的填充？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！