Search code examples
phpcryptographyaesphpseclibbotan

Incompatible AES implementation between Botan and phpseclib

I'm using Botan library for AES encryption/decryption in C++. I cannot use the output of Botan in phpseclib with accurate results. I would appreciate if someone points me a working code for interoperability between Botan and phpseclib or any other PHP encryption library. Thanks!

Example of encryption with Botan in C++

// Key
std::auto_ptr<Botan::HashFunction> tHash ( Botan::get_hash("SHA-256")  );
std::string mykey = "test";
Botan::SecureVector<Botan::byte> tSecVector(32);
tSecVector.set(tHash->process(mykey)); //the hash is actually the key - same size
Botan::SymmetricKey key(tSecVector); 
// IV
Botan::InitializationVector iv(mRng, 16);

// Encryption & Encode
Botan::Pipe pipe(Botan::get_cipher("AES-256/CBC", key, iv, Botan::ENCRYPTION) );
pipe.process_msg(pStdStringTextToEncrypt);
Botan::Pipe pipeb64enc(new Botan::Base64_Encoder );
pipeb64enc.process_msg(pipe.read_all(0));
std::string StrBase64Encoded = pipeb64enc.read_all_as_string(0);

// Return
pReturnEncryptedText = iv.as_string() + StrBase64Encoded;

Example of decryption in php using phpseclib library:

include('Crypt/AES.php');
$aes = new Crypt_AES(CRYPT_AES_MODE_CBC); //mcrypt is used
//Decrypt request from application. [IV 32 CHARS IN HEX] [BASE64 ENCRYPTED TEXT]
$aes->setKeyLength(256);
$key = hash('sha256','test', true) ; // true to output raw binary output
$aes->setKey($key);
//Iv
$IV = hex2bin (substr($_POST['ENC'],0,32) );
$aes->setIV(  $IV    );
// Encrypted text in binary
$encryptedTextBin = base64_decode(substr($_POST['ENC'],32));
$decryptedRequest = $aes->decrypt( $encryptedTextBin );

echo $decryptedRequest; //no match

I also tried mcrypt in php directly with no success:

$decrypted_data="";
//128 is a hack as shown on: http://kix.in/2008/07/22/aes-256-using-php-mcrypt/
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); 
mcrypt_generic_init($td, $key, $iv);

$decrypted_data = mdecrypt_generic($td, $encryptedtext);

mcrypt_generic_deinit($td);
mcrypt_module_close($td);

EDIT:

I just tested in 128 bit for both Botan and phpseclib and I get a proper decryption in about 50% of cases. This is so weird. I tested different padding modes in Botan (CTS,PKCS7,OneAndZeros,X9.23) but again the success is only in 50% of the attempts.

Solution

  • I finally solved the issue. The encrypted text is sent in Base64 format in the POST data to a certain web server. There are chars in Base64 that are invalid URL chars, so I percent encode them before sending the encrypted text as post data. Those chars are: '+', '/' and '='. See: http://en.wikipedia.org/wiki/Base64#URL_applications