Search code examples
phpdelphidelphi-7

Different results when encrypting with "same" method in Delphi and PHP

I am trying to exchange encrypted messages between Delphi and PHP.

From the Delphi side I downloaded DCPcrypt v2 Beta 3 from here:

http://www.cityinthesky.co.uk/opensource/dcpcrypt/

For encrypting I use this function:

function TForm1.Encrypt3DES(psData, psKey: string): string;
var
  Cipher: TDCP_3des;
begin
  Cipher:= TDCP_3des.Create(nil);
  Cipher.InitStr(psKey,TDCP_sha256);
  result:=Cipher.EncryptString(psData);
  Cipher.Burn;
  Cipher.Free;
end;

And I am testing it like this:

ShowMessage(Encrypt3DES('test','SecretKeySecretKeySecret'));

The result that I get is Z74E0Q== and I can successfully decrypt it with another similar delphi function:

function TForm1.Decrypt3DES(psData, psKey: string): string;
var
  Cipher: TDCP_3des;
begin
  Cipher:= TDCP_3des.Create(nil);
  Cipher.InitStr(psKey, TDCP_sha256);         
  result:=Cipher.DecryptString(psData);
  Cipher.Burn;
  Cipher.Free;
end;

From PHP side I tried several function to encrypt the same string ('test') with the same key ('SecretKeySecretKeySecret') but the result is different from what I get in Delphi. Again I can successfully decrypt the messages in PHP with similar functions but I need to decrypt messages in Delphi.

This is what I do in PHP, I even tried to hash the key as I see Delphi function is using TDCP_sha256 but still results are diferent.

$key = "SecretKeySecretKeySecret";

echo base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, 'test', 'ecb')).'<BR><BR>';

echo openssl_encrypt('test', 'des-ede3', $key).'<BR><BR>';

$key = hash('sha256', $key);
echo openssl_encrypt('test', 'des-ede3', $key).'<BR><BR>';

This is the result:

Z05z5Bp4/vY=

L5qmk5nJOzs=

bm7yRdrMs5g=

What am I doing wrong? BTW I am using Delphi 7 and DCPcrypt is the only library for now that I managed to make it run.

Solution

  • I think that this will help you. TDCP_3des is blockcipher and EncryptString method uses EncryptCFB8bit method (Encrypt size bytes of data using the CFB (8 bit) method of encryption).

    Two things are important:

    • use the same initialisation vector
    • hash the key in PHP part.

    Delphi part:

    function TForm1.Encrypt3DES(psData, psKey: string): string;
var
   Cipher: TDCP_3des;
   i: integer;
begin
   Cipher := TDCP_3des.Create(nil);
   try
      Cipher.InitStr(psKey, TDCP_sha256);
      Cipher.SetIV('00000000');
      Result := Cipher.EncryptString(psData);
      Cipher.Burn;
   finally
      Cipher.Free;
   end{try};
end;

procedure TForm1.btnEncryptClick(Sender: TObject);
var
   input, key: string;
begin
   input := 'Some words in English';
   key   := 'SecretKeySecretKeySecret';
   ShowMessage(Encrypt3DES(input, key));
end;

    PHP part:

    <?
$key = "SecretKeySecretKeySecret";
$key = hash('sha256', $key, true);
$key = substr($key, 0, 24);
$iv = '00000000';

$message = 'Some words in English';
$result = mcrypt_encrypt(MCRYPT_3DES, $key, $message, MCRYPT_MODE_CFB, $iv);
$result = base64_encode($result);
echo 'Input text: '.$message.'</br>';
echo 'Encrypted text: '.$result.'</br>';
?>

    Output:

    Input:          Some words in English                           
Encrypted text: hTpdn+USolFTgv/4HnBEvo4scgmp
Input:          This will test Delphi7 and PHP encryption.
Encrypted text: gik2Iw/m2rtMA9gdKqvFqDg3kuUSb4rnAieyZ8unIvt510Rbt1jLPO+/      
Input:          I hope this will work.                          
Encrypted text: n/JxW12zORaI7TSCAF4/6cBxqC3mZg==

    Notes:

    Tested with Delphi 7, DCPcrypt v2, PHP 5.2.10, mcrypt 2.5.7.