All geek questions in one place

Coldfusion 3DES encryption makes the encrypted result different from PHP `mcrypt_encrypt`

First Coldfusion Encrypt:

<cfset message = '1447841550'> <cfset key = 'Mk9m98IfEblmPfrpsawt7BmxObt98Jev'> <cfset ciphertext = Encrypt(#message#, #key#, "desede", "base64")> <cfoutput>#ciphertext#</cfoutput>

Then PHP mcrypt:

 $message = "1447841550"; $key = 'Mk9m98IfEblmPfrpsawt7BmxObt98Jev'; $key = base64_decode($key); $bytes = array(0,0,0,0,0,0,0,0); //byte [] IV = {0, 0, 0, 0, 0, 0, 0, 0} $iv = implode(array_map("chr", $bytes)); $ciphertext = mcrypt_encrypt(MCRYPT_3DES, $key, $message, MCRYPT_MODE_CBC, $iv); echo base64_encode($ciphertext);

Problem.

On the same line, the same algorithm and the same encoding.

There is still a small part of the result that does not match.

The real output is shown below.

 // Coldfusion output. n6lp0I1w5FwrP3yPw3s8bw== ^^^^^^^^^^ Same part // PHP output. n6lp0I1w5FxLQHskKMn4sw== ^^^^^^^^^^ Same part

Why is Coldfusion distinguished by results?

How can I do the same results in Coldfusion provided I don't modify the PHP code. PHP output is the right conclusion for me.

Is it possible to get the correct result (PHP) using javascript? This solution is also good.

I'm sad.

Thanks in advanced

+5
source share
1 answer

The settings are close, but not exactly the same. The reason is different from the results:

  • CBC mode requires IV (initialization vector). The PHP code supplies IV explicitly, but the CF code does not. Thus, the encrypt() function generates an IV randomly. Therefore, why the results do not match: different IV, different results.

  • When you use the "NoPadding" mode, the input line must be padded, so its length will even be a multiple of the size of the block (i.e. DESEDE => 8). As far as I understand ... the mcrypt extension for PHP uses only ZeroPadding . CF encrypt() does not support zero padding. However, you can simulate it using something like this udf nullPad ()

Once you have included these two (2) changes, the results will correspond to:

Results:

 n6lp0I1w5FxLQHskKMn4sw==

Example:

 <cfset message = nullPad("1447841550", 8)> <cfset key = "Mk9m98IfEblmPfrpsawt7BmxObt98Jev"> <!--- Important: IV values should be random, and NOT reused ---> <!--- https://en.wikipedia.org/wiki/Initialization_vector ---> <cfset iv = binaryDecode("0000000000000000", "hex")> <cfset ciphertext = Encrypt(message, key, "DESede/CBC/NoPadding", "base64", iv)> <cfoutput>#ciphertext#</cfoutput>
+8
source

Source: https://habr.com/ru/post/1236424/

More articles:


All Articles