0

I'm trying to decrypt data with DES-ECB encryption, but the response is always false.

When I decrypt the string through https://www.tools4noobs.com/online_tools/decrypt/ the response is correct. This website is using the function "mcrypt_encrypt()" in PHP, but this functionality is not available on my server.

The code that i'm working on should work on PHP 7.1+ version, so the mcrypt_encrypt() isn't available anymore in my system.

$password         = 'password'; // Example
$decryptedString  = 'ThisShouldBeAnTestToCheckIfTheStringIsCorrectDecryptedThroughDES-ECB'; 

// Encrypted the string through the online tool.
$encryptedString  = 'zOToWEkYOoDnNWZ/sWEgOQQAX97NTZami/3V18yeKmoKiuam3DL0+Pu/LIuvjJ52zbfEx/+6WR4JcCjIBojv0H1eYCDUwY3o';

$opensslDecrypt   = openssl_decrypt(base64_decode($encryptedString),'DES-ECB', $password);

var_dump($opensslDecrypt); // Returns false.

I also tried to decrypt without the base64_decode function, but its still returning false.

Anyone have any idea why this isn't decrypting as it should be?

Improve this question

1 Answer 1

Reset to default
1

You must precise the $options in you method call:

Just add the following parameter after your password: OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING , ''

<?php

$password         = 'password';
$decryptedString  = 
'ThisShouldBeAnTestToCheckIfTheStringIsCorrectDecryptedThroughDES-ECB'; 

// Encrypted the string through the online tool.
$encryptedString  =  'zOToWEkYOoDnNWZ/sWEgOQQAX97NTZami/3V18yeKmoKiuam3DL0+Pu/LIuvjJ52zbfEx/+6WR4JcCjIBojv0H1eYCDUwY3o';

$opensslDecrypt   = openssl_decrypt(base64_decode($encryptedString),'DES-ECB', $password, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING , '');

var_dump(trim($opensslDecrypt));

Output: string(68) "ThisShouldBeAnTestToCheckIfTheStringIsCorrectDecryptedThroughDES-ECB"

For more information about this options:

What does OPENSSL_RAW_DATA do?

$options as (as for 2016) two possible values OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING. Setting both can be done by OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING. If no OPENSSL_ZERO_PADDING is specify, default pading of PKCS#7 will be done as it's been observe by [openssl at mailismagic dot com]'s coment in openssl_encrypt()

https://www.php.net/manual/en/function.openssl-decrypt.php

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So if i want the string to be converted without base64_decode then is should use the function like this right? $opensslDecrypt = openssl_decrypt($hash, 'DES-ECB', $password, OPENSSL_ZERO_PADDING , '');
exactly you catch it. Try it yourself, you'll see it works

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.