As3Crypto + PHP
1,372 views
Skip to first unread message
Jiggmin
Dec 10, 2008, 12:58:50 AM12/10/08
to As3Crypto Discussion List
There are a bunch of posts about Crypto to not matching up with the
encryption in other languages. Bummer. Here's what I ended up with:
Algorithm: RIJNDAEL (AES) 128
Mode: CBC
Key: b86b2979310c6833d15cebefdce659cf
Padding: Null characters (char code 0)
IV: none
String to be encrypted: "test"
encrypted with Crypto: rYksPO4+x3STIhYONGPDXA==
encrypted with php: rYksPO4+x3STIhYONGPDXA==
String to be encrypted: "test with a longer string woooweies what
fun."
encrypted with Crypto: 3El/G+nYOStYg1UyrK1kboBXW8oRJr6WtkYsWzZx6Rx/
A5J0178hm/TcAtGe01aD
encrypted with php: 3El/G
+nYOStYg1UyrK1kbqfWIyLlAq0WKmQewKuTvCXaEZ88YY1Xxl5fI3f2ztYE
The first twenty something characters of the encrypted strings match,
but they don't match after that. So, this actually would work if you
only had to send very short strings back and fourth. (hehe)
encryption in other languages. Bummer. Here's what I ended up with:
Algorithm: RIJNDAEL (AES) 128
Mode: CBC
Key: b86b2979310c6833d15cebefdce659cf
Padding: Null characters (char code 0)
IV: none
String to be encrypted: "test"
encrypted with Crypto: rYksPO4+x3STIhYONGPDXA==
encrypted with php: rYksPO4+x3STIhYONGPDXA==
String to be encrypted: "test with a longer string woooweies what
fun."
encrypted with Crypto: 3El/G+nYOStYg1UyrK1kboBXW8oRJr6WtkYsWzZx6Rx/
A5J0178hm/TcAtGe01aD
encrypted with php: 3El/G
+nYOStYg1UyrK1kbqfWIyLlAq0WKmQewKuTvCXaEZ88YY1Xxl5fI3f2ztYE
The first twenty something characters of the encrypted strings match,
but they don't match after that. So, this actually would work if you
only had to send very short strings back and fourth. (hehe)
Jiggmin
Dec 11, 2008, 12:26:34 AM12/11/08
to As3Crypto Discussion List
Aww man! I had confused CBC with ECB. Encryption works perfectly
between php and Crypto now. The only thing you have to do is make a
pad class that pads the byte array with null bytes, because that's
what php does automatically. You can get a null byte in as3 with
String.fromCharCode(0);
between php and Crypto now. The only thing you have to do is make a
pad class that pads the byte array with null bytes, because that's
what php does automatically. You can get a null byte in as3 with
String.fromCharCode(0);
Mehmet Ecevit
Dec 11, 2008, 10:23:43 AM12/11/08
to As3Crypto Discussion List
Did you solve the problem?
Jason Foglia
Dec 11, 2008, 10:47:24 AM12/11/08
to as3c...@googlegroups.com, Jiggmin
Do you have both php and as3Crypto examples?
How much padding is needed?--
Jason Foglia
Work:
Educational Sales Co.
Web Applications Developer
ja...@escobooks.com
(800) 999-5199
Personal:
(480) 255-5062
http://jaysart.com
jason....@gmail.com
How much padding is needed?
Jason Foglia
Work:
Educational Sales Co.
Web Applications Developer
ja...@escobooks.com
(800) 999-5199
Personal:
(480) 255-5062
http://jaysart.com
jason....@gmail.com
zigityzig
Dec 12, 2008, 7:07:00 PM12/12/08
to As3Crypto Discussion List
This is what I found too if you don't provide PHP mcrypt with an
initialization vector or provide it with one of all zero's the first
block is not XORed with the initialization vector.
Any additional blocks are XORed with the prior. This and the padding
method are what create the compatibility problems. Padding the string
prior to encryption also solves this as long as the flash client knows
what character you used for padding. PHP mcrypt pads with null or the
zero ascii character which causes some issues when decrypting in the
flash client
In the class I wrote as long as I use PHP mcrypt with an
initialization vector of all zero's the output is identical. I pad
strings prior to encryption with a known character like so
//PAD STRING PRIOR TO ENCRYPTION
if(strlen($string) % 16){
$string = str_pad($string, ceil(strlen($string)/16)*16,"~");
initialization vector or provide it with one of all zero's the first
block is not XORed with the initialization vector.
Any additional blocks are XORed with the prior. This and the padding
method are what create the compatibility problems. Padding the string
prior to encryption also solves this as long as the flash client knows
what character you used for padding. PHP mcrypt pads with null or the
zero ascii character which causes some issues when decrypting in the
flash client
In the class I wrote as long as I use PHP mcrypt with an
initialization vector of all zero's the output is identical. I pad
strings prior to encryption with a known character like so
//PAD STRING PRIOR TO ENCRYPTION
if(strlen($string) % 16){
$string = str_pad($string, ceil(strlen($string)/16)*16,"~");
Jason
Dec 15, 2008, 6:11:20 PM12/15/08
to As3Crypto Discussion List
Here it goes.
I have spent alot of time on this and found no other way.
No one else had examples so here is goes.
package
{
import flash.display.Sprite;
import flash.utils.ByteArray;
import com.hurlant.crypto.symmetric.ICipher;
import com.hurlant.crypto.symmetric.IVMode;
import com.hurlant.crypto.symmetric.IMode;
import com.hurlant.crypto.symmetric.NullPad;
import com.hurlant.crypto.symmetric.PKCS5;
import com.hurlant.crypto.symmetric.IPad;
import com.hurlant.util.Base64;
import com.hurlant.util.Hex;
import com.hurlant.crypto.Crypto;
public class CryptoCode extends Sprite
{
private var type:String='simple-des-ecb';
private var key:ByteArray;
public function CryptoCode()
{
init();
}
private function init():void
{
key = Hex.toArray(Hex.fromString('TESTTEST'));// can only be 8
characters long
trace(encrypt('TEST TEST'));
trace(decrypt(encrypt('TEST TEST'));
}
private function encrypt(txt:String = ''):String
{
var data:ByteArray = Hex.toArray(Hex.fromString(txt));
var pad:IPad = new PKCS5;
var mode:ICipher = Crypto.getCipher(type, key, pad);
pad.setBlockSize(mode.getBlockSize());
mode.encrypt(data);
return Base64.encodeByteArray(data);
}
private function decrypt(txt:String = ''):String
{
var data:ByteArray = Base64.decodeToByteArray(txt);
var pad:IPad = new PKCS5;
var mode:ICipher = Crypto.getCipher(type, key, pad);
pad.setBlockSize(mode.getBlockSize());
mode.decrypt(data);
return Hex.toString(Hex.fromArray(data));
}
}
}
<?
class Crypt
{
var $key = NULL;
var $iv = NULL;
var $iv_size = NULL;
function Crypt()
{
$this->init();
}
function init($key = "")
{
$this->key = ($key != "") ? $key : "";
$this->algorithm = MCRYPT_DES;
$this->mode = MCRYPT_MODE_ECB;
$this->iv_size = mcrypt_get_iv_size($this->algorithm, $this->mode);
$this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND);
}
function encrypt($data)
{
$size = mcrypt_get_block_size($this->algorithm, $this->mode);
$data = $this->pkcs5_pad($data, $size);
return base64_encode(mcrypt_encrypt($this->algorithm, $this->key,
$data, $this->mode, $this->iv));
}
function decrypt($data)
{
return $this->pkcs5_unpad(rtrim(mcrypt_decrypt($this->algorithm,
$this->key, base64_decode($data), $this->mode, $this->iv)));
}
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return
false;
return substr($text, 0, -1 * $pad);
}
}
?>
I have spent alot of time on this and found no other way.
No one else had examples so here is goes.
package
{
import flash.display.Sprite;
import flash.utils.ByteArray;
import com.hurlant.crypto.symmetric.ICipher;
import com.hurlant.crypto.symmetric.IVMode;
import com.hurlant.crypto.symmetric.IMode;
import com.hurlant.crypto.symmetric.NullPad;
import com.hurlant.crypto.symmetric.PKCS5;
import com.hurlant.crypto.symmetric.IPad;
import com.hurlant.util.Base64;
import com.hurlant.util.Hex;
import com.hurlant.crypto.Crypto;
public class CryptoCode extends Sprite
{
private var type:String='simple-des-ecb';
private var key:ByteArray;
public function CryptoCode()
{
init();
}
private function init():void
{
key = Hex.toArray(Hex.fromString('TESTTEST'));// can only be 8
characters long
trace(encrypt('TEST TEST'));
trace(decrypt(encrypt('TEST TEST'));
}
private function encrypt(txt:String = ''):String
{
var data:ByteArray = Hex.toArray(Hex.fromString(txt));
var pad:IPad = new PKCS5;
var mode:ICipher = Crypto.getCipher(type, key, pad);
pad.setBlockSize(mode.getBlockSize());
mode.encrypt(data);
return Base64.encodeByteArray(data);
}
private function decrypt(txt:String = ''):String
{
var data:ByteArray = Base64.decodeToByteArray(txt);
var pad:IPad = new PKCS5;
var mode:ICipher = Crypto.getCipher(type, key, pad);
pad.setBlockSize(mode.getBlockSize());
mode.decrypt(data);
return Hex.toString(Hex.fromArray(data));
}
}
}
<?
class Crypt
{
var $key = NULL;
var $iv = NULL;
var $iv_size = NULL;
function Crypt()
{
$this->init();
}
function init($key = "")
{
$this->key = ($key != "") ? $key : "";
$this->algorithm = MCRYPT_DES;
$this->mode = MCRYPT_MODE_ECB;
$this->iv_size = mcrypt_get_iv_size($this->algorithm, $this->mode);
$this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND);
}
function encrypt($data)
{
$size = mcrypt_get_block_size($this->algorithm, $this->mode);
$data = $this->pkcs5_pad($data, $size);
return base64_encode(mcrypt_encrypt($this->algorithm, $this->key,
$data, $this->mode, $this->iv));
}
function decrypt($data)
{
return $this->pkcs5_unpad(rtrim(mcrypt_decrypt($this->algorithm,
$this->key, base64_decode($data), $this->mode, $this->iv)));
}
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return
false;
return substr($text, 0, -1 * $pad);
}
}
?>
kleelof
Dec 27, 2008, 6:59:38 PM12/27/08
to As3Crypto Discussion List
Hello,
I've tried using this library, but I always get an error from the
base64 part that says constructors can only be declared public. If I
change it to public, I get another error.
I am using CS3. Can these files only be used in FLEX? I downloaded
both the source code, which I am attempting to use now, and the SWC
which I cannot figure out how to install since it did not come in an
installer packge.
take care,
lee
I've tried using this library, but I always get an error from the
base64 part that says constructors can only be declared public. If I
change it to public, I get another error.
I am using CS3. Can these files only be used in FLEX? I downloaded
both the source code, which I am attempting to use now, and the SWC
which I cannot figure out how to install since it did not come in an
installer packge.
take care,
lee
corb...@yahoo.com
Jan 3, 2009, 9:44:57 PM1/3/09
to As3Crypto Discussion List
I had problems making this work with PHP as well so i wrote a AES data-
service to connect with PHP which uses javascript to encrypt and
decrypt on the flex end. It works great and is all set up with
functions on each end so it takes less then 3 lines of action-script
and PHP to use it
service to connect with PHP which uses javascript to encrypt and
decrypt on the flex end. It works great and is all set up with
functions on each end so it takes less then 3 lines of action-script
and PHP to use it
corb...@yahoo.com
Jan 3, 2009, 9:47:49 PM1/3/09
to As3Crypto Discussion List
the posting of my data service is here:http://code.google.com/p/as3-to-
php-aes-dataservice/
it works with both flex and AIR appliactions
php-aes-dataservice/
it works with both flex and AIR appliactions
corb...@yahoo.com
Jan 3, 2009, 9:52:18 PM1/3/09
to As3Crypto Discussion List
Tim E
Feb 10, 2009, 5:31:50 AM2/10/09
to As3Crypto Discussion List
I want to do the same thing except with AES/Rijndael 256 encryption.
I use the AS2 crypto library: http://www.svendens.com/downloads/flashCrypt.zip
What does flash output? And what does PHP(mcrypt) expect?
For what i know actionscript create a Hex string, but php want an
bytearraystring or something?
I really need some help for this, there are not many resources where i
can find help.
I use the AS2 crypto library: http://www.svendens.com/downloads/flashCrypt.zip
What does flash output? And what does PHP(mcrypt) expect?
For what i know actionscript create a Hex string, but php want an
bytearraystring or something?
I really need some help for this, there are not many resources where i
can find help.
Reply all
Reply to author
Forward
0 new messages