Decrypting strings in Python that were encrypted with MCRYPT_RIJNDAEL_256 in PHP

by

To decrypt this form of encryption, you will need to get a version of Rijndael. One can be found here. Then you will need to simulate the key and text padding used in the PHP Mcrypt module. They add '\0' to pad out the text and key to the correct size. They are using a 256 bit block size and the key size used with the key you give is 128 (it may increase if you give it a bigger key). Unfortunately, the Python implementation I’ve linked to only encodes a single block at a time. I’ve created python functions which simulate the encryption (for testing) and decryption in Python

import rijndael
import base64

KEY_SIZE = 16
BLOCK_SIZE = 32

def encrypt(key, plaintext):
    padded_key = key.ljust(KEY_SIZE, '\0')
    padded_text = plaintext + (BLOCK_SIZE - len(plaintext) % BLOCK_SIZE) * '\0'

    # could also be one of
    #if len(plaintext) % BLOCK_SIZE != 0:
    #    padded_text = plaintext.ljust((len(plaintext) / BLOCK_SIZE) + 1 * BLOCKSIZE), '\0')
    # -OR-
    #padded_text = plaintext.ljust((len(plaintext) + (BLOCK_SIZE - len(plaintext) % BLOCK_SIZE)), '\0')

    r = rijndael.rijndael(padded_key, BLOCK_SIZE)

    ciphertext=""
    for start in range(0, len(padded_text), BLOCK_SIZE):
        ciphertext += r.encrypt(padded_text[start:start+BLOCK_SIZE])

    encoded = base64.b64encode(ciphertext)

    return encoded


def decrypt(key, encoded):
    padded_key = key.ljust(KEY_SIZE, '\0')

    ciphertext = base64.b64decode(encoded)

    r = rijndael.rijndael(padded_key, BLOCK_SIZE)

    padded_text=""
    for start in range(0, len(ciphertext), BLOCK_SIZE):
        padded_text += r.decrypt(ciphertext[start:start+BLOCK_SIZE])

    plaintext = padded_text.split('\x00', 1)[0]

    return plaintext

This can be used as follows:

key = 'MyKey'
text="test"

encoded = encrypt(key, text)
print repr(encoded)
# prints 'I+KlvwIK2e690lPLDQMMUf5kfZmdZRIexYJp1SLWRJY='

decoded = decrypt(key, encoded)
print repr(decoded)
# prints 'test'

For comparison, here is the output from PHP with the same text:

$ php -a
Interactive shell

php > $key = 'MyKey';
php > $text="test";
php > $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB);
php > $encoded = base64_encode($output);
php > echo $encoded;
I+KlvwIK2e690lPLDQMMUf5kfZmdZRIexYJp1SLWRJY=

More Related Contents:

  1. Best way to use PHP to encrypt and decrypt passwords? [duplicate]
  2. mcrypt is deprecated, what is the alternative?
  3. How to add/remove PKCS7 padding from an AES encrypted string?
  4. Upgrading my encryption library from Mcrypt to OpenSSL
  5. MCrypt rijndael-128 to OpenSSL aes-128-ecb conversion
  6. Mcrypt js encryption value is different than that produced by PHP mcrypt / Mcrypt JS decrypt doesn’t work for UTF-8 chars
  7. How do you Encrypt and Decrypt a PHP String?
  8. What kinds of patterns could I enforce on the code to make it easier to translate to another programming language? [closed]
  9. Simplest two-way encryption using PHP
  10. Laravel requires the Mcrypt PHP extension
  11. Two-way encryption: I need to store passwords that can be retrieved
  12. Preparing for removal of Mcrypt in PHP 7.2
  13. PHP AES encrypt / decrypt
  14. Best solution to protect PHP code without encryption
  15. Is there a php function like python’s zip?
  16. Calling Python in PHP
  17. Whether to use “SET NAMES”
  18. How to prevent my site page to be loaded via 3rd party site frame of iFrame
  19. Login without HTTPS, how to secure?
  20. Variable-length lookbehind-assertion alternatives for regular expressions
  21. Two-way encryption in PHP
  22. Create an encrypted zip archive with PHP
  23. Cross platform (php to C# .NET) encryption/decryption with Rijndael
  24. How can I decrypt a password hash in PHP?
  25. How to do AES256 decryption in PHP?
  26. Switching between HTTP and HTTPS pages with secure session-cookie
  27. How to call a Python Script from PHP?
  28. Can anyone get access to my PHP source code?
  29. Unserialize PHP data in python [duplicate]
  30. What encryption algorithm is best for encrypting cookies?

Leave a Comment