python + php encrypt/decrypt

Peter Irbizon peterirbizon at gmail.com
Tue Jun 7 08:57:47 EDT 2011 

Hello Ian,
thanks, I found another php script but it is not working as well :/ What am
I doing wrong?
And I have another question too: when I use text for encoding "Text for 1"
and "Text for 11" the first letters of encoded strings are the same in both
strings?

here is my py:
# -*- coding: utf-8 -*-
from Crypto.Cipher import AES
import base64
import os

# the block size for the cipher object; must be 16, 24, or 32 for AES
BLOCK_SIZE = 16

# the character used for padding--with a block cipher such as AES, the value
# you encrypt must be a multiple of BLOCK_SIZE in length.  This character is
# used to ensure that your value is always a multiple of BLOCK_SIZE
PADDING = '{'

# one-liner to sufficiently pad the text to be encrypted
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

# one-liners to encrypt/encode and decrypt/decode a string
# encrypt with AES, encode with base64
EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

# generate a random secret key
secret = "passkeypasskeyaa" #os.urandom(BLOCK_SIZE)
iv='1234567890123456'
# create a cipher object using the random secret
#cipher = AES.new(secret)
cipher = AES.new(secret, AES.MODE_CBC, iv)

# encode a string
tajnytext ='Alice has a cat'
#tajnytext=tajnytext.encode('hex')
encoded = EncodeAES(cipher, tajnytext) #encoded = EncodeAES(cipher,
'password')

print encoded
print encoded.encode('hex')
#print 'Encrypted string:', encoded


# decode the encoded string
decoded = DecodeAES(cipher, encoded)
print 'Decrypted string:', decoded






and my php:
<?php

 // This PHP code snippet provides a basic understanding of
 // PHP's AES encryption.

 // The first thing to understand is the meaning of these constants:
 // MCRYPT_RIJNDAEL_128
 // MCRYPT_RIJNDAEL_192
 // MCRYPT_RIJNDAEL_256
 // You would think that MCRYPT_RIJNDAEL_256 specifies 256-bit encryption,
 // but that is wrong.  The three choices specify the block-size to be used
 // with Rijndael encryption.  They say nothing about the key size (i.e.
strength)
 // of the encryption.  (Read further to understand how the strength of the
 // AES encryption is set.)
 //
 // The Rijndael encyrption algorithm is a block cipher.  It operates on
discrete
 // blocks of data.  Padding MUST be added such that
    // the data to be encrypted has a length that is a multiple of the block
size.
 // (PHP pads with NULL bytes)
 // Thus, if you specify MCRYPT_RIJNDAEL_256, your encrypted output will
always
 // be a multiple of 32 bytes (i.e. 256 bits).  If you specify
MCRYPT_RIJNDAEL_128,
 // your encrypted output will always be a multiple of 16 bytes.
 //
 // Note: Strictly speaking, AES is not precisely Rijndael (although in
practice
 // they are used interchangeably) as Rijndael supports a larger range of
block
 // and key sizes; AES has a fixed block size of 128 bits and a key size of
 // 128, 192, or 256 bits, whereas Rijndael can be specified with key and
block
 // sizes in any multiple of 32 bits, with a minimum of 128 bits and a
maximum of
 // 256 bits.
 // In summary: If you want to be AES compliant, always choose
MCRYPT_RIJNDAEL_128.
 //
 // So the first step is to create the cipher object:
 $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');

 // We're using CBC mode (cipher-block chaining).  Block cipher modes are
detailed
 // here: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

 // CBC mode requires an initialization vector.  The size of the IV
(initialization
 // vector) is always equal to the block-size.  (It is NOT equal to the key
size.)
 // Given that our block size is 128-bits, the IV is also 128-bits (i.e. 16
bytes).
 // Thus, for AES encryption, the IV is always 16 bytes regardless of the
 // strength of encryption.
 //
 // Here's some PHP code to verify our IV size:
 //$iv_size = mcrypt_enc_get_iv_size($cipher);
 //printf("iv_size = %d\n",$iv_size);

 // How do you do 256-bit AES encryption in PHP vs. 128-bit AES
encryption???
 // The answer is:  Give it a key that's 32 bytes long as opposed to 16
bytes long.
 // For example:
 $key256 = 'passkeypasskeyaa';
 //$key128 = '1234567890123456';

 // Here's our 128-bit IV which is used for both 256-bit and 128-bit keys.
 $iv =  '1234567890123456';

 //printf("iv: %s\n",bin2hex($iv));
 //printf("key256: %s\n",bin2hex($key256));
 //printf("key128: %s\n",bin2hex($key128));

 // This is the plain-text to be encrypted:
 $cleartext = 'Alice has a cat';
 //printf("plainText: %s\n\n",$cleartext);

 // The mcrypt_generic_init function initializes the cipher by specifying
both
 // the key and the IV.  The length of the key determines whether we're
doing
 // 128-bit, 192-bit, or 256-bit encryption.
 // Let's do 256-bit encryption here:
 if (mcrypt_generic_init($cipher, $key256, $iv) != -1)
 {
  // PHP pads with NULL bytes if $cleartext is not a multiple of the block
size..
  $cipherText = mcrypt_generic($cipher,$cleartext );
  mcrypt_generic_deinit($cipher);

  // Display the result in hex.
  printf("256-bit encrypted result:\n%s\n\n",bin2hex($cipherText));
 }

 // Now let's do 128-bit encryption:
 //if (mcrypt_generic_init($cipher, $key128, $iv) != -1)
 //{
  // PHP pads with NULL bytes if $cleartext is not a multiple of the block
size..
//  $cipherText = mcrypt_generic($cipher,$cleartext );
//  mcrypt_generic_deinit($cipher);

  // Display the result in hex.
//  printf("128-bit encrypted result:\n%s\n\n",bin2hex($cipherText));
// }

 // -------
 // Results
 // -------
 // You may use these as test vectors for testing your AES
implementations...
 //
 // ------------------------
 // 256-bit key, CBC mode
 // ------------------------
 // IV = '1234567890123456'
 //  (hex: 31323334353637383930313233343536)
 // Key = '12345678901234561234567890123456'
 //  (hex: 3132333435363738393031323334353631323334353637383930313233343536)
 // PlainText:
 //  'The quick brown fox jumped over the lazy dog'
 // CipherText(hex):
 //
2fddc3abec692e1572d9b7d629172a05caf230bc7c8fd2d26ccfd65f9c54526984f7cb1c4326ef058cd7bee3967299e3

 //
 // ------------------------
 // 128-bit key, CBC mode
 // ------------------------
 // IV = '1234567890123456'
 //  (hex: 31323334353637383930313233343536)
 // Key = '1234567890123456'
 //  (hex: 31323334353637383930313233343536)
 // PlainText:
 //  'The quick brown fox jumped over the lazy dog'
 // CipherText(hex):
 //
f78176ae8dfe84578529208d30f446bbb29a64dc388b5c0b63140a4f316b3f341fe7d3b1a3cc5113c81ef8dd714a1c99

?>

2011/6/7 Ian Kelly <ian.g.kelly at gmail.com>

> On Mon, Jun 6, 2011 at 4:19 PM, miamia <peterirbizon at gmail.com> wrote:
> > php I am trying to use is here:
> >
> http://code.google.com/p/antares4pymes/source/browse/trunk/library/System/Crypt/AES.php?r=20
>
> That library does not appear to be doing CBC as far as I can tell.
> Maybe they will agree if you use EBC instead?
>
> > BLOCK_SIZE = 32
>
> According to the docs, the block size for AES is 16, not 32.  It is
> the key size that can be 16, 24, or 32.  But this should just result
> in extra padding, so it probably doesn't explain the discrepancy.
>
> > pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
> > EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
> > DecodeAES = lambda c, e:
> > c.decrypt(base64.b64decode(e)).rstrip(PADDING)
>
> Stylistic note: is it really necessary to use lambda here?  For
> readability, just use def.  It's worth having to hit Enter a couple
> extra times.
>
> Cheers,
> Ian
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20110607/1729b1bd/attachment-0001.html>

More information about the Python-list mailing list