3

I think my PHP intall might have problems. When I try to do this I get

Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: Module initialization failed

I am writing a small snippet of code that will decrypt the following string encrypted with AES-128 using mode ECB.

Key (encoded in base64): aXJhbmRvbXNlY3VyZWtleQ==

Encrypted string> (encoded in base64): 3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI=

I keep getting module errors.

This is what I have tried:

<?PHP
$retval = mcrypt_decrypt( "AES-128",
    base64_decode( "aXJhbmRvbXNlY3VyZWtleQ=="), 
    base64_decode( "3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI") ,
    "ECB");

echo $retval;
?>

here is my relevant phpinfo. I dont see AES-128 . Maybe thats the problem.

    mcrypt
    mcrypt support  enabled
    Version     2.5.8
    Api No  20021217
    Supported ciphers   cast-128 gost rijndael-128 twofish arcfour      cast-256           loki97      rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
    Supported modes     cbc cfb ctr ecb ncfb nofb ofb stream
Improve this question
2
  • well, can you show your code? Commented Nov 21, 2012 at 18:14
  • Please post your phpinfo(). This is probably not a problem with your code, but with your PHP installation. Commented Nov 21, 2012 at 18:20

1 Answer 1

Reset to default
5

You are close, there are 2 small problems.

First, AES-128 is not a valid cipher constant from mcrypt. AES is really rijndael which you have support for. The mcrypt cipher constant for AES-128 is MCRYPT_RIJNDAEL_128 which is the string rijndael-128. Second, the mcrypt mode must be lowercase.

Changing your code to:

<?php
$retval = mcrypt_decrypt( "rijndael-128",
    base64_decode( "aXJhbmRvbXNlY3VyZWtleQ=="), 
    base64_decode( "3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI") ,
    "ecb");

echo $retval;

yields the correct output of: Is 3 random enough?

Personally, I'd go with the mcrypt constants rather than the actual strings, so replace rijndael-128 with MCRYPT_RIJNDAEL_128 and ecb with MCRYPT_MODE_ECB.

On a side note, consider using CBC with an IV instead of ECB if you are encrypting lots of sensitive information.

Mcrypt can easily create IVs for you with the proper lengths. Sample code:

$ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv     = mcrypt_create_iv($ivsize);

Use this IV when encrypting and decrypting. You can pass the IV along with your data as a base64 encoded string for portability.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

+1 For using mcrypt constants and the recommendation to use CBC. I'd expand on how to properly create an IV, as I often see people misusing IVs.
Thank you so much sir. If I get this job, I might be asking what your paypal acccount is. Actually they are pacific so I am still on time. Thanks very much
@hforbess Thanks for posting a detailed question. Feel free to get in touch if you have more questions.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.