PHP Encrypt and Windows Decrypt

Question

I \'m stuck. It seems that AES encryption done by PHP cannot be decrypted in windows.

PHP code:

$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL         


        

Answer 1

The information you provided is not enough to say for certain but I think that your problem is the key length.

In PHP code you pass "12345678" as a key. And AES128 has a key length of 128bit or 16 bytes. PHP pads the remaining with zero bytes, as stated in the documentation on mcrypt_encrypt.

In the C++ code you pass only the pointer to your key buffer to Decrypt function. But then you copy 16 bytes from it to the key BLOB:

aes_blob128.keySize = 16;
memcpy(aes_blob128.bytes, key, 16);

Then if you call your function like:

char dest[16];
bool result = Decrypt(string_from_php,"12345678",dest);

than the 8 bytes that happen to reside in memory after the "12345678" constant will be copied to the key blob and passed to CryptImportKey as an actual key. Thus the key in C and in PHP code would be actually different and the decryption will fail due to padding error.