3des in php - cannot get good key/string

Question

I need to decode a 3des string in a php and I have no experience in decripting so far...

First step is: get the key and the set of strings to decode - I have that already.

I have this information about algorythm:

type: CBC, padding - PKCS5, initialization vector (iv?) - array of eight zeros

I try this way:

// very simple ASCII key and IV
$key = "passwordDR0wSS@P6660juht";
$iv = "password";
//$iv = array('0','0','0','0','0','0','0','0');
//$iv = "00000000";

$cipher = mcrypt_module_open(MCRYPT_3DES, '', 'cbc', '');

//$iv = mcrypt_enc_get_iv_size($cipher);


// DECRYPTING
echo "<b>String to decrypt:</b><br />51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be<br /><br />";

echo "<b>Decrypted 3des string:</b><br /> ".SimpleTripleDesDecrypt('51196a80db5c51b8523220383de600fd116a947e00500d6b9101ed820d29f198c705000791c07ecc1e090213c688a4c7a421eae9c534b5eff91794ee079b15ecb862a22581c246e15333179302a7664d4be2e2384dc49dace30eba36546793be')."<br />";

function SimpleTripleDesDecrypt($buffer) {
  global $key, $iv, $cipher;

  mcrypt_generic_init($cipher, $key, $iv);
  $result = rtrim(mdecrypt_generic($cipher, hex2bin($buffer)), "\0");
  mcrypt_generic_deinit($cipher);
  return $result;
}

function hex2bin($data)
{
  $len = strlen($data);
  return pack("H" . $len, $data);
} 

At the beginnig you see example data, and on this data code works fine. Problem starts when I try to use my own data I get from database by SOAP webservice. I see this error:

Warning: pack() [function.pack]: Type H: illegal hex digit in....

I get this despite making attempts with different types of codings in the script. Script file itself is in ANCI.

Also: as you see in comments I also have made some experiments with IV but it doesn't make sense without dealing with first problem I gues.

Another thing is padding == PKCS5. Do I need to use it, and how should I do it in my case?

I would really appreciate help with this.

Answer 1

Ok, I have found a solution based mostly on this post: PHP Equivalent for Java Triple DES encryption/decryption - thanx guys and +1.

$iv = array('0','0','0','0','0','0','0','0');
echo @decryptText($temp->patient->firstName, $deszyfrator->return->rawDESKey, $iv);
echo @decryptText($temp->patient->surname, $deszyfrator->return->rawDESKey, $iv);

function decryptText($encryptText, $key, $iv) {

    $cipherText = base64_decode($encryptText);
    $res = mcrypt_decrypt("tripledes", $key, $cipherText, "cbc", $iv);

    $resUnpadded = pkcs5_unpad($res);    
    return $resUnpadded;
}

function pkcs5_unpad($text)
{
    $pad = ord($text{strlen($text)-1});
    if ($pad > strlen($text)) return false;
    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
    return substr($text, 0, -1 * $pad);
}

However I get a warning (hidden with @ now). "Iv should have the same lenght as block size" - I tried all combinations I could figure out and I can't get rid of it. Any idea people?

Edit: secondary problem fixed to. This kode will fix the iv:

$iv_size=mcrypt_get_iv_size("tripledes","cbc");
$iv = str_repeat("\0", $iv_size);   //iv size for 3des is 8