Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.1.0RC2

Bug #4747 NUL chars appended at end of decrypted string
Submitted: 2005-07-05 09:55 UTC
From: capitaine at coolsmile dot net Assigned:
Status: Bogus Package: Crypt_Blowfish
PHP Version: 4.2.2 OS: Debian
Roadmaps: (Not assigned)    
Subscription  


 [2005-07-05 09:55 UTC] capitaine at coolsmile dot net
Description: ------------ When the length of a plain string is not a multiple of 8, decrypt() return a result with a NUL chars block appened to the end (which length is a multiple of 8). Reproduce code: --------------- <? include 'Blowfish.php'; $BF = new Crypt_Blowfish('test'); while (strlen($str) < 64) { $str .= 'u'; test($str); } function test($plain) { global $BF; echo "Plain string='$plain'" . " Length=" . strlen($plain) . "\n"; $ciph = bin2hex($BF->encrypt($plain)); $unciph = $BF->decrypt(pack("H" . strlen($ciph), $ciph)); echo "Unciphered string='$unciph'" . " Length=" . strlen($unciph) . "\n"; } ?> Expected result: ---------------- No NULs appened to decrypted string. Actual result: -------------- Plain string='u' Length=1 Unciphered string='u' Length=8 Plain string='uu' Length=2 Unciphered string='uu' Length=8 Plain string='uuu' Length=3 Unciphered string='uuu' Length=8 Plain string='uuuu' Length=4 Unciphered string='uuuu' Length=8 Plain string='uuuuu' Length=5 Unciphered string='uuuuu' Length=8 Plain string='uuuuuu' Length=6 Unciphered string='uuuuuu' Length=8 Plain string='uuuuuuu' Length=7 Unciphered string='uuuuuuu' Length=8 Plain string='uuuuuuuu' Length=8 Unciphered string='uuuuuuuu' Length=8 Plain string='uuuuuuuuu' Length=9 Unciphered string='uuuuuuuuu' Length=16 Plain string='uuuuuuuuuu' Length=10 Unciphered string='uuuuuuuuuu' Length=16 ...

Comments

 [2005-07-18 16:48 UTC] mfonda
 [2005-07-19 11:20 UTC] capitaine at coolsmile dot net
Hi mfonda, I didn't have a clue about cipher padding. For whoever wants it, there is a simple workaround with the trim() function. $plain = trim($BF->decrypt($ciph)); Thank a lot.