LordBoling Posted August 20, 2011 Share Posted August 20, 2011 Hey guys. I am stuck again. I have a website that takes orders and, of course, encrypts the card numbers. I have been trying to rewrite the PHP decryption to work in Autoit, but I have been having difficulties. Here is my PHP Function: function cc_decrypt($string,$key) { $key = md5($key); //to improve variance /* Open module, and create IV */ $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '','cfb', ''); $key = substr($key, 0, mcrypt_enc_get_key_size($td)); $iv_size = mcrypt_enc_get_iv_size($td); $iv = substr($string,0,$iv_size); $string = substr($string,$iv_size); /* Initialize encryption handle */ if (mcrypt_generic_init($td, $key, $iv) != -1) { /* Encrypt data */ $c_t = mdecrypt_generic($td, $string); mcrypt_generic_deinit($td); mcrypt_module_close($td); return $c_t; } else { trigger_error("cc_decrypt(C): Unable to decrypt input", E_USER_NOTICE); } } I looked at Crypt but I could not find that it would work with a Rijndael encryption. I also need to be able to determine the IV. Does anyone have any ideas for me? Thanks. Link to comment Share on other sites More sharing options...
LordBoling Posted August 24, 2011 Author Share Posted August 24, 2011 No ideas? Link to comment Share on other sites More sharing options...
JohnOne Posted August 24, 2011 Share Posted August 24, 2011 I thought AES was Rijndael AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
LordBoling Posted August 26, 2011 Author Share Posted August 26, 2011 Thanks JohnOne. I had thought so as well, which should mean that the proper way to decrypt this using autoit is the following: $CC = _Crypt_DecryptData($CC,$KEY,$CALG_AES_256) With the credit card number being $CC, the preset key as $KEY and as this is a 256bit Rijndael $CALG_AES_256 should be the correct hash id. However using this I get an error of 2, failed to decrypt. Am I doing something wrong? Link to comment Share on other sites More sharing options...
aNewLyfe Posted August 26, 2011 Share Posted August 26, 2011 you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure Btw, good luck with it, im trying to install that mcrypt plugin to my server atm, it sucks. ~ Every Living Thing is a Code Snippet of World Application ~ Link to comment Share on other sites More sharing options...
LordBoling Posted August 27, 2011 Author Share Posted August 27, 2011 you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure I could do that or just pull the card number from the invoice. I am hoping to avoid that though.I wish I understood encryptions better. Though I have been coding for 6 years now I have never worked with encryptions before. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now