LordBoling Posted August 20, 2011 Posted August 20, 2011 Hey guys. I am stuck again. I have a website that takes orders and, of course, encrypts the card numbers. I have been trying to rewrite the PHP decryption to work in Autoit, but I have been having difficulties. Here is my PHP Function: function cc_decrypt($string,$key) { $key = md5($key); //to improve variance /* Open module, and create IV */ $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '','cfb', ''); $key = substr($key, 0, mcrypt_enc_get_key_size($td)); $iv_size = mcrypt_enc_get_iv_size($td); $iv = substr($string,0,$iv_size); $string = substr($string,$iv_size); /* Initialize encryption handle */ if (mcrypt_generic_init($td, $key, $iv) != -1) { /* Encrypt data */ $c_t = mdecrypt_generic($td, $string); mcrypt_generic_deinit($td); mcrypt_module_close($td); return $c_t; } else { trigger_error("cc_decrypt(C): Unable to decrypt input", E_USER_NOTICE); } } I looked at Crypt but I could not find that it would work with a Rijndael encryption. I also need to be able to determine the IV. Does anyone have any ideas for me? Thanks.
JohnOne Posted August 24, 2011 Posted August 24, 2011 I thought AES was Rijndael AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
LordBoling Posted August 26, 2011 Author Posted August 26, 2011 Thanks JohnOne. I had thought so as well, which should mean that the proper way to decrypt this using autoit is the following: $CC = _Crypt_DecryptData($CC,$KEY,$CALG_AES_256) With the credit card number being $CC, the preset key as $KEY and as this is a 256bit Rijndael $CALG_AES_256 should be the correct hash id. However using this I get an error of 2, failed to decrypt. Am I doing something wrong?
aNewLyfe Posted August 26, 2011 Posted August 26, 2011 you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure Btw, good luck with it, im trying to install that mcrypt plugin to my server atm, it sucks. ~ Every Living Thing is a Code Snippet of World Application ~
LordBoling Posted August 27, 2011 Author Posted August 27, 2011 you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure I could do that or just pull the card number from the invoice. I am hoping to avoid that though.I wish I understood encryptions better. Though I have been coding for 6 years now I have never worked with encryptions before.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now