Results 1 to 3 of 3
  1. #1
    Join Date
    Mar 2008
    Posts
    55

    Unanswered: XTEA Encryption/Decryption

    I am trying to decrypt a code encrypted with XTEA. I have been using a script found here, Google Translate and it works within its own encrypt/decrypt example. The problem is that it will not decrypt a code given to me by my client. In the code examples description it says the "key" is 16 characters, but the key I have from my client is 32 characters so I think this may be part of the problem, but I cannot find out in the code how to make it work with a 32 char key (if that is even the issue).

    Below is the class from the link above and below that are sample encrypt and decrypt strings. If anyone can provide help or a better solution, it is greatly appreciated. My guess is that it is only allowing 16 of my 32 char key. I tried to use a 32 char key, but the code still seemed to only want 16. Help!

    I also read something about XTEA only working within the same code language each side of the crypt was made. Can anyone validate this?

    Code:
    <?php
    /* PHP Implementation of XTEA (www.php-einfach.de)
    *
    * XTEA was designed in 1997 by David Wheeler and Roger Needham
    * of the Cambridge Computer Laboratory.
    * It is not subject to any patents.
    *
    * It is a 64-bit Feistel cipher, consisting of 64 rounds.
    * XTA has a key length of 128 bits.
    *
    *
    * ***********************
    * Diese Implementierung darf frei verwendet werden, der Autor uebernimmt keine
    * Haftung fuer die Richtigkeit, Fehlerfreiheit oder die Funktionsfaehigkeit dieses Scripts.
    * Benutzung auf eigene Gefahr.
    *
    * Ueber einen Link auf www.php-einfach.de wuerden wir uns freuen.
    *
    * ************************
    * Usage:
    *
    * include("xtea.class.php");
    *
    * $xtea = new XTEA("secret Key");
    * $cipher = $xtea->Encrypt("Hello World"); //Encrypts 'Hello World'
    * $plain = $xtea->Decrypt($cipher); //Decrypts the cipher text
    *
    * echo $plain;
    *
    */
    
    class XTEA {
    
       //Private
    	var $key;
    
    	// CBC or ECB Mode
    	// normaly, CBC Mode would be the right choice
    	var $cbc = 1;
    
       function XTEA($key) {
          $this->key_setup($key);
       }
    
       //encrypt
       function encrypt($text) {
          $n = strlen($text);
          if($n%8 != 0) $lng = ($n+(8-($n%8)));
          else $lng = 0;
    
          $text = str_pad($text, $lng, ' ');
          $text = $this->_str2long($text);
    
          //Initialization vector: IV
          if($this->cbc == 1) {
             $cipher[0][0] = time();
             $cipher[0][1] = (double)microtime()*1000000;
          }
    
          $a = 1;
          for($i = 0; $i<count($text); $i+=2) {
             if($this->cbc == 1) {
                //$text with last ciphertext XOR
                //$text is XORed with the previous ciphertext
                $text[$i] ^= $cipher[$a-1][0];
                $text[$i+1] ^= $cipher[$a-1][1];
             }
    
             $cipher[] = $this->block_encrypt($text[$i],$text[$i+1]);
             $a++;
          }
    
          $output = "";
          for($i = 0; $i<count($cipher); $i++) {
             $output .= $this->_long2str($cipher[$i][0]);
             $output .= $this->_long2str($cipher[$i][1]);
          }
    
          return base64_encode($output);
       }
    
    
    
    
       //decipher
       function decrypt($text) {
          $plain = array();
          $cipher = $this->_str2long(base64_decode($text));
    
          if($this->cbc == 1)
             $i = 2; //Message start at second block
          else
             $i = 0; //Message start at first block
    
          for($i; $i<count($cipher); $i+=2) {
             $return = $this->block_decrypt($cipher[$i],$cipher[$i+1]);
    
             //Xor Linkage of $return and ciphertext from the last two blocks or sections
             //XORed $return with the previous ciphertext
             if($this->cbc == 1)
                $plain[] = array($return[0]^$cipher[$i-2],$return[1]^$cipher[$i-1]);
             else          //EBC Mode
                $plain[] = $return;
          }
    
          for($i = 0; $i<count($plain); $i++) {
             $output .= $this->_long2str($plain[$i][0]);
             $output .= $this->_long2str($plain[$i][1]);
          }
    
          return $output;
       }
    
       //Prepare the key to decrypt ver / front
       function key_setup($key) {
    		if(is_array($key))
          		$this->key = $key;
    		else if(isset($key) && !empty($key))
    			$this->key = $this->_str2long(str_pad($key, 16, $key));
    		else
    			$this->key = array(0,0,0,0);
       }
    
    
    	//Performs a benchmark
    	function benchmark($length=1000) {
    		//1000 Byte String
    		$string = str_pad("", $length, "text");
    
    
    		//Key-Setup
    		$start1 = time() + (double)microtime();
    		$xtea = new XTEA("key");
    		$end1 = time() + (double)microtime();
    
    		//Encryption
    		$start2 = time() + (double)microtime();
    		$xtea->Encrypt($string);
    		$end2 = time() + (double)microtime();
    
    
    
    		echo "Encrypting ".$length." bytes: ".round($end2-$start2,2)." seconds (".round($length/($end2-$start2),2)." bytes/second)<br>";
    
    
    	}
    
    	//verify the correct implementation of the blowfish algorithm
    	function check_implementation() {
    
    		$xtea = new XTEA("");
    		$vectors = array(
    			array(array(0x00000000,0x00000000,0x00000000,0x00000000), array(0x41414141,0x41414141), array(0xed23375a,0x821a8c2d)),
    			array(array(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f), array(0x41424344,0x45464748), array(0x497df3d0,0x72612cb5)),
    
    		);
    
    		//Correct implementation?
    		$correct = true;
    		//Test vectors, see http://www.schneier.com/code/vectors.txt
    		foreach($vectors AS $vector) {
          	$key = $vector[0];
    			$plain = $vector[1];
    			$cipher = $vector[2];
    
    			$xtea->key_setup($key);
    			$return = $xtea->block_encrypt($vector[1][0],$vector[1][1]);
    
    			if((int)$return[0] != (int)$cipher[0] || (int)$return[1] != (int)$cipher[1])
    				$correct = false;
    
    		}
    
    		return $correct;
    
    	}
    
    
    
    	/***********************************
    			Some internal functions
    	 ***********************************/
       function block_encrypt($y, $z) {
    	   $sum=0;
    	   $delta=0x9e3779b9;
    
    
    	   /* start cycle */
    	   for ($i=0; $i<32; $i++)
    	      {
    	      $y      = $this->_add($y,
    	                        $this->_add($z << 4 ^ $this->_rshift($z, 5), $z) ^
    	                            $this-> _add($sum, $this->key[$sum & 3]));
    
    	      $sum    = $this->_add($sum, $delta);
    
    	      $z      = $this->_add($z,
    	                        $this->_add($y << 4 ^ $this->_rshift($y, 5), $y) ^
    	                              $this->_add($sum, $this->key[$this->_rshift($sum, 11) & 3]));
    
    	      }
    
    	   /* end cycle */
    	   $v[0]=$y;
    	   $v[1]=$z;
    
    	   return array($y,$z);
    
       }
    
       function block_decrypt($y, $z) {
    	   $delta=0x9e3779b9;
    	   $sum=0xC6EF3720;
    	   $n=32;
    
    	   /* start cycle */
    	   for ($i=0; $i<32; $i++)
    	      {
    	      $z      = $this->_add($z,
    	                	-($this->_add($y << 4 ^ $this->_rshift($y, 5), $y) ^
    	                  	$this->_add($sum, $this->key[$this->_rshift($sum, 11) & 3])));
    	      $sum    = $this->_add($sum, -$delta);
    	      $y      = $this->_add($y,
    	                          -($this->_add($z << 4 ^ $this->_rshift($z, 5), $z) ^
    	                                    $this->_add($sum, $this->key[$sum & 3])));
    
    	      }
    	   /* end cycle */
    
    	   return array($y,$z);
        }
    
    
    
    
      	function _rshift($integer, $n) {
            // convert to 32 bits
            if (0xffffffff < $integer || -0xffffffff > $integer) {
                $integer = fmod($integer, 0xffffffff + 1);
            }
    
            // convert to unsigned integer
            if (0x7fffffff < $integer) {
                $integer -= 0xffffffff + 1.0;
            } elseif (-0x80000000 > $integer) {
                $integer += 0xffffffff + 1.0;
            }
    
            // do right shift
            if (0 > $integer) {
                $integer &= 0x7fffffff;                     // remove sign bit before shift
                $integer >>= $n;                            // right shift
                $integer |= 1 << (31 - $n);                 // set shifted sign bit
            } else {
                $integer >>= $n;                            // use normal right shift
            }
    
            return $integer;
        }
    
    
        function _add($i1, $i2) {
            $result = 0.0;
    
            foreach (func_get_args() as $value) {
                // remove sign if necessary
                if (0.0 > $value) {
                    $value -= 1.0 + 0xffffffff;
                }
    
                $result += $value;
            }
    
            // convert to 32 bits
            if (0xffffffff < $result || -0xffffffff > $result) {
                $result = fmod($result, 0xffffffff + 1);
            }
    
            // convert to signed integer
            if (0x7fffffff < $result) {
                $result -= 0xffffffff + 1.0;
            } elseif (-0x80000000 > $result) {
                $result += 0xffffffff + 1.0;
            }
    
            return $result;
        }
    
    
       //Einen Text in Longzahlen umwandeln
       //Covert a string into longinteger
       function _str2long($data) {
           $n = strlen($data);
           $tmp = unpack('N*', $data);
           $data_long = array();
           $j = 0;
    
           foreach ($tmp as $value) $data_long[$j++] = $value;
           return $data_long;
       }
    
       //Longzahlen in Text umwandeln
       //Convert a longinteger into a string
       function _long2str($l){
           return pack('N', $l);
       }
    
    }
    ?>

  2. #2
    Join Date
    Mar 2008
    Posts
    55
    Thanks to @xyph for the help. I think I'm almost there. I can get the encrypted string to change to base64 and it "looks" correct, but it still will not decrypt. Could I still be having an issue with the key string of "28d75A09ec63cxvxve870fad25e79b8c"? How do I change this into 16 characters? Below is my current code.

    Code:
    $ascii_string = '';
    foreach( str_split($text,2) as $chunk ){ $ascii_string .= chr(hexdec($chunk)); }
    $base64_string = base64_encode($ascii_string);
    
    $xtea = new XTEA('28d75A09ec63c32b1e870fad25e79b8c');
    $output =$xtea->Decrypt($base64_string);

  3. #3
    Join Date
    Mar 2008
    Posts
    55
    crap. still lost and its not decrypting. This is where I'm at.

    Code:
    // convert HEX key to ASCII (working)
    $ascii_key = hexToAscii('28d75A09ec63c32b1e870fad25e79b8c');
    // (Z	c+‡*%›Œ
    
    
    // convert XTEA encrypted HEX value to ASCII (working)
    $ascii = hexToAscii($text);
    // ŸOjAŽQœl:6bدjg9#Q9@'X}I}Œ{![KP—žub‹9wgGD[ic€S`K‰LkV™GmnLd{+3@Fdj0/coI\:tCU)+1":Er-po1ΰ[`/6E…| 40WŠ<=€b )*[_‘
    
    
    // base64 encode ASCII value (working)
    $base64_string = base64_encode($ascii);
    // sJ9PtGrUQY5R5OCcbBGqOjZij70cwtivatPwFGfKORAjHKhR1jlAJ1jVfUnMfRLvjHshW0tQosj/l6Ke7qX1dfeoYovbOXdnR+JE/ltp2M1jpNyAU2Dwy0uJTKhrVuiQmbVH/qONFqkCA/9tbkxktsp7KzMYQEbn6GRqMC9jb6NJw+74xFw6dEMDAlUpKzGqIs06RedyLXBvMevXzrC27VvBYOsc1i+uNuhF54V8nSA0MFeKPD3rrICPC+1iyN8gKSpbFF+pkcU=
    
    
    // decrypt XTEA encrypted value (FAILING)
    $xtea = new XTEA($ascii_key);
    $output = $xtea->Decrypt($base64_string);
    echo  nl2br(htmlentities(stripslashes($output)));
    // |61}BhžB`”od4H]sZ’=8€Srh$0n'wḥTwp}4-8EŸšl0SSFŒ|}I„Y;L(b‹-iScž4!컁f”[y4m—O"˜E&T‡'
    œ7}CVqWC_&ƒšWn}›„›ŽP
    As you can see the last result is not a legible string. It should look like a bunch of parameters after a url. HELP!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •