Inconsistent behavior. PHP5 FreeBSD server Vs PHP5 Windows Server.

merv merv at merv.org.uk
Fri Aug 8 10:05:52 UTC 2008 

Hi,

I have a strange problem with PHP5 on FreeBSD.

When run on a FreeBSD server the decrypt function of a xTea encryption 
library does not work correctly. While the same PHP code runs without 
problem on a Windows Server. Has anybody experienced similar problems? I 
am at a dead end any help would be much appreciated.

Windows output:
xTea

A secret message. Meet at 21:00 by the old bridge to talk about the new plan.

hK/xEOKqgx+Tfb7tCndxFH/3HTck+cy3+y1uMa/DUWNgg7I91/QeG2BceCmtaDYmFjPRAczqCHCc
LHMWiGE0ZQV+QC+f3xcJWvtGxLIdDHY=

A secret message. Meet at 21:00 by the old bridge to talk about the new plan.


FreeBSD output:
xTea

A secret message. Meet at 21:00 by the old bridge to talk about the new plan.

hK/xEOKqgx+Tfb7tCndxFH/3HTck+cy3+y1uMa/DUWNgg7I91/QeG2BceCmtaDYmFjPRAczqCHCc
LHMWiGE0ZQV+QC+f3xcJWvtGxLIdDHY=

’³ûøfsƒ‰cfˆ®[Ë[…*x¶ØÚ5L´¥$¨lÔîÊB%Tª”ô֝GµXõqÕ-åÉH>(€¯;H8¯€àØÃ


Note encryption works fine it is possible to encrypt the message on 
FreeBSD and decrypt the message on Windows. The message also decrypts 
correctly using a Javascript implementation of xTea. The only part that 
fails is decrypt under FreeBSD. Is this expected and common?

PHP source:

<?php
require('xTEA.php');

$key = 'Password';
$input = "A secret message. Meet at 21:00 by the old bridge to talk 
about the new plan.";

//Encrypt
$ct_data = base64_encode(cryptN($input, $key, TRUE, 32));
//Decrypt
$pt_data = cryptN(base64_decode($ct_data), $key, FALSE, 32);

?>
<html>
<body>
<h3>xTea</h3>
<pre><?=$input?></pre>
<pre><?=chunk_split($ct_data);?></pre>
<pre><?=$pt_data?></pre>
</body>
</html>

xTEA.php:

<?php
/*********************************************************************\
Based on TEA (2nd variant),http://www.simonshepherd.supanet.com/tea.htm

crypt en- and decrypts a string (1st arg) using a key (2nd arg) of
length 16 with 16 iterations (a 4th argument may be given to use
another number of iterations (8 is superficial, 16 is often adequate,
32 is hard)). Arg 3 is true for encryption, false for decryption. Key
is taken to contain byte characters (0x01-0xFF); subject sstring may
contain wider characters but only each lower byte is used.

\*********************************************************************/

function cryptN($str,$key,$encrypt,$itr)
{
$res="";

while (strlen($str)>8)
{
// $res .= crypt8(substr($str,0,8),$key,$encrypt,$itr);
$res .= JScrypt8(substr($str,0,8),$key,$encrypt,$itr);
$str = substr($str,8);
}

if (strlen($str)>0)
{
while (strlen($str)<8)
{
$str .= ' ';
}
// $res .= crypt8($str,$key,$encrypt,$itr);
$res .= JScrypt8($str,$key,$encrypt,$itr);
}

return rtrim($res,' ');
}

//Four-byte truncate
function fbt($x)
{
$x = $x&0x0FFFFFFFF;
return $x<0?0x0100000000+$x:$x;
}

function JScrypt8($oct,$key,$encrypt,$itr)
{
$y=0;
$z=0;
$k=array(); $k[0]=$k[1]=$k[2]=$k[3]=0;
$d=0x9E3779B9;
$sum=$encrypt?0:($d*$itr);
$res="";

for ($i=0; $i<8; )
{
$y=fbt(($y<<8)+(ord($oct{$i})&0xFF));
$k[$i&3]=fbt(($k[$i&3]<<8)+ord($key{$i}));
$k[$i&3]=fbt(($k[$i&3]<<8)+ord($key{$i+8}));
$i++;
$z=fbt(($z<<8)+(ord($oct{$i})&0xFF));
$k[$i&3]=fbt(($k[$i&3]<<8)+ord($key{$i}));
$k[$i&3]=fbt(($k[$i&3]<<8)+ord($key{$i+8}));
$i++;
}
if ($encrypt)
{
while ($itr-->0)
{
$y = fbt(($y+fbt(($z*16)^floor($z/32))+fbt($z^$sum)+$k[$sum&3]));
$sum=$sum+$d;
$z = fbt(($z+fbt(($y*16)^floor($y/32))+fbt($y^$sum)+$k[($sum>>11)&3]));
}
}
else
{
while ($itr-->0)
{
$z = fbt($z-fbt(fbt(($y*16)^floor($y/32))+fbt($y^$sum)+$k[($sum>>11)&3]));
$sum=$sum-$d;
$y = fbt($y-fbt(fbt(($z*16)^floor($z/32))+fbt($z^$sum)+$k[$sum&3]));
}
}
for ($i=4; $i-->0; )
{
$res .= chr(fbt(($y&0xFF000000)>>24));
$y = $y<<8;
$res .= chr(fbt(($z&0xFF000000)>>24));
$z=$z<<8;
}
return $res;
}

function crypt8($oct,$key,$encrypt,$itr)
{
$y=0;
$z=0;
$k=array(); $k[0]=$k[1]=$k[2]=$k[3]=0;
$d=0x9E3779B9;
$sum=$encrypt?0:($d*$itr)&0x0ffffffff;
$res="";

for ($i=0; $i<8; )
{
$y=($y<<8)+(ord($oct{$i})&0xFF);
$k[$i&3]=($k[$i&3]<<8)+ord($key{$i});
$k[$i&3]=($k[$i&3]<<8)+ord($key{$i+8});
$i++;
$z=($z<<8)+(ord($oct{$i})&0xFF);
$k[$i&3]=($k[$i&3]<<8)+ord($key{$i});
$k[$i&3]=($k[$i&3]<<8)+ord($key{$i+8});
$i++;
}
if ($encrypt)
{
while ($itr-->0)
{
$y = ($y+(($z<<4)^($z>>5))+($z^$sum)+$k[$sum&3])&0x0ffffffff;
$sum=$sum+$d;
$z = ($z+(($y<<4)^($y>>5))+($y^$sum)+$k[($sum>>11)&3])&0x0ffffffff;
}
}
else
{
while ($itr-->0)
{
$z = 
($z+0x0100000000-(((($y<<4)^($y>>5))+($y^$sum)+$k[($sum>>11)&3])&0x0ffffffff))&0x0ffffffff;
$sum=($sum+0x0100000000-$d)&0x0ffffffff;
$y = 
($y+0x0100000000-(((($z<<4)^($z>>5))+($z^$sum)+$k[$sum&3])&0x0ffffffff))&0x0ffffffff;
}
}
for ($i=4; $i-->0; )
{
$res .= chr(($y&0xFF000000)>>24);
$y = $y<<8;
$res .= chr(($z&0xFF000000)>>24);
$z=$z<<8;
}
return $res;
}

?>

More information about the freebsd-questions mailing list