Posted by Colin McKinnon on 06/20/05 15:06

Gordan wrote:

> mysql> select aes_encrypt('gordan', 'abc');
> +------------------------------+
> | aes_encrypt('gordan', 'abc') |
> +------------------------------+
> | p§Èb9??_é?0ö?LIÝ |
> +------------------------------+
>
> I would like to "emulate" that function in PHP. I know that MySQL AES
> algorithm is RIJNDAEL_128 so I tried the following code
> <?php
> $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
> $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
> echo mcrypt_ecb (MCRYPT_RIJNDAEL_128, 'abc', 'gordan',
> MCRYPT_MODE_CBC,
> $iv);
> ?>
>
> but the encrypted string is different from the MySQL one :-(
> and ideas?

My understanding is that the initialization vector is added to the payload
before encryption - so I've never quite understood why the examples show:
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
So it might be worth trying a null iv.

Other considerations include:
1) how is the key padded to the right length (16 chars)
2) maybe the data is the same - it's just being represented differently
(since it seems to be stored by MySQL in binary format)

HTH

C.

[Back to original message]