XTEA algorithm

[bartman1]

I'm decoding some strings that were encoded by someone else, I have the key and already made a decoder in C++ and it is working but I want to avoid call "exec".

 

For now I've tried to use mcrypt_decrypt (mcrypt Version 2.5. with all possible options but none gives correct results, compared to the correct c++ .exe results.

 

I tried to "convert" the function to PHP around 6 times but none worked, I'm sure there is something I'm missing or I don't know about.

 

This is the working decoder function in c++:

void XTEADecode(LPCVOID lpBuffer, int dwSize, DWORD *lpXteaKey) {
    LPDWORD lpPtr = (LPDWORD)lpBuffer;
    int j;
    for(j=0; j<dwSize; j=j+{
        unsigned long v0=*lpPtr, v1=*(lpPtr+1), i;
        unsigned long delta=0x9E3779B9, sum=delta*32;
        for(i=0; i<32; i++) {
            v1 -= ((v0 << 4 ^ v0 >> 5) + v0) ^ (sum + lpXteaKey[sum>>11 & 3]);
            sum -= delta;
            v0 -= ((v1 << 4 ^ v1 >> 5) + v1) ^ (sum + lpXteaKey[sum & 3]);
        }
        *lpPtr=v0; *(lpPtr+1)=v1;
        lpPtr+=2;
    }
}

 

Any suggestions would be appreciated.

[bartman1]

Sighs, I tried with php gmp functions now, I get crashes with no error on apache error log.

 

Guess it will have to stay in c++, but I'm decoding a lot so it will be really shitty.

[bartman1]

I came up with an optimization that will help me a bit because I'm using some repeated strings, I'm saving the result of the c++ program on files with length-md5-crc32-sha1 as filenames, performance improve is around 25 times on those strings, I still have to process many strings but this helps a lot.

[bartman1]

I'm decrypting much more data now and I can't rely on cache anymore, I already tried pear classes and other classes found online but most of them can't even encrypt and decrypt some string data correctly. I will test with mcrypt again, maybe I missed something but please help 

[ignace]

Show us the PHP code you wrote based on the C++ decoder function.

[bartman1]

Show us the PHP code you wrote based on the C++ decoder function.

 

Because of my code changed, now I have to use unpack, and with it I had to use floatval, so I just noticed until now, that I was using floats and I think the operands are not float compatible, I run php on 32 bit os. Probably that is the problem, using floats. I'm using a sample encrypted string of 8 characters long for easier testing.

 

Encrypted chars:

33,112,187,46,81,81,246,60

correctly decrypted chars:

30,0,140,13,152,152,0,100

my_xtea decrypted chars:

99,152,220,80,152,9,159,226

 

function my_xtea($s, $key) {
  $delta = 0x9E3779B9; $sum = $delta * 32;
  $v0 = floatval(unpack('N', substr($s, 0, 4))); $v1 = floatval(unpack('N', substr($s, 4, 4)));
  for ($i = 0; $i < 32; $i++) {
    $v1 = $v1 - (((($v0 << 4) ^ ($v0 >> 5)) + $v0) ^ ($sum + $key[($sum>>11) & 3]));
    $sum = $sum - $delta;
    $v0 = $v0 - (((($v1 << 4) ^ ($v1 >> 5)) + $v1) ^ ($sum + $key[$sum & 3]));
  }
  $ret = pack('N*', $v0, $v1);
  return $ret;
}

$key = array(floatval('3027993532'), floatval('2715151340'), floatval('1391262992'), floatval('909125560'));

$tmp = my_xtea(chr(33).chr(112).chr(187).chr(46).chr(81).chr(81).chr(246).chr(60), $key);

echo ord($tmp[0]).','.ord($tmp[1]).','.ord($tmp[2]).','.ord($tmp[3]).','.ord($tmp[4]).','.ord($tmp[5]).','.ord($tmp[6]).','.ord($tmp[7]).'<br />';

[bartman1]

I tried to do it with mysql CAST and bitwise operators XD, I got the same result as with

mcrypt_decrypt(MCRYPT_XTEA, $key ,$string, MCRYPT_MODE_ECB);

 

still not correct.

 

I'm waiting this page is available(http://windows.php.net/download/) so I can try with php-VC9 and the gmp module, but I imagine I will get the same results : <

[ignace]

Your C++ code uses unsigned integer's. Quite possibly all this fails due PHP and MySQL being run under a x32 architecture. If you have x64 system, uninstall and install the x64 version, and try again.

 

EDIT: under x64 drop floatval()

[bartman1]

I won't use 64 bits :/

 

and yes I needed to use floatval because I'm running on 32 bit.

 

mysql uses 64 bit integers even on 32 bit systems, I tried this function to do all the calculations, but as said before I got the same result as mcrypt_decrypt instead of the same result as c++

 

function my_op($a, $b, $op) {
  global $mysqli;
  $result = $mysqli->query('SELECT CAST((CAST('.$a.' '.$op.' '.$b.' AS UNSIGNED INTEGER) & 0xFFFFFFFF) AS UNSIGNED INTEGER)');
  $row = $result->fetch_row();
  return $row[0];
}

 

I still haven't been able to get php-vc9 to test with gmp extension, I'll post result when I get it.

 

Thanks for interest.

[bartman1]

gmp_init('2654435769'); crashes apache with vc-9 php/apache too, I will have to code something in c/c++ that does all that the php code was doing, so it gets called only once. Crap!