I'm trying to do a simple task. Encypt a value in PHP and Decrypt it in my VB.net app. I figure I'd use tripleDES or Rijdael 128 or 256
I though this should be simple. Can anyone point me in the right direction?
Thank you
A:
For PHP you should look at the mcrypt extension, which should support all of the ciphers you specified
GApple
2009-08-14 17:05:03
My php code uses mcrypt. The problem I have is decoding it in VB.net
shaiss
2009-08-14 17:06:46
A:
Disclaimer: I've never actually used the Crytography classes in .NET.
To do Rijndael decryption in .NET, you're probably looking for the System.Security.Cryptography.RijndaelManaged class.
That page also has some examples of how to use it, although you may also need an instance of RSACryptoServiceProvider... I'm not sure.
R. Bemrose
2009-08-14 17:15:03
I'm looking into your first posted link. Looks like it could work, just need to figure it out. Thank you.
shaiss
2009-08-14 17:39:59
+5
A:
We have some ciphers working between C# on .NET and PHP. I am not familiar with VB.net. I assume it uses the same crypto library System.Security.Cryptography.
On PHP side, we switched from mcrypt to OpenSSL because some modes and paddings are not supported by mcrypt.
As long as you use same algorithm (DES, AES etc), same mode (CBC, ECB etc), same padding (PKCS1, PKCS5), the cipher should work on both platforms.
Example of encryption using AES-128 on PHP side using mcrypt,
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128);
$data = $this->paddingAlgorithm->padData($data, $blockSize);
return $iv . mcrypt_encrypt($this->MCRYPT_DES, $keyBytes, $data, MCRYPT_MODE_CBC, $iv);
Please note that we use PKCS7 padding but mcrypt doesn't support it so we have to write the padding algorithm. We also prepend the IV (Initial Vector) to the cipher text. You might store it somewhere else but you need that to decrypt.
Here is the corresponding C# code to setup the cipher to decrypt,
// create the underlying symmetric algorithm with the given name
algorithm = (SymmetricAlgorithm)CryptoConfig.CreateFromName("RIJNDAEL");
// set cipher mode
algorithm.Mode = CipherMode.CBC;
// set padding mode
algorithm.Padding = PaddingMode.PKCS7;
ZZ Coder
2009-08-14 17:35:34
Could you give a bit more detail for the PHP side?What did you do on the C# side?Would you have any code snippets to share?thank you!
shaiss
2009-08-14 17:42:22
The code is not in public domain so I can't share. I posted some snippets to show you how the parameters are matched up on both ends. The PHP code is from an older version using mcrypt, which doesn't support PKCS7 padding. So you have to write the padding function if you use mcrypt. It's really simple once you understand the algorithm.
ZZ Coder
2009-08-14 18:14:42
A:
I also looked long and hard for solutions to this problem. Here is a complete set of code for both php and vb.net that will do what you are looking for. Should be pretty easy to translate to C# as well.
########################################
# BEGIN PHP CODE
########################################
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
// I blantantly stole, tweaked and happily used this code from:
// Lord of Ports http://www.experts-exchange.com/M_1736399.html
$ky = 'lkirwf897+22#bbtrm8814z5qq=498j5'; // 32 * 8 = 256 bit key
$iv = '741952hheeyy66#cs!9hjv887mxx7@8y'; // 32 * 8 = 256 bit iv
$text = "Here is my data to encrypt!!!";
$from_vb = "QBlgcQ2+v3wd8RLjhtu07ZBd8aQWjPMfTc/73TPzlyA="; // enter value from vb.net app here to test
$etext = encryptRJ256($ky, $iv, $text);
$dtext = decryptRJ256($ky, $iv, $etext);
$vtext = decryptRJ256($ky, $iv, $from_vb);
echo "<HR>orignal string: $text";
echo "<HR>encrypted in php: $etext";
echo "<HR>decrypted in php: $dtext";
echo "<HR>encrypted in vb: $from_vb";
echo "<HR>from vb decrypted in php: $vtext";
echo "<HR>If you like it say thanks! richard dot varno at gmail dot com";
exit;
function decryptRJ256($key,$iv,$string_to_decrypt)
{
$string_to_decrypt = base64_decode($string_to_decrypt);
$rtn = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_decrypt, MCRYPT_MODE_CBC, $iv);
$rtn = rtrim($rtn, "\0\4");
return($rtn);
}
function encryptRJ256($key,$iv,$string_to_encrypt)
{
$rtn = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string_to_encrypt, MCRYPT_MODE_CBC, $iv);
$rtn = base64_encode($rtn);
return($rtn);
}
?>
########################################
# END PHP CODE
########################################
########################################
# BEGIN VB.NET CODE (console app)
########################################
Imports System
Imports System.Text
Imports System.Security.Cryptography
Imports System.IO
Module Module1
' I blantantly stole, tweaked and happily used this code from:
' Lord of Ports http://www.experts-exchange.com/M_1736399.html
Sub Main()
'Shared 256 bit Key and IV here
Dim sKy As String = "lkirwf897+22#bbtrm8814z5qq=498j5" '32 chr shared ascii string (32 * 8 = 256 bit)
Dim sIV As String = "741952hheeyy66#cs!9hjv887mxx7@8y" '32 chr shared ascii string (32 * 8 = 256 bit)
Dim sTextVal As String = "Here is my data to encrypt!!!"
Dim eText As String
Dim dText As String
eText = EncryptRJ256(sKy, sIV, sTextVal)
dText = DecryptRJ256(sKy, sIV, eText)
Console.WriteLine("key: " & sKy)
Console.WriteLine()
Console.WriteLine(" iv: " & sIV)
Console.WriteLine("txt: " & sTextVal)
Console.WriteLine("encrypted: " & eText)
Console.WriteLine("decrypted: " & dText)
Console.WriteLine("If you like it say thanks! richard dot varno at gmail dot com")
Console.WriteLine("press any key to exit")
Console.ReadKey(True)
End Sub
Public Function DecryptRJ256(ByVal prm_key As String, ByVal prm_iv As String, ByVal prm_text_to_decrypt As String)
Dim sEncryptedString As String = prm_text_to_decrypt
Dim myRijndael As New RijndaelManaged
myRijndael.Padding = PaddingMode.Zeros
myRijndael.Mode = CipherMode.CBC
myRijndael.KeySize = 256
myRijndael.BlockSize = 256
Dim key() As Byte
Dim IV() As Byte
key = System.Text.Encoding.ASCII.GetBytes(prm_key)
IV = System.Text.Encoding.ASCII.GetBytes(prm_iv)
Dim decryptor As ICryptoTransform = myRijndael.CreateDecryptor(key, IV)
Dim sEncrypted As Byte() = Convert.FromBase64String(sEncryptedString)
Dim fromEncrypt() As Byte = New Byte(sEncrypted.Length) {}
Dim msDecrypt As New MemoryStream(sEncrypted)
Dim csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length)
Return (System.Text.Encoding.ASCII.GetString(fromEncrypt))
End Function
Public Function EncryptRJ256(ByVal prm_key As String, ByVal prm_iv As String, ByVal prm_text_to_encrypt As String)
Dim sToEncrypt As String = prm_text_to_encrypt
Dim myRijndael As New RijndaelManaged
myRijndael.Padding = PaddingMode.Zeros
myRijndael.Mode = CipherMode.CBC
myRijndael.KeySize = 256
myRijndael.BlockSize = 256
Dim encrypted() As Byte
Dim toEncrypt() As Byte
Dim key() As Byte
Dim IV() As Byte
key = System.Text.Encoding.ASCII.GetBytes(prm_key)
IV = System.Text.Encoding.ASCII.GetBytes(prm_iv)
Dim encryptor As ICryptoTransform = myRijndael.CreateEncryptor(key, IV)
Dim msEncrypt As New MemoryStream()
Dim csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
toEncrypt = System.Text.Encoding.ASCII.GetBytes(sToEncrypt)
csEncrypt.Write(toEncrypt, 0, toEncrypt.Length)
csEncrypt.FlushFinalBlock()
encrypted = msEncrypt.ToArray()
Return (Convert.ToBase64String(encrypted))
End Function
End Module
########################################
# END VB.NET CODE
########################################
Richard Varno
2009-11-19 19:15:14