How do you convert the following encryption code from Perl (or from PHP) to VB.NET?

Question

I have some encryption code that has been written in Perl (also a code snippet in PHP) - but I just can't get a version written in VB.NET to work with the third party.

Example in Perl

    package Sitemaker::API::Crypt;

    use warnings;
    use strict;
    use base qw( Exporter );

    use Crypt::CBC;
    use MIME::Base64;

    our @EXPORT = qw(
        encrypt
        decrypt
    );

    =head2 encrypt( $key, $iv, $arg1[,$arg2][,...]  )

    This encrypts the argumenst (which must all be values, not references) with
    the key (which must be 16 characters long)

    =cut
    sub encrypt {
        my ( $key, $iv, @args ) = @_;
        my $args =  join( '|', @args );

        my $cipher = Crypt::CBC->new(
            -cipher => 'Rijndael',
            -blocksize => 16,
            -keysize => 16,
            -header => 'none',
            -padding => 'standard',
            -iv => $iv,
            -literal_key => 1,
            -key => $key,
        );

        my $binary_token = $cipher->encrypt( $args );

        return encode_base64( $iv . $binary_token );
    }
1;

Example in PHP

/**
 * @param string $plaintext
 * @return string encrypted token
 *
 * Relies on the Mcrypt module
 */
 function encrypt( $plaintext, $apiKey)
 {
    // Initialize mcrypt module (AES, 128-bit key, CBC)
    $handle = mcrypt_module_open( MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
    $iv = mcrypt_create_iv( mcrypt_enc_get_iv_size( $handle ), MCRYPT_DEV_URANDOM );

    // PKCS#5 padding
    $blocksize = mcrypt_enc_get_block_size( $handle );
    $padsize = $blocksize - ( strlen( $plaintext ) % $blocksize );
    $plaintext .= str_repeat( chr( $padsize ), $padsize );

    // encrypt
    mcrypt_generic_init( $handle, $apiKey, $iv );
    $ciphertext = mcrypt_generic( $handle, $plaintext );

    // clean up
    mcrypt_generic_deinit( $handle );
    mcrypt_module_close( $handle );

    return base64_encode( $iv. $ciphertext );
}

So I tried to recreate the same in VB.NET, but I don't think it's working, as I post to the service and just get errors back. The encryption method in VB.NET is...

 Public Function EncrpytIt(ByVal Key As String, ByVal IV As String, ByVal arrParams As String()) As String
        Dim plainTextBytes As Byte()
        plainTextBytes = Encoding.ASCII.GetBytes(Join(arrParams, "~"))

        Dim outputBytes As Byte()

        Dim symmetricKey As New System.Security.Cryptography.RijndaelManaged()
        With symmetricKey
            .Key = Encoding.ASCII.GetBytes(Key)
            .IV = Encoding.ASCII.GetBytes(IV)
            .Mode = CipherMode.CBC
            .BlockSize = 128 
            .KeySize = 128 
            .Padding = PaddingMode.PKCS7
        End With
        Dim encryptor As ICryptoTransform = symmetricKey.CreateEncryptor(symmetricKey.Key, symmetricKey.IV)
        Using msEncrypt As New MemoryStream()
            Using csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
                csEncrypt.Write(plainTextBytes, 0, plainTextBytes.Length)
                csEncrypt.FlushFinalBlock()
            End Using
            outputBytes = msEncrypt.ToArray
        End Using
        Return IV & Convert.ToBase64String(outputBytes)
    End Function

Is that behaving in the same way, or do I have to alter the settings in the vb.net code?

Answer 1

The first thing that I see is that in the cases of PHP and Perl, you base 64 encode the concatenated IV string with the encrypted data, whereas in VB you return the concatenated string of the IV and the base 64 encoded output of the encryption.

You need to change the return statement to this:

Return Convert.ToBase64String(Encoding.ASCII.GetBytes(IV) & outputBytes)

Also, there seems to be a bit of inconsistency between the padding schemes used - at least between the PHP and the VB.NET version. Based on the comments in the PHP sample - that is using PKCS #5 and your Visual Basic code is using PKCS #7. I'm not sure what 'standard' means in the context of the Perl.