« Return to Thread: Converting PHP code to C#?
Re: Converting PHP code to C#?
by Michael Shadle
::
Rate this Message:
On 9/7/07, Symbian <mail5205772@...> wrote:
>
> I'm unable to workout how to get the same IV as the one generated by the PHP
> script is random. The thing is that we cant change the PHP script as its
> readily being used now. Maybe I should look at the encryption routine and
> reverse that first?
just hard code the IV in both places.
to make it difficult you can do something like this (basically our
.NET guy took it from
http://www.codeproject.com/dotnet/DotNetCrypto.asp)
public static string Encrypt(string clearText, string Password)
{
// First we need to turn the input string into a byte array.
byte[] clearBytes =
System.Text.Encoding.UTF8.GetBytes(clearText);
PasswordDeriveBytes pdb = new PasswordDeriveBytes(Password,
new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,
0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76});
byte[] encryptedData = Encrypt(clearBytes,
pdb.GetBytes(32), pdb.GetBytes(16));
return Convert.ToBase64String(encryptedData);
}
(make sure to copy that first Encrypt method and set alg.Padding =
PaddingMode.Zeros)
and on PHP side (the IV/key numbers have been changed to protect the
innocent :))
i believe the numbers are the decimal values of the .NET 0x49 etc. you
need 32 of them for the key, and 16 for the IV (to match the
parameters above) - these numbers do not match right now i just
jumbled them up. i would first see if you can use my code to properly
encrypt in .NET and decrypt in PHP. then hopefully you can just
reverse it.
what i should do is actually publish an example with working
instructions + numbers. i'll keep this email around and publish an
article on my blog or something hopefully soon.
function decrypt($text, $key) {
$enc_key_array = Array(24,91,81,138,122,etc);
$chrs = "";
foreach(array_values($enc_key_array) as $chr) {
$chrs .= chr($chr);
}
$enc_key = $chrs;
$enc_iv_array = Array(35,56,103,81,77,etc);
$chrs = "";
foreach(array_values($enc_iv_array) as $chr) {
$chrs .= chr($chr);
}
$enc_iv = $chrs;
$text = base64_decode($text);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $enc_key,
$text, "cbc", $enc_iv);
return $decrypted."\n";
}
remember to base64 encode/decode at the proper times. we use this to
encrypt information in a cookie so it needs to be encoded for transit.
it also helps when you are copy/pasting it back and forth to test
encrypt/decrypt :)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
>
> I'm unable to workout how to get the same IV as the one generated by the PHP
> script is random. The thing is that we cant change the PHP script as its
> readily being used now. Maybe I should look at the encryption routine and
> reverse that first?
just hard code the IV in both places.
to make it difficult you can do something like this (basically our
.NET guy took it from
http://www.codeproject.com/dotnet/DotNetCrypto.asp)
public static string Encrypt(string clearText, string Password)
{
// First we need to turn the input string into a byte array.
byte[] clearBytes =
System.Text.Encoding.UTF8.GetBytes(clearText);
PasswordDeriveBytes pdb = new PasswordDeriveBytes(Password,
new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,
0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76});
byte[] encryptedData = Encrypt(clearBytes,
pdb.GetBytes(32), pdb.GetBytes(16));
return Convert.ToBase64String(encryptedData);
}
(make sure to copy that first Encrypt method and set alg.Padding =
PaddingMode.Zeros)
and on PHP side (the IV/key numbers have been changed to protect the
innocent :))
i believe the numbers are the decimal values of the .NET 0x49 etc. you
need 32 of them for the key, and 16 for the IV (to match the
parameters above) - these numbers do not match right now i just
jumbled them up. i would first see if you can use my code to properly
encrypt in .NET and decrypt in PHP. then hopefully you can just
reverse it.
what i should do is actually publish an example with working
instructions + numbers. i'll keep this email around and publish an
article on my blog or something hopefully soon.
function decrypt($text, $key) {
$enc_key_array = Array(24,91,81,138,122,etc);
$chrs = "";
foreach(array_values($enc_key_array) as $chr) {
$chrs .= chr($chr);
}
$enc_key = $chrs;
$enc_iv_array = Array(35,56,103,81,77,etc);
$chrs = "";
foreach(array_values($enc_iv_array) as $chr) {
$chrs .= chr($chr);
}
$enc_iv = $chrs;
$text = base64_decode($text);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $enc_key,
$text, "cbc", $enc_iv);
return $decrypted."\n";
}
remember to base64 encode/decode at the proper times. we use this to
encrypt information in a cookie so it needs to be encoded for transit.
it also helps when you are copy/pasting it back and forth to test
encrypt/decrypt :)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
« Return to Thread: Converting PHP code to C#?
| Free embeddable forum powered by Nabble | Forum Help |
