WebApp Sec mailing list archives
Re: What problem have this Rijndael(.NET&PHP) code?
From: "Scott C. Sanchez" <scottsanchez () gmail com>
Date: Fri, 15 Dec 2006 10:08:50 -0500
Maybe this URL will help? It's a working example and some tips for encryption/decryption between .net and php http://programmin.prim8.net/archives/25-PHP-and-DotNet-encryption.html Good luck! Scott C. Sanchez, CISSP On 12/14/06, 김영일 <zero12a () naver com> wrote:
Dear, web security Professionals. I have a AES problem. I want to send confidential data. STEP is bottom... * STEP 1. Encrypt confidential-data by C#.NET. 2. Send encrypted data on HTTP(80) protocol. 2. Decrypt encyrpted data by PHP & mcrypt(2.4.x) I want to decrypt data. but, Result data(decrypted data) don't same input data. What's problem?. My code is a bottom. ---------------------PHPinfo() & Decrypt/Encrypt Function----------------------------------- * PHPinfo() mcrypt Version: >=2.4.x Supported ciphers : cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes Supported modes : cbc cfb ctr ecb ncfb nofb ofb stream * C#.NET Encrypt function private string EncryptString(string InputText, string Password) { RijndaelManaged RijndaelCipher = new RijndaelManaged(); RijndaelCipher.Mode = CipherMode.ECB; byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText); byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString()); PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt); ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16)); MemoryStream memoryStream = new MemoryStream(); CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write); cryptoStream.Write(PlainText, 0, PlainText.Length); cryptoStream.FlushFinalBlock(); byte[] CipherBytes = memoryStream.ToArray(); memoryStream.Close(); cryptoStream.Close(); string EncryptedData = Convert.ToBase64String(CipherBytes); return EncryptedData; } * PHP(mcrypt) Decrypt function function decrypt($decrypt,$key) { $decoded = base64_decode($decrypt); $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), strlen($key)); $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_ECB, $iv); return $decrypted; } ------------------------------------------- Young-il Kim, CISA/CISSP/OCP Korean, http://cafe.naver.com/WebHack zero12a () naver com, zero12a () dreamwiz com ------------------------------------------------------------------------ 새로운 기부 문화의 씨앗, 해피빈 http://happybean.naver.com
Current thread:
- What problem have this Rijndael(.NET&PHP) code? 김영일 (Dec 15)
- Re: What problem have this Rijndael(.NET&PHP) code? Peter Conrad (Dec 18)
- Message not available
- Re: What problem have this Rijndael(.NET&PHP) code? Scott C. Sanchez (Dec 18)
- Re: What problem have this Rijndael(.NET&PHP) code? Jamie Riden (Dec 18)