Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Rijndael 256 Encrypt/decrypt between c# and php?

UPDATED

I have made the changes to the C# code so it uses a block size of 256. but now the hello world looks like this http://pastebin.com/5sXhMV11 and I cant figure out what I should use with rtrim() to get ride of the mess at the end.

Also when you say the IV should be random, by this do you mean don't use the same IV more then once or is the way I have coded it wrong?

Thanks again!

Hi,

I'm trying to decrypt a string with PHP that was encrypted in C#. I can't seem to get PHP to decrypt it using mcrypt and could do with some help please. I get the following error with php so I am guessing I'm not setting the IV correctly.

Error: The IV parameter must be as long as the blocksize

Both functions use the same cipher, key, IV and set to CBC mode:

encrypted text from c# = UmzUCnAzThH0nMkIuMisqg==
key 32 long = qwertyuiopasdfghjklzxcvbnmqwerty
iv 16 long = 1234567890123456

C#

    public static string EncryptString(string message, string KeyString, string IVString)
    {
        byte[] Key = ASCIIEncoding.UTF8.GetBytes(KeyString);
        byte[] IV = ASCIIEncoding.UTF8.GetBytes(IVString);

        string encrypted = null;
        RijndaelManaged rj = new RijndaelManaged();
        rj.Key = Key;
        rj.IV = IV;
        rj.Mode = CipherMode.CBC;

        try
        {
            MemoryStream ms = new MemoryStream();

            using (CryptoStream cs = new CryptoStream(ms, rj.CreateEncryptor(Key, IV), CryptoStreamMode.Write))
            {
                using (StreamWriter sw = new StreamWriter(cs))
                {
                    sw.Write(message);
                    sw.Close();
                }
                cs.Close();
            }
            byte[] encoded = ms.ToArray();
            encrypted = Convert.ToBase64String(encoded);

            ms.Close();
        }
        catch (CryptographicException e)
        {
            Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
            return null;
        }
        catch (UnauthorizedAccessException e)
        {
            Console.WriteLine("A file error occurred: {0}", e.Message);
            return null;
        }
        catch (Exception e)
        {
            Console.WriteLine("An error occurred: {0}", e.Message);
        }
        finally
        {
            rj.Clear();
        }

        return encrypted;
    }

PHP

var $mcrypt_cipher = MCRYPT_RIJNDAEL_256;
var $mcrypt_mode = MCRYPT_MODE_CBC;

function decrypt($key, $iv, $encrypted)
{
    $encrypted = base64_decode($encrypted);

    $decrypted = rtrim(mcrypt_decrypt($this->mcrypt_cipher, $key, $encrypted, $this->mcrypt_mode, $iv), "\0");;
    return $decrypted;
}

Thanks

like image 450
arbme Avatar asked Aug 07 '10 20:08

arbme


People also ask

What is Rijndael algorithm in C#?

Rijndael is a block cipher that uses a symmetric key encryption technique. It employs three discrete and invertible layers: Linear Mix Transform , Non-linear Transform , and Key Addition Transform . In C#, Rijndael Key supports key lengths of 128, 192, and 256 bits and blocks of 128 (default), 192, and 256 bits.

Can you decrypt AES 256 without key?

In reality the 256-bit AES is considered computationally infeasible. The only 'feasible' way to decrypt would be using the same key used to encrypt.

Is Rijndael obsolete?

The Rijndael and RijndaelManaged types are marked as obsolete, starting in . NET 6.


1 Answers

If you want to use Rijndael256 in your C# application you have to set the BlockSize to 256.

RijndaelManaged rj = new RijndaelManaged();
rj.BlockSize = 256;

And then your iv has to be 256 bits long as well.
see SymmetricAlgorithm.BlockSize Property


Or the other way round: Currently your C# application uses Rijndael128 and so must your php script.

<?php
class Foo {
  protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128;
  protected $mcrypt_mode = MCRYPT_MODE_CBC;

  public function decrypt($key, $iv, $encrypted)
  {
    $iv_utf = mb_convert_encoding($iv, 'UTF-8');
    return mcrypt_decrypt($this->mcrypt_cipher, $key, base64_decode($encrypted), $this->mcrypt_mode, $iv_utf);
  }
}



$encrypted = "UmzUCnAzThH0nMkIuMisqg==";
$key = "qwertyuiopasdfghjklzxcvbnmqwerty";
$iv = "1234567890123456";

$foo = new Foo;
echo $foo->decrypt($key, $iv, $encrypted);

prints hello world

like image 193
VolkerK Avatar answered Sep 19 '22 09:09

VolkerK