Sharing encrypted data with .Net?

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Todd Gruben
    #1

    Sharing encrypted data with .Net?

    I am trying to send some encrypted data from a php application to be
    decoded in a .Net application. Both apps encode/decode a given string
    but generate different encrypted results. Anyone have any idea? Code
    to follow:

    php====>
    <?php

    // Designate string to be encrypted
    $string = "This is a test";

    // Encryption/decryption key
    $key = pack('H*',md5(" mysecretkey"));
    echo "PHP:KeySiz e:";
    echo mcrypt_get_key_ size('tripledes ', 'ecb')*8;
    echo "<BR>";
    echo "PHP:BlockSize: ";
    echo mcrypt_get_bloc k_size('tripled es', 'ecb')*8;
    echo "<BR>";



    // Encryption Algorithm
    $cipher_alg = MCRYPT_TRIPLEDE S;
    #$cipher_alg = ;
    #$cipher_alg = ;

    // Create the initialization vector for added security.
    //$iv = mcrypt_create_i v(mcrypt_get_iv _size($cipher_a lg,
    MCRYPT_MODE_ECB ), MCRYPT_RAND);

    $iv = pack("H*","ec78 7813562c5be0");

    // Output original string
    echo "PHP:Origin al string:$string <br>";
    echo "PHP:Origin al Key:". base64_encode($ key)."<br>";
    echo "PHP:Encryp tion Method: tripledes <br>";
    echo "PHP:IV:".base6 4_encode($iv)." <br>";

    // Encrypt $string
    //$encrypted_stri ng = mcrypt_encrypt( $cipher_alg, $key, $string,
    MCRYPT_MODE_CBC , $iv);
    $encrypted_stri ng = mcrypt_encrypt( $cipher_alg, $key, $string,
    MCRYPT_MODE_CFB , $iv);
    $decrypted_stri ng = mcrypt_decrypt( $cipher_alg, $key,
    $encrypted_stri ng, MCRYPT_MODE_CFB , $iv);
    echo "PHP:Encryp ted string
    Base64:".base64 _encode($encryp ted_string)."<b r>";
    echo "PHP:Decryp ted string:$decrypt ed_string";
    ?>
    <============== =====
    PHP OUTPUTPHP:
    KeySize:192
    PHP:BlockSize:6 4
    PHP:Original string:This is a test
    PHP:Original Key:NNLkJVyOa+s 8QvJN/X5tqQ==
    PHP:Encryption Method: tripledes
    PHP:IV:7Hh4E1Ys W+A=
    PHP:Encrypted string Base64:A+9SKuoL dZaATqa+qmTipg= =
    PHP:Decrypted string:This is a test

    =============== ============>
    C# (.NET)

    using System;
    using System.Security .Cryptography;
    using System.Text;

    namespace test
    {
    class TryDes{

    public string EncryptTripleDE S(string Plaintext,
    string key) {
    TripleDESCrypto ServiceProvider DES = new
    TripleDESCrypto ServiceProvider ();
    MD5CryptoServic eProvider hashMD5 = new
    MD5CryptoServic eProvider();

    DES.Key =
    hashMD5.Compute Hash(ASCIIEncod ing.ASCII.GetBy tes(key));
    DES.Mode = CipherMode.CFB;
    DES.IV =
    Convert.FromBas e64String("7Hh4 E1YsW+A=");
    DES.Padding=Pad dingMode.Zeros;

    Console.WriteLi ne("");
    Console.WriteLi ne("NET:KeySize :"+DES.KeySize) ;

    Console.WriteLi ne("NET:BlockSi ze:"+DES.BlockS ize);
    Console.WriteLi ne("NET:Origina l
    String:"+Plaint ext);
    Console.WriteLi ne("NET:Origina l
    Key:"+Convert.T oBase64String(D ES.Key));
    Console.WriteLi ne("NET:Encrypt ion
    Method:TripeDES ");

    //DES.Mode = CipherMode.ECB;
    Console.WriteLi ne(
    "NET:IV:"+Conve rt.ToBase64Stri ng(DES.IV));

    ICryptoTransfor m DESEncrypt =
    DES.CreateEncry ptor(DES.Key,DE S.IV);
    byte[] Buffer =
    ASCIIEncoding.A SCII.GetBytes(P laintext);
    return
    Convert.ToBase6 4String(DESEncr ypt.TransformFi nalBlock(Buffer , 0,
    Buffer.Length)) ;
    }

    public string DecryptTripleDE S(string base64Text,
    string key){
    TripleDESCrypto ServiceProvider DES = new
    TripleDESCrypto ServiceProvider ();

    MD5CryptoServic eProvider hashMD5 = new
    MD5CryptoServic eProvider();

    DES.Key =
    hashMD5.Compute Hash(ASCIIEncod ing.ASCII.GetBy tes(key));
    DES.Mode = CipherMode.CFB;
    DES.Padding=Pad dingMode.Zeros;
    DES.IV = Convert.FromBas e64String("7Hh4 E1YsW+A=");

    ICryptoTransfor m DESDecrypt =
    DES.CreateDecry ptor(DES.Key,DE S.IV);
    byte[] Buffer =
    Convert.FromBas e64String(base6 4Text);
    return
    ASCIIEncoding.A SCII.GetString( DESDecrypt.Tran sformFinalBlock (Buffer,
    0, Buffer.Length)) ;
    }
    }

    class Class1
    {
    static void Main(string[] args) {
    TryDes md = new TryDes();
    string secrekey = "mysecretke y";
    string sometest = md.EncryptTripl eDES("This is
    a test",secrekey) ;
    Console.WriteLi ne("NET:Encrypt ed string
    Base64:"+somete st);
    Console.WriteLi ne("NET:Decrypt ed
    string:"+md.Dec ryptTripleDES(s ometest,secreke y));
    Console.WriteLi ne("");
    }
    }
    }
    <============== ========
    ..Net Output

    NET:KeySize:192
    NET:BlockSize:6 4
    NET:Original String:This is a test
    NET:Original Key:NNLkJVyOa+s 8QvJN/X5tqQ==
    NET:Encryption Method:TripeDES
    NET:IV:7Hh4E1Ys W+A=
    NET:Encrypted string Base64:qbGgiTZp 9YTGOutg8IGlqw= =
    NET:Decrypted string:This is a test
    Tags: None
    • Jon Skeet [C# MVP]
      #2
      Re: Sharing encrypted data with .Net?

      Todd Gruben <tgruben@flight lock.com> wrote:[color=blue]
      > I am trying to send some encrypted data from a php application to be
      > decoded in a .Net application. Both apps encode/decode a given string
      > but generate different encrypted results. Anyone have any idea?[/color]

      Well for a start, you need to know how mcrypt_encrypt encodes a string.
      Pretty much every encryption scheme works with bytes rather than text -
      and to get from text to bytes, you need to specify an encoding. You're
      using ASCII in the .NET version - what does PHP use?

      --
      Jon Skeet - <skeet@pobox.co m>
      Pobox is now part of Fastmail
      http://www.pobox.com/~skeet
      Pobox has been discontinued as a separate service, and all existing customers moved to the Fastmail platform.

      If replying to the group, please do not mail me too

        Comment

        • Todd Gruben
          #3
          Re: Sharing encrypted data with .Net?



          The string format of php is a array of characters. The
          binary form of both strings in php and csharp appear to be
          the same. I did a dump of the input string and its is
          exactly the same

          *** Sent via Devdex http://www.devdex.com ***
          Don't just participate in USENET...get rewarded for it!

            Comment

            • Jon Skeet [C# MVP]
              #4
              Re: Sharing encrypted data with .Net?

              Todd Gruben <tgruben@flight lock.com> wrote:[color=blue]
              > The string format of php is a array of characters. The
              > binary form of both strings in php and csharp appear to be
              > the same. I did a dump of the input string and its is
              > exactly the same[/color]

              I don't think you understand. In order to encrypt data, you need to
              convert from text to binary. That doesn't mean how they're stored
              internally, it means converting from an array of characters to an array
              of bytes, which could be in any one of many encodings. If you use a
              different encoding, you will get different results.

              --
              Jon Skeet - <skeet@pobox.co m>
              Pobox is now part of Fastmail
              http://www.pobox.com/~skeet
              Pobox has been discontinued as a separate service, and all existing customers moved to the Fastmail platform.

              If replying to the group, please do not mail me too

                Comment

                Previous template Next
                Working...