Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.php > #1752

Re: C# RijndaelEnhanced decrypt with php mcrypt

Followups directed to: comp.lang.php

Show key headers only | View raw

Michael Vilain wrote:

> Heiko GreenRover Henning <greenrover@arcor.de> wrote:
>> i have a C# .net app with i decompiled. This app uses for login password
>> cryption:
>> 
http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=En
>> cryption%20With%20Salt&Lang=C%23
>> 
>> C# Code
>> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
>> PlainPassword =
>> 
DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort
>> "])))
>> 
>> 
>> I have pass and iv.
>> 
>> How can i decrypt the passwords in php? I tryted allready several
>> variants of mcrypt_decrypt().
>> 
>> Didt somene have a idea?
>> 
>> Wha i dont understand is that the iv has 16 chars but it should be an
>> 256b encryption with normaly depends a 32chars iv.
>> 
>> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
>> without any success.
>> http://pastebin.com/SKPG7gR2

This is Usenet, not the Web.  Post your code *here*, preferably a reduced 
test case.

>> Friendly regards and big thanks.
> 
> http://www.obviex.com/samples/EncryptionWithSalt.aspx
> 
> shows that the encryption code in C# is a "built-in" using the
> Rijndael/AES symetrical encryption algorithm.
> 
> php has the crypt() function which is really a 1-way hashing algorithm.
> You can encrypt text but cannot decrypt it.  Checking for a valid match
> involves taking the supplied password, text, and salt, running it
> through the crypt() function and comparing the encrypted results.  If
> they match, then you have the right password.  AFAIK, there's no
> built-in implementation of the same sort of encryption as in the C#
> implemntation.
> 
> My guess is you are going to have to modify the C# code to do a
> php-compatible encryption.  You probably won't find a php implementation
> of the C# code unless you write it yourself.

This is not about crypt(), but about _mcrypt_, and it is not about 
encryption, but about _decryption_.  PHP's mcrypt module, in particular its 
mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256, 
all of which are AFAIK part of the AES standard.  So what are you talking 
about?
 
<http://www.php.net/manual/en/mcrypt.ciphers.php>


PointedEars
-- 
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
 -- Richard Cornford, cljs, <cife6q$253$1$8300dec7@news.demon.co.uk> (2004)

Back to comp.lang.php | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread

Thread

C# RijndaelEnhanced decrypt with php mcrypt Heiko GreenRover Henning <greenrover@arcor.de> - 2011-05-20 11:12 +0200
  Re: C# RijndaelEnhanced decrypt with php mcrypt Michael Vilain <vilain@NOspamcop.net> - 2011-05-20 15:39 -0700
    Re: C# RijndaelEnhanced decrypt with php mcrypt Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2011-05-21 23:06 +0200
      Re: C# RijndaelEnhanced decrypt with php mcrypt Heiko Henning <greenrover@arcor.de> - 2011-05-24 12:58 +0200
        Re: C# RijndaelEnhanced decrypt with php mcrypt Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2011-05-24 23:29 +0200
  Re: C# RijndaelEnhanced decrypt with php mcrypt Trevor <trevorREMOVE@holyoak.com> - 2011-05-23 11:17 -0600
    Re: C# RijndaelEnhanced decrypt with php mcrypt Michael Vilain <vilain@NOspamcop.net> - 2011-05-23 10:35 -0700

csiph-web