Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!feeder.news-service.com!2a02:590:1:1::196.MISMATCH!news.teledata-fn.de!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail
Content-Type: text/plain; charset="ISO-8859-1"
Message-Id: <2147675.TqBVXBipH2@PointedEars.de>
From: Thomas 'PointedEars' Lahn <PointedEars@web.de>
Reply-To: Thomas 'PointedEars' Lahn <php@PointedEars.de>
Organization: PointedEars Software (PES)
Date: Sat, 21 May 2011 23:06:22 +0200
User-Agent: KNode/4.4.7
Content-Transfer-Encoding: 7Bit
Subject: Re: C# RijndaelEnhanced decrypt with php mcrypt
Newsgroups: comp.lang.php
References: <4dd63095$0$6547$9b4e6d93@newsspool4.arcor-online.net> <vilain-E847A0.15391220052011@news.individual.net>
Followup-To: comp.lang.php
MIME-Version: 1.0
Lines: 67
NNTP-Posting-Date: 21 May 2011 23:06:22 CEST
NNTP-Posting-Host: 13c3af3c.newsspool2.arcor-online.net
X-Trace: DXC=]EaG_HWfZGQYQ5E:l<XC@SA9EHlD;3YcR4Fo<]lROoRQ8kF<OcfhCO[9[GHo:1OE=YDZm8W4\YJN\T<8F<]0D<`Yn3W\9P\c?UYYI?ZmngL<j[
X-Complaints-To: usenet-abuse@arcor.de
Xref: x330-a1.tempe.blueboxinc.net comp.lang.php:1752

Michael Vilain wrote:

> Heiko GreenRover Henning <greenrover@arcor.de> wrote:
>> i have a C# .net app with i decompiled. This app uses for login password
>> cryption:
>> 
http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=En
>> cryption%20With%20Salt&Lang=C%23
>> 
>> C# Code
>> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
>> PlainPassword =
>> 
DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort
>> "])))
>> 
>> 
>> I have pass and iv.
>> 
>> How can i decrypt the passwords in php? I tryted allready several
>> variants of mcrypt_decrypt().
>> 
>> Didt somene have a idea?
>> 
>> Wha i dont understand is that the iv has 16 chars but it should be an
>> 256b encryption with normaly depends a 32chars iv.
>> 
>> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
>> without any success.
>> http://pastebin.com/SKPG7gR2

This is Usenet, not the Web.  Post your code *here*, preferably a reduced 
test case.

>> Friendly regards and big thanks.
> 
> http://www.obviex.com/samples/EncryptionWithSalt.aspx
> 
> shows that the encryption code in C# is a "built-in" using the
> Rijndael/AES symetrical encryption algorithm.
> 
> php has the crypt() function which is really a 1-way hashing algorithm.
> You can encrypt text but cannot decrypt it.  Checking for a valid match
> involves taking the supplied password, text, and salt, running it
> through the crypt() function and comparing the encrypted results.  If
> they match, then you have the right password.  AFAIK, there's no
> built-in implementation of the same sort of encryption as in the C#
> implemntation.
> 
> My guess is you are going to have to modify the C# code to do a
> php-compatible encryption.  You probably won't find a php implementation
> of the C# code unless you write it yourself.

This is not about crypt(), but about _mcrypt_, and it is not about 
encryption, but about _decryption_.  PHP's mcrypt module, in particular its 
mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256, 
all of which are AFAIK part of the AES standard.  So what are you talking 
about?
 
<http://www.php.net/manual/en/mcrypt.ciphers.php>


PointedEars
-- 
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
 -- Richard Cornford, cljs, <cife6q$253$1$8300dec7@news.demon.co.uk> (2004)