Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.php > #1692 > unrolled thread
| Started by | Heiko GreenRover Henning <greenrover@arcor.de> |
|---|---|
| First post | 2011-05-20 11:12 +0200 |
| Last post | 2011-05-23 10:35 -0700 |
| Articles | 7 — 5 participants |
Back to article view | Back to comp.lang.php
C# RijndaelEnhanced decrypt with php mcrypt Heiko GreenRover Henning <greenrover@arcor.de> - 2011-05-20 11:12 +0200
Re: C# RijndaelEnhanced decrypt with php mcrypt Michael Vilain <vilain@NOspamcop.net> - 2011-05-20 15:39 -0700
Re: C# RijndaelEnhanced decrypt with php mcrypt Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2011-05-21 23:06 +0200
Re: C# RijndaelEnhanced decrypt with php mcrypt Heiko Henning <greenrover@arcor.de> - 2011-05-24 12:58 +0200
Re: C# RijndaelEnhanced decrypt with php mcrypt Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2011-05-24 23:29 +0200
Re: C# RijndaelEnhanced decrypt with php mcrypt Trevor <trevorREMOVE@holyoak.com> - 2011-05-23 11:17 -0600
Re: C# RijndaelEnhanced decrypt with php mcrypt Michael Vilain <vilain@NOspamcop.net> - 2011-05-23 10:35 -0700
| From | Heiko GreenRover Henning <greenrover@arcor.de> |
|---|---|
| Date | 2011-05-20 11:12 +0200 |
| Subject | C# RijndaelEnhanced decrypt with php mcrypt |
| Message-ID | <4dd63095$0$6547$9b4e6d93@newsspool4.arcor-online.net> |
hi i have a C# .net app with i decompiled. This app uses for login password cryption: http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=Encryption%20With%20Salt&Lang=C%23 C# Code rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector); PlainPassword = DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort"]))) I have pass and iv. How can i decrypt the passwords in php? I tryted allready several variants of mcrypt_decrypt(). Didt somene have a idea? Wha i dont understand is that the iv has 16 chars but it should be an 256b encryption with normaly depends a 32chars iv. I also allready tryed a http://phpseclib.sourceforge.net/ for decryption without any success. http://pastebin.com/SKPG7gR2 Friendly regards and big thanks.
[toc] | [next] | [standalone]
| From | Michael Vilain <vilain@NOspamcop.net> |
|---|---|
| Date | 2011-05-20 15:39 -0700 |
| Message-ID | <vilain-E847A0.15391220052011@news.individual.net> |
| In reply to | #1692 |
In article <4dd63095$0$6547$9b4e6d93@newsspool4.arcor-online.net>, Heiko GreenRover Henning <greenrover@arcor.de> wrote: > hi > > i have a C# .net app with i decompiled. This app uses for login password > cryption: > http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=En > cryption%20With%20Salt&Lang=C%23 > > C# Code > rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector); > PlainPassword = > DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort > "]))) > > > I have pass and iv. > > How can i decrypt the passwords in php? I tryted allready several > variants of mcrypt_decrypt(). > > Didt somene have a idea? > > Wha i dont understand is that the iv has 16 chars but it should be an > 256b encryption with normaly depends a 32chars iv. > > I also allready tryed a http://phpseclib.sourceforge.net/ for decryption > without any success. > http://pastebin.com/SKPG7gR2 > > Friendly regards and big thanks. http://www.obviex.com/samples/EncryptionWithSalt.aspx shows that the encryption code in C# is a "built-in" using the Rijndael/AES symetrical encryption algorithm. php has the crypt() function which is really a 1-way hashing algorithm. You can encrypt text but cannot decrypt it. Checking for a valid match involves taking the supplied password, text, and salt, running it through the crypt() function and comparing the encrypted results. If they match, then you have the right password. AFAIK, there's no built-in implementation of the same sort of encryption as in the C# implemntation. My guess is you are going to have to modify the C# code to do a php-compatible encryption. You probably won't find a php implementation of the C# code unless you write it yourself. -- DeeDee, don't press that button! DeeDee! NO! Dee... [I filter all Goggle Groups posts, so any reply may be automatically ignored]
[toc] | [prev] | [next] | [standalone]
| From | Thomas 'PointedEars' Lahn <PointedEars@web.de> |
|---|---|
| Date | 2011-05-21 23:06 +0200 |
| Message-ID | <2147675.TqBVXBipH2@PointedEars.de> |
| In reply to | #1710 |
Michael Vilain wrote: > Heiko GreenRover Henning <greenrover@arcor.de> wrote: >> i have a C# .net app with i decompiled. This app uses for login password >> cryption: >> http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=En >> cryption%20With%20Salt&Lang=C%23 >> >> C# Code >> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector); >> PlainPassword = >> DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort >> "]))) >> >> >> I have pass and iv. >> >> How can i decrypt the passwords in php? I tryted allready several >> variants of mcrypt_decrypt(). >> >> Didt somene have a idea? >> >> Wha i dont understand is that the iv has 16 chars but it should be an >> 256b encryption with normaly depends a 32chars iv. >> >> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption >> without any success. >> http://pastebin.com/SKPG7gR2 This is Usenet, not the Web. Post your code *here*, preferably a reduced test case. >> Friendly regards and big thanks. > > http://www.obviex.com/samples/EncryptionWithSalt.aspx > > shows that the encryption code in C# is a "built-in" using the > Rijndael/AES symetrical encryption algorithm. > > php has the crypt() function which is really a 1-way hashing algorithm. > You can encrypt text but cannot decrypt it. Checking for a valid match > involves taking the supplied password, text, and salt, running it > through the crypt() function and comparing the encrypted results. If > they match, then you have the right password. AFAIK, there's no > built-in implementation of the same sort of encryption as in the C# > implemntation. > > My guess is you are going to have to modify the C# code to do a > php-compatible encryption. You probably won't find a php implementation > of the C# code unless you write it yourself. This is not about crypt(), but about _mcrypt_, and it is not about encryption, but about _decryption_. PHP's mcrypt module, in particular its mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256, all of which are AFAIK part of the AES standard. So what are you talking about? <http://www.php.net/manual/en/mcrypt.ciphers.php> PointedEars -- Danny Goodman's books are out of date and teach practices that are positively harmful for cross-browser scripting. -- Richard Cornford, cljs, <cife6q$253$1$8300dec7@news.demon.co.uk> (2004)
[toc] | [prev] | [next] | [standalone]
| From | Heiko Henning <greenrover@arcor.de> |
|---|---|
| Date | 2011-05-24 12:58 +0200 |
| Message-ID | <4ddb8f70$0$6626$9b4e6d93@newsspool2.arcor-online.net> |
| In reply to | #1752 |
Am 21.05.2011 23:06, schrieb Thomas 'PointedEars' Lahn: > This is not about crypt(), but about _mcrypt_, and it is not about > encryption, but about _decryption_. PHP's mcrypt module, in particular its > mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256, > all of which are AFAIK part of the AES standard. So what are you talking > about? I try to decrypt or crypt the nter passweord to compare crypted strings. But both dont work. I treyed nearly all variants of mcrypt and phpseclib.
[toc] | [prev] | [next] | [standalone]
| From | Thomas 'PointedEars' Lahn <PointedEars@web.de> |
|---|---|
| Date | 2011-05-24 23:29 +0200 |
| Message-ID | <5335999.9J7NaK4W3v@PointedEars.de> |
| In reply to | #1824 |
Heiko Henning wrote: > Am 21.05.2011 23:06, schrieb Thomas 'PointedEars' Lahn: >> This is not about crypt(), but about _mcrypt_, and it is not about >> encryption, but about _decryption_. PHP's mcrypt module, in particular >> its mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and >> -256, all of which are AFAIK part of the AES standard. So what are you >> talking about? > > I try to decrypt or crypt the nter passweord to compare crypted strings. > But both dont work. That's too bad. > I treyed nearly all variants of mcrypt and phpseclib. Try the remaining ones. You might also want to consider posting to de.comp.lang.php instead. [en] <http://www.catb.org/~esr/faqs/smart-questions.html> [de] <http://www.tty1.net/smart-questions_de.html> PointedEars -- Anyone who slaps a 'this page is best viewed with Browser X' label on a Web page appears to be yearning for the bad old days, before the Web, when you had very little chance of reading a document written on another computer, another word processor, or another network. -- Tim Berners-Lee
[toc] | [prev] | [next] | [standalone]
| From | Trevor <trevorREMOVE@holyoak.com> |
|---|---|
| Date | 2011-05-23 11:17 -0600 |
| Message-ID | <ire4r2$fap$1@dont-email.me> |
| In reply to | #1692 |
This is somewhat similar to a problem I faced last week. I ended up putting the functionality I needed into a custom assembly and then using this to call it from PHP: http://universalccw.sourceforge.net/ - Trevor On 5/20/2011 3:12 AM, Heiko GreenRover Henning wrote: > hi > > i have a C# .net app with i decompiled. This app uses for login password > cryption: > http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title=Encryption%20With%20Salt&Lang=C%23 > > > C# Code > rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector); > PlainPassword = > DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort"]))) > > > > I have pass and iv. > > How can i decrypt the passwords in php? I tryted allready several > variants of mcrypt_decrypt(). > > Didt somene have a idea? > > Wha i dont understand is that the iv has 16 chars but it should be an > 256b encryption with normaly depends a 32chars iv. > > I also allready tryed a http://phpseclib.sourceforge.net/ for decryption > without any success. > http://pastebin.com/SKPG7gR2 > > Friendly regards and big thanks. >
[toc] | [prev] | [next] | [standalone]
| From | Michael Vilain <vilain@NOspamcop.net> |
|---|---|
| Date | 2011-05-23 10:35 -0700 |
| Message-ID | <vilain-DC902B.10355023052011@news.individual.net> |
| In reply to | #1804 |
In article <ire4r2$fap$1@dont-email.me>, Trevor <trevorREMOVE@holyoak.com> wrote: > This is somewhat similar to a problem I faced last week. I ended up > putting the functionality I needed into a custom assembly and then using > this to call it from PHP: http://universalccw.sourceforge.net/ > > - Trevor > > On 5/20/2011 3:12 AM, Heiko GreenRover Henning wrote: > > hi > > > > i have a C# .net app with i decompiled. This app uses for login password > > cryption: > > http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&Title= > > Encryption%20With%20Salt&Lang=C%23 > > > > > > C# Code > > rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector); > > PlainPassword = > > DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwo > > rt"]))) > > > > > > > > I have pass and iv. > > > > How can i decrypt the passwords in php? I tryted allready several > > variants of mcrypt_decrypt(). > > > > Didt somene have a idea? > > > > Wha i dont understand is that the iv has 16 chars but it should be an > > 256b encryption with normaly depends a 32chars iv. > > > > I also allready tryed a http://phpseclib.sourceforge.net/ for decryption > > without any success. > > http://pastebin.com/SKPG7gR2 > > > > Friendly regards and big thanks. > > Yep. -- DeeDee, don't press that button! DeeDee! NO! Dee... [I filter all Goggle Groups posts, so any reply may be automatically ignored]
[toc] | [prev] | [standalone]
Back to top | Article view | comp.lang.php
csiph-web