FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » C# RijndaelEnhanced decrypt with php mcrypt
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
C# RijndaelEnhanced decrypt with php mcrypt [message #174048] Fri, 20 May 2011 09:12 Go to next message
Heiko GreenRover Henn is currently offline  Heiko GreenRover Henn
Messages: 2
Registered: May 2011
Karma: 0
Junior Member
hi

i have a C# .net app with i decompiled. This app uses for login password
cryption:
http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&T itle=Encryption%20With%20Salt&Lang=C%23

C# Code
rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
PlainPassword =
DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort "])))


I have pass and iv.

How can i decrypt the passwords in php? I tryted allready several
variants of mcrypt_decrypt().

Didt somene have a idea?

Wha i dont understand is that the iv has 16 chars but it should be an
256b encryption with normaly depends a 32chars iv.

I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
without any success.
http://pastebin.com/SKPG7gR2

Friendly regards and big thanks.
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174066 is a reply to message #174048] Fri, 20 May 2011 22:39 Go to previous messageGo to next message
Michael Vilain is currently offline  Michael Vilain
Messages: 88
Registered: September 2010
Karma: 0
Member
In article <4dd63095$0$6547$9b4e6d93(at)newsspool4(dot)arcor-online(dot)net>,
Heiko GreenRover Henning <greenrover(at)arcor(dot)de> wrote:

> hi
>
> i have a C# .net app with i decompiled. This app uses for login password
> cryption:
> http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&T itle=En
> cryption%20With%20Salt&Lang=C%23
>
> C# Code
> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
> PlainPassword =
> DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort
> "])))
>
>
> I have pass and iv.
>
> How can i decrypt the passwords in php? I tryted allready several
> variants of mcrypt_decrypt().
>
> Didt somene have a idea?
>
> Wha i dont understand is that the iv has 16 chars but it should be an
> 256b encryption with normaly depends a 32chars iv.
>
> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
> without any success.
> http://pastebin.com/SKPG7gR2
>
> Friendly regards and big thanks.

http://www.obviex.com/samples/EncryptionWithSalt.aspx

shows that the encryption code in C# is a "built-in" using the
Rijndael/AES symetrical encryption algorithm.

php has the crypt() function which is really a 1-way hashing algorithm.
You can encrypt text but cannot decrypt it. Checking for a valid match
involves taking the supplied password, text, and salt, running it
through the crypt() function and comparing the encrypted results. If
they match, then you have the right password. AFAIK, there's no
built-in implementation of the same sort of encryption as in the C#
implemntation.

My guess is you are going to have to modify the C# code to do a
php-compatible encryption. You probably won't find a php implementation
of the C# code unless you write it yourself.

--
DeeDee, don't press that button! DeeDee! NO! Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174104 is a reply to message #174066] Sat, 21 May 2011 21:06 Go to previous messageGo to next message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
Senior Member
Michael Vilain wrote:

> Heiko GreenRover Henning <greenrover(at)arcor(dot)de> wrote:
>> i have a C# .net app with i decompiled. This app uses for login password
>> cryption:
>>
http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&T itle=En
>> cryption%20With%20Salt&Lang=C%23
>>
>> C# Code
>> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
>> PlainPassword =
>>
DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort
>> "])))
>>
>>
>> I have pass and iv.
>>
>> How can i decrypt the passwords in php? I tryted allready several
>> variants of mcrypt_decrypt().
>>
>> Didt somene have a idea?
>>
>> Wha i dont understand is that the iv has 16 chars but it should be an
>> 256b encryption with normaly depends a 32chars iv.
>>
>> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
>> without any success.
>> http://pastebin.com/SKPG7gR2

This is Usenet, not the Web. Post your code *here*, preferably a reduced
test case.

>> Friendly regards and big thanks.
>
> http://www.obviex.com/samples/EncryptionWithSalt.aspx
>
> shows that the encryption code in C# is a "built-in" using the
> Rijndael/AES symetrical encryption algorithm.
>
> php has the crypt() function which is really a 1-way hashing algorithm.
> You can encrypt text but cannot decrypt it. Checking for a valid match
> involves taking the supplied password, text, and salt, running it
> through the crypt() function and comparing the encrypted results. If
> they match, then you have the right password. AFAIK, there's no
> built-in implementation of the same sort of encryption as in the C#
> implemntation.
>
> My guess is you are going to have to modify the C# code to do a
> php-compatible encryption. You probably won't find a php implementation
> of the C# code unless you write it yourself.

This is not about crypt(), but about _mcrypt_, and it is not about
encryption, but about _decryption_. PHP's mcrypt module, in particular its
mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256,
all of which are AFAIK part of the AES standard. So what are you talking
about?

<http://www.php.net/manual/en/mcrypt.ciphers.php>


PointedEars
--
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
-- Richard Cornford, cljs, <cife6q$253$1$8300dec7(at)news(dot)demon(dot)co(dot)uk> (2004)
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174153 is a reply to message #174048] Mon, 23 May 2011 17:17 Go to previous messageGo to next message
Trevor is currently offline  Trevor
Messages: 11
Registered: February 2011
Karma: 0
Junior Member
This is somewhat similar to a problem I faced last week. I ended up
putting the functionality I needed into a custom assembly and then using
this to call it from PHP: http://universalccw.sourceforge.net/

- Trevor

On 5/20/2011 3:12 AM, Heiko GreenRover Henning wrote:
> hi
>
> i have a C# .net app with i decompiled. This app uses for login password
> cryption:
> http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&T itle=Encryption%20With%20Salt&Lang=C%23
>
>
> C# Code
> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
> PlainPassword =
> DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwort "])))
>
>
>
> I have pass and iv.
>
> How can i decrypt the passwords in php? I tryted allready several
> variants of mcrypt_decrypt().
>
> Didt somene have a idea?
>
> Wha i dont understand is that the iv has 16 chars but it should be an
> 256b encryption with normaly depends a 32chars iv.
>
> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
> without any success.
> http://pastebin.com/SKPG7gR2
>
> Friendly regards and big thanks.
>
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174156 is a reply to message #174153] Mon, 23 May 2011 17:35 Go to previous messageGo to next message
Michael Vilain is currently offline  Michael Vilain
Messages: 88
Registered: September 2010
Karma: 0
Member
In article <ire4r2$fap$1(at)dont-email(dot)me>,
Trevor <trevorREMOVE(at)holyoak(dot)com> wrote:

> This is somewhat similar to a problem I faced last week. I ended up
> putting the functionality I needed into a custom assembly and then using
> this to call it from PHP: http://universalccw.sourceforge.net/
>
> - Trevor
>
> On 5/20/2011 3:12 AM, Heiko GreenRover Henning wrote:
>> hi
>>
>> i have a C# .net app with i decompiled. This app uses for login password
>> cryption:
>> http://www.obviex.com/samples/Sample.aspx?Source=EncryptionWithSaltCS&T itle=
>> Encryption%20With%20Salt&Lang=C%23
>>
>>
>> C# Code
>> rijndaelKey = new Krypto.RijndaelEnhanced(passPhrase, initVector);
>> PlainPassword =
>> DiverseVariablen.rijndaelKey.Decrypt(Conversions.ToString(row["ProjectKennwo
>> rt"])))
>>
>>
>>
>> I have pass and iv.
>>
>> How can i decrypt the passwords in php? I tryted allready several
>> variants of mcrypt_decrypt().
>>
>> Didt somene have a idea?
>>
>> Wha i dont understand is that the iv has 16 chars but it should be an
>> 256b encryption with normaly depends a 32chars iv.
>>
>> I also allready tryed a http://phpseclib.sourceforge.net/ for decryption
>> without any success.
>> http://pastebin.com/SKPG7gR2
>>
>> Friendly regards and big thanks.
>>

Yep.

--
DeeDee, don't press that button! DeeDee! NO! Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174173 is a reply to message #174104] Tue, 24 May 2011 10:58 Go to previous messageGo to next message
Heiko GreenRover Henn is currently offline  Heiko GreenRover Henn
Messages: 2
Registered: May 2011
Karma: 0
Junior Member
Am 21.05.2011 23:06, schrieb Thomas 'PointedEars' Lahn:
> This is not about crypt(), but about _mcrypt_, and it is not about
> encryption, but about _decryption_. PHP's mcrypt module, in particular its
> mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and -256,
> all of which are AFAIK part of the AES standard. So what are you talking
> about?

I try to decrypt or crypt the nter passweord to compare crypted strings.
But both dont work.

I treyed nearly all variants of mcrypt and phpseclib.
Re: C# RijndaelEnhanced decrypt with php mcrypt [message #174179 is a reply to message #174173] Tue, 24 May 2011 21:29 Go to previous message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
Senior Member
Heiko Henning wrote:

> Am 21.05.2011 23:06, schrieb Thomas 'PointedEars' Lahn:
>> This is not about crypt(), but about _mcrypt_, and it is not about
>> encryption, but about _decryption_. PHP's mcrypt module, in particular
>> its mcrypt_decrypt() function, supports decrypting Rijndael-128, -192 and
>> -256, all of which are AFAIK part of the AES standard. So what are you
>> talking about?
>
> I try to decrypt or crypt the nter passweord to compare crypted strings.
> But both dont work.

That's too bad.

> I treyed nearly all variants of mcrypt and phpseclib.

Try the remaining ones.

You might also want to consider posting to de.comp.lang.php instead.

[en] <http://www.catb.org/~esr/faqs/smart-questions.html>
[de] <http://www.tty1.net/smart-questions_de.html>


PointedEars
--
Anyone who slaps a 'this page is best viewed with Browser X' label on
a Web page appears to be yearning for the bad old days, before the Web,
when you had very little chance of reading a document written on another
computer, another word processor, or another network. -- Tim Berners-Lee
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: urgent
Next Topic: is dis da place?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 22:28:41 GMT 2024

Total time taken to generate the page: 0.02509 seconds