How can I encrypt with AES in C# so I can decrypt it in PHP?

Question

I've found a few answers to Encrypt in PHP, and Decrypt in C#, but as yet have been unable to reverse the process...

The background is I want to:

In C#: AES encrypt a file's contents. Upload the data (likely via http via POST) to a server.

In PHP: Receive and save the file.

And in PHP (at a later date): Decrypt the file.

I specifically want to encrypt it outside of using SSL/TLS (though I might have to do this as well), as I need to know the file remains encrypted (and decryptable!) when stored on the server.

To encrypt in C# I'm using:

Rijndael RijndaelAlg = Rijndael.Create();
RijndaelAlg.KeySize = 128;
RijndaelAlg.Mode = CipherMode.CBC;
CryptoStream cStream = new CryptoStream(fStream, RijndaelAlg.CreateEncryptor(Key, IV),
                                        CryptoStreamMode.Read);

and to decrypt in PHP:

 mcrypt_cbc(MCRYPT_RIJNDAEL_128, $key, $buffer, MCRYPT_DECRYPT, $iv);

Answer 1

Generally it only depends on selecting the right options on both sides:

• Plaintext character format

  how plaintext characters are encoded in the bit string

• Padding

  how to pad the plaintext to be an exact multiple of the block size

• Key length

  must be agreed if there is a choice

• Key derivation

  how to create the bit string to be used for the key

• Mode

  which mode of encryption to use

• Storage format

  how we store the ciphertext

Please see here for a lot of information about these things. Especially the padding seems to be the root of most interoperability problems as PHP's mcrypt uses a NULL -padding by default and has no built-in support for any other padding mode, while eg .NET doesn't even provide an option to use a NULL -padding (as it may cause issues when encrypting binary data).

Answer 2

I know this was asked a while ago but I thought I'd post my solution for others. I wrote up a quick code example in PHP and C# that lets you encrypt/decrypt both ways. I had a few issues with getting the settings on both sides to work out. A difference in padding would let it decrypt one way but not the other

https://github.com/dchymko/.NET--PHP-encryption

hope that helps some people.

Answer 3

Are you using the same mode with both? Ie are you using CBC with both (and not ECB). If you don't understand what I just said then drop a comment and I'll explain in detail, as it has fairly major security repercussions.

Answer 4

I had a similar problem a few months ago - I had a project that had to use AES encryption and I had to make sure that the exact same algorithm is used between a C# and A C++ component. I ended up implementing a shared DLL library used by both based on the AES crypto wrapper from this codeplex article:

http://www.codeproject.com/KB/security/WinAESwithHMAC.aspx