stackoom
  简体   繁体   中英

Equivalent PHP code for AES encryption from C#

 原文  2013-01-31 11:02:57       c#/ php/ encryption/ aes

Question

can any one please provide the equivalent PHP Code for the below C# Aes encryption, i have tried different php AES encryption but to no use, the out put not matching, thanks in advance.

the key and iv values used here are in hex and expected output is in Hex.

C#: 

public class AESAlgorithm
    {

    public static string GeneratePrivateKey()
    {
        string str;

        RijndaelManaged rijndaelManaged = null;
        try
        {
            rijndaelManaged = new RijndaelManaged();
            rijndaelManaged.KeySize = 128;
            rijndaelManaged.GenerateKey();
            str = ConvertByteArrayToHexString(rijndaelManaged.Key);
        }
        finally
        {
            if (rijndaelManaged == null)
            {
                rijndaelManaged.Clear();
            }
        }
        return str;
    }

    public static string GenerateAuthKey(string timestamp, string appCode, string attUid, string privateKey)
    {
        return Encrypt(String.Format("{0}|{1}|{2}", timestamp, appCode, attUid), privateKey);
    }

    public static string Encrypt(string textToEncrypt, string hexStringKey)
    {
        string str1;

        RijndaelManaged rijndaelManaged = null;
        try
        {
            rijndaelManaged = new RijndaelManaged();
            rijndaelManaged.Mode = CipherMode.CBC;
            rijndaelManaged.Padding = PaddingMode.PKCS7;
            rijndaelManaged.KeySize = 128;
            rijndaelManaged.BlockSize = 128;
            byte[] bs1 = ConvertHexStringToByteArray(hexStringKey);
            rijndaelManaged.Key = bs1;
            rijndaelManaged.IV = bs1;
            ICryptoTransform iCryptoTransform = rijndaelManaged.CreateEncryptor();
            byte[] bs2 = Encoding.UTF8.GetBytes(textToEncrypt);
            str1 = ConvertByteArrayToHexString(iCryptoTransform.TransformFinalBlock(bs2, 0, (int)bs2.Length));
        }
        finally
        {
            if (rijndaelManaged == null)
            {
                rijndaelManaged.Clear();
            }
        }
        return str1;
    }

    public static string Decrypt(string hexStringToDecrypt, string hexStringKey)
    {
        string str1;

        RijndaelManaged rijndaelManaged = null;
        try
        {
            rijndaelManaged = new RijndaelManaged();
            rijndaelManaged.Mode = CipherMode.CBC;
            rijndaelManaged.Padding = PaddingMode.PKCS7;
            rijndaelManaged.KeySize = 128;
            rijndaelManaged.BlockSize = 128;
            byte[] bs1 = ConvertHexStringToByteArray(hexStringToDecrypt);
            byte[] bs2 = ConvertHexStringToByteArray(hexStringKey);
            rijndaelManaged.Key = bs2;
            rijndaelManaged.IV = bs2;
            byte[] bs3 = rijndaelManaged.CreateDecryptor().TransformFinalBlock(bs1, 0, (int)bs1.Length);
            str1 = Encoding.UTF8.GetString(bs3);
        }
        finally
        {
            if (rijndaelManaged == null)
            {
                rijndaelManaged.Clear();
            }
        }
        return str1;
    }

    private static string ConvertByteArrayToHexString(byte[] input)
    {
        bool flag;

        StringBuilder stringBuilder = new StringBuilder();
        byte[] bs = input;
        int i = 0;
        do
        {
            byte b = bs[i];
            stringBuilder.AppendFormat("{0:x2}", b);
            i++;

            flag = i < (int)bs.Length;
        }
        while (flag);
        return stringBuilder.ToString();
    }

    private static byte[] ConvertHexStringToByteArray(string hexString)
    {
        bool flag = (hexString.Length & 1) == 0;
        if (!flag)
        {
            throw new ArgumentOutOfRangeException("hexString", hexString, "hexString must contain an even number of characters.");
        }
        byte[] bs1 = new byte[hexString.Length / 2];
        int i = 0;
        do
        {
            bs1[i / 2] = Byte.Parse(hexString.Substring(i, 2), NumberStyles.HexNumber);
            i += 2;

            flag = i < hexString.Length;
        }
        while (flag);
        return bs1;
    }
}

1 answers

solution1
 0  2013-01-31 14:04:53

Your sample code is really bad , you are using the key bytes as the IV, an adversary could definitely use a chosen ciphertext attack figure out the key bytes, easily. That would suck for your auth key.

IV's NEED to be unique and unpredictable for AES-CBC.

My suggestion to you since this appears to be credentials of some sort you should use Authenticated Encryption .

I have some cut and paste code I try to keep reviewed, Modern Examples of Symmetric Authenticated Encryption of a string C#

The .NET Built-in Encrypt(AES)-Then-MAC(HMAC) version of my examples should be compatible with RNCryptor when encrypting using nonSecretPayload = new byte[]{2,X}; ( X being 0 without password, 1 with pasword) and decrypting with nonSecretPayloadLength = 2 .

Even though RNCryptor is objective-c, I believe RNCryptor has PHP examples.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question convert C# AES encryption code to php C# equivalent of Oracle function for AES encryption AES encryption in JS equivalent of C# Converting AES encryption token code in C# to php Example code PHP / C# AES encryption - random IV Replicating the same AES encryption from C# in PHP Encrypting using C# AES encryption & decryption from these PHP codes AES encryption and decryption source code in C# AES encryption different results, in C# and PHP Convert Aes encryption in php to c#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM