On 9/7/07, Symbian <mail5205772@xxxxxxxxxxxx> wrote: > > I'm unable to workout how to get the same IV as the one generated by the PHP > script is random. The thing is that we cant change the PHP script as its > readily being used now. Maybe I should look at the encryption routine and > reverse that first? just hard code the IV in both places. to make it difficult you can do something like this (basically our .NET guy took it from http://www.codeproject.com/dotnet/DotNetCrypto.asp) public static string Encrypt(string clearText, string Password) { // First we need to turn the input string into a byte array. byte[] clearBytes = System.Text.Encoding.UTF8.GetBytes(clearText); PasswordDeriveBytes pdb = new PasswordDeriveBytes(Password, new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76}); byte[] encryptedData = Encrypt(clearBytes, pdb.GetBytes(32), pdb.GetBytes(16)); return Convert.ToBase64String(encryptedData); } (make sure to copy that first Encrypt method and set alg.Padding = PaddingMode.Zeros) and on PHP side (the IV/key numbers have been changed to protect the innocent :)) i believe the numbers are the decimal values of the .NET 0x49 etc. you need 32 of them for the key, and 16 for the IV (to match the parameters above) - these numbers do not match right now i just jumbled them up. i would first see if you can use my code to properly encrypt in .NET and decrypt in PHP. then hopefully you can just reverse it. what i should do is actually publish an example with working instructions + numbers. i'll keep this email around and publish an article on my blog or something hopefully soon. function decrypt($text, $key) { $enc_key_array = Array(24,91,81,138,122,etc); $chrs = ""; foreach(array_values($enc_key_array) as $chr) { $chrs .= chr($chr); } $enc_key = $chrs; $enc_iv_array = Array(35,56,103,81,77,etc); $chrs = ""; foreach(array_values($enc_iv_array) as $chr) { $chrs .= chr($chr); } $enc_iv = $chrs; $text = base64_decode($text); $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $enc_key, $text, "cbc", $enc_iv); return $decrypted."\n"; } remember to base64 encode/decode at the proper times. we use this to encrypt information in a cookie so it needs to be encoded for transit. it also helps when you are copy/pasting it back and forth to test encrypt/decrypt :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
