I recently worked on a project that required encryption and decryption by and between .NET and PHP. By default, the 2 technologies don’t mesh very well. Being that the data was originally being encrypted and decrypted by .NET, I had to write PHP code that worked with the encryption schemas being used. One of the main problems I ran into was the use of padding, in my case pkcs7 which was used by default in .NET. First thing to do was to make sure the encyption schemas were the same. For example, when using DES, the .NET default mode is MCRYPT_MODE_CBC. Once that was setup, I could initialize the mcrypt libraries.
[codesyntax lang=”php”]
$module = mcrypt_module_open(MCRYPT_DES, '', MCRYPT_MODE_CBC, ''); if($module === false) die("DES module could not be opened"); $blockSize = mcrypt_get_block_size(MCRYPT_DES, MCRYPT_MODE_CBC);
[/codesyntax]
The $blockSize variable is used later for padding and padding removal using pkcs7. Next to encrypt data I had to implement the following:
[codesyntax lang=”php”]
//encryption $key = substr($key, 0, 8); $iv = $key; $rc = mcrypt_generic_init($module, $key, $iv); //apply pkcs7 padding $value_length = strlen($value); $padding = $blockSize - ($value_length % $blockSize); $value .= str_repeat( chr($padding), $padding); $value = mcrypt_generic($module, $value); $value = base64_encode($value); mcrypt_generic_deinit($module);
[/codesyntax]
//value now encrypted
Basically, the encryption scheme the .NET side was using was set the iv to the key, pad data, encrypt data, then base64 encode data. So here I’ve done the same thing in PHP. Now I needed to do the exact same thing for decryption:
[codesyntax lang=”php”]
//Decryption $key = substr($key, 0, 8); $iv = $key; $rc = mcrypt_generic_init($module, $key, $iv); $value = base64_decode($value); $value = mdecrypt_generic($module, $value); //apply pkcs7 padding removal $packing = ord($value[strlen($value) - 1]); if($packing && $packing < $this->_blockSize){ for($P = strlen($value) - 1; $P >= strlen($value) - $packing; $P--){ if(ord($value{$P}) != $packing){ $packing = 0; }//end if }//end for }//end if $value = substr($value, 0, strlen($value) - $packing); mcrypt_generic_deinit($module); //value now decrypted
[/codesyntax]
This is basically the same as encryption but in reverse. The only real difference is the pkcs7 padding removal. Hopefully this tidbit helps a few others out there who run into encrypt and decryption issues between .NET and PHP.
Great,
I work with PHP only four years.. and just need crypt now.
I had some dificult with decrypt, guilt of padding (pkcs7).
Your algorithm help me alot .. Thankss!