[WEB SECURITY] RE: What problem have this Rijndael(.NET&PHP) code?

Wall, Kevin Kevin.Wall at qwest.com
Tue Dec 19 09:29:55 EST 2006

Peter Condrad wrote...

>Am Freitag, 15. Dezember 2006 01:35 schrieb ???:
>> I want to decrypt data. but, Result data(decrypted data) don't same input
>> data.
>> What's problem?.  My code is a bottom.
>> * C#.NET Encrypt function
>> private string EncryptString(string InputText, string Password)
>> {
>>  RijndaelManaged RijndaelCipher = new RijndaelManaged();
>>  RijndaelCipher.Mode = CipherMode.ECB;
>>  byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText);
>>  byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
>>  PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
>>   ICryptoTransform Encryptor =
>> RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32),
>> SecretKey.GetBytes(16)); MemoryStream memoryStream = new MemoryStream();
>>  CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor,
>> CryptoStreamMode.Write); cryptoStream.Write(PlainText, 0,
>> PlainText.Length);
>>  cryptoStream.FlushFinalBlock();
>>  byte[] CipherBytes = memoryStream.ToArray();
>>  memoryStream.Close();
>>  cryptoStream.Close();
>>  string EncryptedData = Convert.ToBase64String(CipherBytes);
>>  return EncryptedData;
>> }
>> * PHP(mcrypt) Decrypt function
>> function decrypt($decrypt,$key) {
>>    $decoded = base64_decode($decrypt);
>>    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
>> MCRYPT_MODE_ECB), strlen($key)); $decrypted =
>> mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_ECB, $iv);
>> return $decrypted;
>> }
> I'm not familiar with C# and not very with PHP, but to me it looks
> like you're using a different IV for decrypting than for encrypting.
> That won't work.
The IV shouldn't really have anything to do with it since ECB mode is
being used. ECB mode doesn't use an IV (even though the crypto APIs may
require it), so it shouldn't matter if they are the same or different.
Instead, I'm more inclined to believe you have a padding problem as
Jamie  Riden mentioned. Also, as he stated, you probably really should
be using CBC mode as well (which _does_ require the same IV to be used
on both sides--but note that you can pass the IV as plaintext; it doesn't
need to be secret).
P.S.- If this comes out formatted weirdly, blame it on OWA. I tried my best.
Kevin W. Wall Qwest Information Technology, Inc.
Kevin.Wall at qwest.com Phone: 614.215.4788
"The reason you have people breaking into your software all 
over the place is because your software sucks..."
-- Former whitehouse cybersecurity advisor, Richard Clarke,
    at eWeek Security Summit

This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful.  If you have received this communication 
in error, please immediately notify the sender by reply e-mail and destroy 
all copies of the communication and any attachments.

The Web Security Mailing List: 

The Web Security Mailing List Archives: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

More information about the websecurity mailing list