C#/PHP Compatible Encryption (AES256) ZZ
Finding a way to encrypt messages in C# and decrypting them in PHP or vice versa seems to be a "challenge" for many users. I wrote this tutorial to provide some help with this: below, you can find how to encrypt / decrypt messages in C# / PHP using AES256 with CBC mode.
1.Basic Information
AES 256 with CBC mode requires 3 values: the message, a key (32 bytes long) and an initialization vector (IV). Note that you must use the same IV when encrypting / decrypting a message: otherwise the message is lost. Sending the IV with the message is perfectly safe but it always has to be a random value. Since it has a fixed size, I always place the IV at the end of the encrypted text.
The encrypted messages should be encoded using base64 before being sent.
Encryption steps:
- encrypt the text
- add the IV at the end
- encode everything (base64)
Decryption steps:
- decode the message
- get & remove the IV
- proceed to decypt
Ok, enough talking, let's see some code...
2.PHP Encryption/Decryption Code
PHP accepts keys that are not 32 bytes long and simply extends them to the correct length. Well...C# doesn't, so you'll have to use a key that is 32 bytes long.
Encryption
- function encrypt($text, $pkey)
- {
- $key = $pkey;
- $IV = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_RAND);
- return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $IV)."-[--IV-[-".$IV);
- }
Decryption
- function decrypt($text, $pkey)
- {
- $key = $pkey;
- $text = base64_decode($text);
- $IV = substr($text, strrpos($text, "-[--IV-[-") + 9);
- $text = str_replace("-[--IV-[-".$IV, "", $text);
- return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $IV), "\0");
- }
3.C# Encryption/Decryption Code
As I said before, C# doesn't accept keys that aren't 32 bytes long - it will throw an error. Also, many people get tricked here because of the encoding (most of the times you have to use Encoding.Default).
Encryption
- public static string EncryptMessage(byte[] text, string key)
- {
- RijndaelManaged aes = new RijndaelManaged();
- aes.KeySize = 256;
- aes.BlockSize = 256;
- aes.Padding = PaddingMode.Zeros;
- aes.Mode = CipherMode.CBC;
- aes.Key = Encoding.Default.GetBytes(key);
- aes.GenerateIV();
- string IV = ("-[--IV-[-" + Encoding.Default.GetString(aes.IV));
- ICryptoTransform AESEncrypt = aes.CreateEncryptor(aes.Key, aes.IV);
- byte[] buffer = text;
- return
- Convert.ToBase64String(Encoding.Default.GetBytes(Encoding.Default.GetString(AESEncrypt.TransformFinalBlock(buffer, 0, buffer.Length)) + IV));
- }
Decryption
- public static string DecryptMessage(string text, string key)
- {
- RijndaelManaged aes = new RijndaelManaged();
- aes.KeySize = 256;
- aes.BlockSize = 256;
- aes.Padding = PaddingMode.Zeros;
- aes.Mode = CipherMode.CBC;
- aes.Key = Encoding.Default.GetBytes(key);
- text = Encoding.Default.GetString(Convert.FromBase64String(text));
- string IV = text;
- IV = IV.Substring(IV.IndexOf("-[--IV-[-") + 9);
- text = text.Replace("-[--IV-[-" + IV, "");
- text = Convert.ToBase64String(Encoding.Default.GetBytes(text));
- aes.IV = Encoding.Default.GetBytes(IV);
- ICryptoTransform AESDecrypt = aes.CreateDecryptor(aes.Key, aes.IV);
- byte[] buffer = Convert.FromBase64String(text);
- return Encoding.Default.GetString(AESDecrypt.TransformFinalBlock(buffer, 0, buffer.Length));
- }
C#/PHP Compatible Encryption (AES256) ZZ的更多相关文章
- 提供openssl -aes-256-cbc兼容加密/解密的简单python函数
原文链接:http://joelinoff.com/blog/?p=885 这里的示例显示了如何使用python以与openssl aes-256-cbc完全兼容的方式加密和解密数据.它是基于我在本网 ...
- [转载] TLS协议分析 与 现代加密通信协议设计
https://blog.helong.info/blog/2015/09/06/tls-protocol-analysis-and-crypto-protocol-design/?from=time ...
- Lync 2013安装中遇到的关于SQL Mirroring的一次报错的解决
Problem Description ================= Following the Lync Deployment Wizard to setup Database Mirrori ...
- vyos User Guide
vyos User Guide 来源 https://wiki.vyos.net/wiki/User_Guide The VyOS User Guide is focused on providing ...
- TLS协议分析
TLS协议分析 本文目标: 学习鉴赏TLS协议的设计,透彻理解原理和重点细节 跟进一下密码学应用领域的历史和进展 整理现代加密通信协议设计的一般思路 本文有门槛,读者需要对现代密码学有清晰而系统的理解 ...
- Corosync 配置描述
NAME corosync.conf - corosync executive configuration file SYNOPSIS /etc/corosync/corosync.conf DESC ...
- Cisco asa组建IPSEC for ikev1
IPSec的实现主要由两个阶段来完成:--第一阶段,双方协商安全连接,建立一个已通过身份鉴别和安全保护的通道.--第二阶段,安全协议用于保护数据的和信息的交换. IPSec有两个安全协议:AH和ESP ...
- 设置 cipher suite
https://man.openbsd.org/SSL_CTX_set_cipher_list.3#ECDHE SSL_CTX_set_cipher_list() sets the list of a ...
- 【原创】大叔经验分享(41)hdfs开启kerberos之后报错Encryption type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled
hdfs开启kerberos之后,namenode报错,连不上journalnode 2019-03-15 18:54:46,504 WARN org.apache.hadoop.security.U ...
随机推荐
- PHP学习笔记(五)
关于Response header 的一些小知识: Host :address url, host 是浏览器给服务器提供的address标识.由于http协议是无状态的,服务器需要根据host的这个 ...
- 配置php连接apache
配置php连接apache 1.安装php所需要的库 yum install zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel li ...
- apache配置文件中的项目
对于每个配置项目,有几个要素: 首先是项目名称 其次是配置的语法 再次是配置的默认值 配置所处的配置文件的位置(分区) 配置所在的模块分区(和核心是否紧密) 配置项目所在的模块 所以对于每个配置项目, ...
- linux扩展lvm磁盘
env: centos 6.5 x64 hyper-v虚拟机 这个方法可以在当前运行的系统中扩展root磁盘 详细步骤 之前想创建的一个虚拟机的磁盘空间不够用了,所以想扩容一下磁盘. 正好使用的时候是 ...
- node开子线程模块--tagg2
tagg2包同样具有tagg包的多线程功能,采用新的node-gyp命令进行编译,同时它跨平台支持,mac,linux,windows下都可以使用,对开发人员的api也更加友好.安装方法很简单,直接n ...
- mysql统计表的大小
如下是sql语句: SELECT TABLE_NAME as name,DATA_LENGTH+INDEX_LENGTH as len,TABLE_ROWS as rows FROM informat ...
- hadoop2.610集群配置(包含HA和Hbase )
.修改Linux主机名2.修改IP3.修改主机名和IP的映射关系######注意######如果你们公司是租用的服务器或是使用的云主机(如华为用主机.阿里云主机等)/etc/hosts里面要配置的是内 ...
- 用JS实现避免重复加载相同js文件
我们在日常开发过程中,可能有重复加载同一个资源例如:1.js,为了提高性能和用户体验这里我们用原生JS实现同一个资源只加载一次. 下面是 common.js里的JS代码 //使用沙箱模式防止污染外面的 ...
- html 各个标签初始化
html,body,div,ul,li,ol,h1,h2,h3,h4,h5,h6,span,input{ margin:0;padding:0;}body{font:12px/1.5em " ...
- Servlet的一些API使用介绍
final String rootPath = getServletConfig().getServletContext().getRealPath("/"); 获取项目运行的根 ...