EDIT:
Sorry for this question, I solved it immediately myself ... the only thing I had to do was set in words to zeros:
aes.Padding = PaddingMode.Zeros
I am trying to encrypt traffic between my VB.Net application without SSL (because the user should not see only some sensitive arguments). Therefore, try to achieve the same encryption / decryption results in PHP and VB.Net, but this does not work.
First, my little VB.Net encryption function:
Friend Enum CryptionMode Encrypt Decrypt End Enum Friend Function cryptAes(ByVal mode As CryptionMode, ByVal input As Byte(), ByVal pw As String) As Byte() Dim salt As Byte() = {42, 248, 0, 22, 19, 46, 162, 81, 192, 167, 174, 102, 233} Dim aes As New RijndaelManaged Dim keyGen As New Rfc2898DeriveBytes(pw, salt) aes.Key = keyGen.GetBytes(aes.Key.Length) aes.IV = keyGen.GetBytes(aes.IV.Length) Debug.WriteLine(Convert.ToBase64String(aes.Key)) Debug.WriteLine(Convert.ToBase64String(aes.IV)) Dim ms As New MemoryStream Dim cs As New CryptoStream(ms, If(mode = CryptionMode.Decrypt, aes.CreateDecryptor, aes.CreateEncryptor), CryptoStreamMode.Write) Try cs.Write(input, 0, input.Length) cs.Close() Dim output As Byte() = ms.ToArray Debug.WriteLine(output.Length) ms.Close() Return output Catch ex As Exception Debug.WriteLine("Error") Return Nothing End Try End Function Friend Function cryptAesToBase64(ByVal mode As CryptionMode, ByVal input As Byte(), ByVal pw As String) As String Return Convert.ToBase64String(cryptAes(mode, input, pw)) End Function
Executing this line
cryptAesToBase64(CryptionMode.Encrypt, System.Text.Encoding.ASCII.GetBytes("hallihallo"), "pass")
I got the following
9sNq3BjYaU6ZIrLEfG1hXrkdOoGc6FoeCQ3T2asXSs4= (key) oxBgLuPha+Rvm7KV5+3V3A== (IV) 16 (output length) "hwcc7Cog9FornwAzo6hIuA==" (output)
But now there is PHP encryption: First I needed to define a function equivalent to the Rfc2898DeriveBytes function:
function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) { $algorithm = strtolower($algorithm); if(!in_array($algorithm, hash_algos(), true)) die('PBKDF2 ERROR: Invalid hash algorithm.'); if($count <= 0 || $key_length <= 0) die('PBKDF2 ERROR: Invalid parameters.'); $hash_length = strlen(hash($algorithm, "", true)); $block_count = ceil($key_length / $hash_length); $output = ""; for($i = 1; $i <= $block_count; $i++) { // $i encoded as 4 bytes, big endian. $last = $salt . pack("N", $i); // first iteration $last = $xorsum = hash_hmac($algorithm, $last, $password, true); // perform the other $count - 1 iterations for ($j = 1; $j < $count; $j++) { $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true)); } $output .= $xorsum; } return substr($output, 0, $key_length); }
Now encryption commands:
$mySalt = base64_decode("KvgAFhMuolHAp65m6Q=="); $dev = pbkdf2("sha1", "pass", $mySalt, 1000, 48, true); $key = substr($dev, 0, 32); //Keylength: 32 $iv = substr($dev, 32, 16); // IV-length: 16 echo "key: ".base64_encode($key)."<br>"; echo "iv: ".base64_encode($iv)."<br>"; $text = base64_decode("aGFsbGloYWxsbw=="); //"hallihallo"; $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $text, MCRYPT_MODE_CBC, $iv); echo strlen($crypttext)."<br>"; echo base64_encode($crypttext);
By doing this, I get the following output:
key: 9sNq3BjYaU6ZIrLEfG1hXrkdOoGc6FoeCQ3T2asXSs4= iv: oxBgLuPha+Rvm7KV5+3V3A== 16 (output length) BeyMKI9PAy5IThiM6XcsVQ==
Now I'm a little confused because I have the same keys in PHP and VB.Net, the same IV, the same input, the same Ciphermode, but not the same output. Is anyone here wrong now?
Thanks and sorry for my bad english :)