What will be the C# equivalent of this php code?

Question

Here is the PHP code that decrypts the content of $data:

$data='DwRktl1y8st4k11pSxy2tE9kJMiNlIgV6Gu9ekY8ia2QtoGbdiaiemHeQJ+2MGTZmRKM0IGsiXQyqvXLx/t47FcXmwzZPayS3i6mmYD+qFibbcmA5lGI1uIjT7FSgLM9Xi9QBnTMjIwIEmv6tQaKGGTbhwvUuaP7hek57Xnlk+9CCarkkDlGLed5y+6GedXED0KgMcW1rqXLH7EQub+KzQ==';
$crypttext = base64_decode($data);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, 'AbcNtByIGI1BpgcsAG8GZl8pdwwxyz', $crypttext, MCRYPT_MODE_ECB, $iv);

I tried this is .net but it didn't work :

 string data = "DwRktl1y8st4k11pSxy2tE9kJMiNlIgV6Gu9ekY8ia2QtoGbdiaiemHeQJ+2MGTZmRKM0IGsiXQyqvXLx/t47FcXmwzZPayS3i6mmYD+qFibbcmA5lGI1uIjT7FSgLM9Xi9QBnTMjIwIEmv6tQaKGGTbhwvUuaP7hek57Xnlk+9CCarkkDlGLed5y+6GedXED0KgMcW1rqXLH7EQub+KzQ==";

  byte[] arrb = Convert.FromBase64String(data);
  string decodedString = Encoding.UTF8.GetString(arrb); 

   const string key = "AbcNtByIGI1BpgcsAG8GZl8pdwwxyz";

   RijndaelManaged aes = new RijndaelManaged();
   aes.KeySize = 256;
   aes.BlockSize = 256;
   aes.Padding = PaddingMode.None;
   aes.Mode = CipherMode.ECB;
   aes.GenerateIV();
   ICryptoTransform decryptor = aes.CreateDecryptor(Encoding.UTF8.GetBytes(key), aes.IV);
   MemoryStream ms = new MemoryStream(Encoding.UTF8.GetBytes(decodedString.Trim()));
   CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);

 StreamReader sr = new StreamReader(cs);
 user_data = sr.ReadToEnd();

I get the exception "the length of the data to decrypt is invalid". Can anyone suggest where I might be going wrong ?

https://msdn.microsoft.com/en-us/library/2f5ff61x(v=vs.110).aspx#Anchor_3 — hassan, Mar 31 '17 at 12:55
Possible duplicate of [Convert this PHP code to C# Rijndael Algorithm](http://stackoverflow.com/questions/2668972/convert-this-php-code-to-c-sharp-rijndael-algorithm) — NineBerry, Mar 31 '17 at 13:08
@hassan I have edited my question and added the line aes.GenerateIV(); for the aes.IV part. but it still gives the same exception — Mainak, Mar 31 '17 at 13:18
@NineBerry have you even bothered to go through both questions ? — Mainak, Mar 31 '17 at 13:36
It is best not to use mcrypt, it is abandonware, has not been updated in years and does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding that can't even be used with binary data. mcrypt has many outstanding [bugs](https://sourceforge.net/p/mcrypt/bugs/) dating back to 2003. Instead consider using [defuse](https://github.com/defuse/php-encryption) or [RNCryptor](https://github.com/RNCryptor), they provide a complete solution and are being maintained and is correct. — zaph, Mar 31 '17 at 13:50
There are several problems. 1. `MCRYPT_RIJNDAEL_256` is not AES, the 256 sets the block size, AWS has a block size of 128-bits. It is best to use AES. 2. `MCRYPT_MODE_ECB`m ECB mode is not secure, see [ECB mode](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29), scroll down to the Penguin. 3. ECB mode does not use an IV. 4. `mcrypt` does not support PKCS#7 standard padding, only non-standard null padding. 5. The key is 30 bytes, that is not a supported key size, use only full length supported key sizes. — zaph, Mar 31 '17 at 14:00
@NineBerry, No, this question is not a duplicate of some random "please rewrite my PHP code into C# for me" question. The OP has tried to rewrite it, hit a problem, posted what they've done and asked for help. It's a legitimate question. — David Arno, Mar 31 '17 at 20:47
@DavidArno If you've frequented the encryption tag you'll be aware of the daily PHP questions we get about mcrypt. This question isn't a direct duplicate, but it falls into the category of "easily solvable with a small amount of research". Not to mention that the OPs code doesn't even slightly make sense. I can see why it was marked as a duplicate. — Luke Joshua Park, Apr 01 '17 at 04:52

score 0 · Answer 1 · answered Mar 31 '17 at 13:14

Not a full solution, but you should get rid of decodedString. data holds base64 encoded encrypted binary data. arrb holds 160 bytes of encrypted binary data. arrb is what you need to pass to your decryption, don't do the conversion from binary to string then string to binary, that loses information.

What will be the C# equivalent of this php code?

1 Answers1