0

I need to integrate an xml service to our application and the web service is using phpseclib AES Encryption and Decryption. So, I need to understand the flow of phpseclib. We are working on .NET C# environment and we can not analyse that php code. Please find the sample php code for the implementation and advice me how to convert it to C#.

set_include_path('vendor/pear'); 
require_once '/Crypt/AES.php';
require_once '/SOAP/Client.php'; 

$password = 'ewad3x45efc542b3897e23esgy4s6xnm';
$data = '  
<WorkRequest version="3.0"> 
 <work>WORK NOW!</work>
</WorkRequest> '; 

$crypt = new Crypt_AES();      
$crypt->setKey($password);  
$data = gzencode($data);
$data = $crypt->encrypt($data);

As you can see, there is no IV or such things. Only setKey and encrypt methods are used in example code.

mrciga
  • 47
  • 8
  • 2
    The first thing to analyze is if there is really no IV or just a random one behind the scenes. Try this, use the existing PHP code to encrypt the same plaintext twice. Check if the encrypted results are the same. – Alejandro Aug 29 '18 at 13:39
  • 4
    According to [this](https://stackoverflow.com/a/44490222/3181933) answer, PHP uses an IV of all zeroes if none is set. It's recommended that you set one. – ProgrammingLlama Aug 29 '18 at 13:40
  • @John you are right and I created that vector 16 bytes array with zeros but I am already getting "Padding is invalid and cannot be removed." error when I try to decrypt an encrypted string. – mrciga Aug 29 '18 at 13:42
  • A padding error typically means that the decryption failed and thus the padding was also decrypted incorrectly and thus not valid. To check this, just for testing, specify no padding on decryption and you will be able to see if the decryption was correct and if so what padding was used. Most likely the decryption failed and this is generally the format/encoding of IV, key and/or data or mismatched modes/padding method. – zaph Aug 31 '18 at 14:33

1 Answers1

1

phpseclib uses CBC mode by default. That mode requires an IV. As some of the other comments have noted, the version of phpseclib that you're using uses an IV of all null bytes when none is present.

$crypt->setKey($password);

The fact that the variable name is $password does make me wonder if some sort of PBKDF is being used in your C# implementation. It's hard to tell because you don't have your C# code posted.

I am already getting "Padding is invalid and cannot be removed." error when I try to decrypt an encrypted string

phpseclib uses PKCS8 padding by default. ie. if the plaintext is a multiple of the block length it'll append 16x 0x16 bytes. If it's two bytes shy of a multiple of the block length it'll append 2x 0x02 bytes.

Maybe your C# implementation is using a different type of padding. If so you can implement your own by first disabling PKCS8 padding by doing $crypt->disablePadding(); and then applying your own custom padding before you perform the encryption.

neubert
  • 15,947
  • 24
  • 120
  • 212