Viewed   568 times


I have made the changes to the C# code so it uses a block size of 256. but now the hello world looks like this and I cant figure out what I should use with rtrim() to get ride of the mess at the end.

Also when you say the IV should be random, by this do you mean don't use the same IV more then once or is the way I have coded it wrong?

Thanks again!


I'm trying to decrypt a string with PHP that was encrypted in C#. I can't seem to get PHP to decrypt it using mcrypt and could do with some help please. I get the following error with php so I am guessing I'm not setting the IV correctly.

Error: The IV parameter must be as long as the blocksize

Both functions use the same cipher, key, IV and set to CBC mode:

encrypted text from c# = UmzUCnAzThH0nMkIuMisqg==
key 32 long = qwertyuiopasdfghjklzxcvbnmqwerty
iv 16 long = 1234567890123456


    public static string EncryptString(string message, string KeyString, string IVString)
        byte[] Key = ASCIIEncoding.UTF8.GetBytes(KeyString);
        byte[] IV = ASCIIEncoding.UTF8.GetBytes(IVString);

        string encrypted = null;
        RijndaelManaged rj = new RijndaelManaged();
        rj.Key = Key;
        rj.IV = IV;
        rj.Mode = CipherMode.CBC;

            MemoryStream ms = new MemoryStream();

            using (CryptoStream cs = new CryptoStream(ms, rj.CreateEncryptor(Key, IV), CryptoStreamMode.Write))
                using (StreamWriter sw = new StreamWriter(cs))
            byte[] encoded = ms.ToArray();
            encrypted = Convert.ToBase64String(encoded);

        catch (CryptographicException e)
            Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
            return null;
        catch (UnauthorizedAccessException e)
            Console.WriteLine("A file error occurred: {0}", e.Message);
            return null;
        catch (Exception e)
            Console.WriteLine("An error occurred: {0}", e.Message);

        return encrypted;


var $mcrypt_cipher = MCRYPT_RIJNDAEL_256;
var $mcrypt_mode = MCRYPT_MODE_CBC;

function decrypt($key, $iv, $encrypted)
    $encrypted = base64_decode($encrypted);

    $decrypted = rtrim(mcrypt_decrypt($this->mcrypt_cipher, $key, $encrypted, $this->mcrypt_mode, $iv), "");;
    return $decrypted;




If you want to use Rijndael256 in your C# application you have to set the BlockSize to 256.

RijndaelManaged rj = new RijndaelManaged();
rj.BlockSize = 256;

And then your iv has to be 256 bits long as well.
see SymmetricAlgorithm.BlockSize Property

Or the other way round: Currently your C# application uses Rijndael128 and so must your php script.

class Foo {
  protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128;
  protected $mcrypt_mode = MCRYPT_MODE_CBC;

  public function decrypt($key, $iv, $encrypted)
    $iv_utf = mb_convert_encoding($iv, 'UTF-8');
    return mcrypt_decrypt($this->mcrypt_cipher, $key, base64_decode($encrypted), $this->mcrypt_mode, $iv_utf);

$encrypted = "UmzUCnAzThH0nMkIuMisqg==";
$key = "qwertyuiopasdfghjklzxcvbnmqwerty";
$iv = "1234567890123456";

$foo = new Foo;
echo $foo->decrypt($key, $iv, $encrypted);

prints hello world

Tuesday, November 22, 2022

The problems in your two pieces of code are:

  • Use Rijndael-128 with a key and block size of 16 bytes / 128 bit in both the .NET and the PHP code. For Rijndael-256, your code generates an IV with the wrong length. And I don't know how to use AES-256 in PHP (key length of 32 bytes / 256 bits, block size of 16 bytes / 128 bit).

  • Use of MD5: In the PHP code, add a second parameter true to the md5() function (in two places) so the result is binary data and not a hexadecimal string.

  • In the encrypt() function in your PHP code, replace the variable $str with $decrypted (in two places). $str is never assigned a value and never used, so the padding has no effect.

If you fix these problems, then both programs will return the result:

Encrypted: /DMkj7BL9Eu2LMxKhdGT+A==

I haven't tried to decrypt it.

Sunday, August 21, 2022

flock does it properly.

In your PHP script, use a non-blocking lock:

$fd = fopen('/var/run/lock.file', 'r+');
if (!flock($fd, LOCK_SH | LOCK_NB, $wouldblock) && $wouldblock) {
    // buzy

The LOCK_NB flag make this call non blocking. If the file is locked exclusively, it will return immediately. Multiple pages will be allowed to lock the file at the same time.

You can release the lock with

flock($fd, LOCK_UN);

In your C daemon, use a blocking and exclusive lock:

flock(fd, LOCK_EX); // This will wait until no page has locked the file

See PHP's flock() documentation and C's one

Wednesday, August 31, 2022

In your specific example I've found that by changing aes-128-ecb to aes-256-ecb, it produces the same output as the legacy mcrypt_encrypt.

Tuesday, December 27, 2022

Assuming that you have a safe way of sharing a key (whether RSA encryption of it, retrieval over an SSH or HTTPS link, or callling the other developer on a secured phone line), any of the major modern encryptions (like AES, as mentioned by @Ed Haber) would be suitable. I would second his suggestion of AES. There should be libraries for PHP, VB, Ruby, etc.

However, remember that with "no two-way communication" you will have to find an out-of-channel method for securely getting the symmetric key to the encrypting party.

Thursday, October 20, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :