0

PHP code

define('SECRET', 'Your key here');
$data = 'test';

$enc = mcrypt_cbc(MCRYPT_TRIPLEDES, SECRET, $data, MCRYPT_ENCRYPT, '12345678');

$url .= urlencode($password);

C# code

byte[] key = ec.GetBytes("Your key here");
byte[] iv = ec.GetBytes("12345678");
byte[] data = ec.GetBytes("test");
byte[] enc = new byte[0];
TripleDES tdes = TripleDES.Create();
tdes.IV = iv;
tdes.Key = key;
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.Zeros;
ICryptoTransform ict = tdes.CreateEncryptor();
enc = ict.TransformFinalBlock(data, 0, data.Length);

string szEnc = HttpContext.Current.Server.UrlEncode(
    Encoding.ASCII.GetString(enc)
    );

My problem: The value of $url in PHP and szEnc in c# is not same.

Question: what wrong in my c# code?

poupou
  • 43,413
  • 6
  • 77
  • 174
Minh Nguyen
  • 1,989
  • 3
  • 17
  • 30

1 Answers1

2

A lot of things can go wrong - but I've seen quite a lot of encoding (i.e. non cryptographic) issue when dealing with string and byte[].

Never assume they will convert into anything, including ASCII.

Encoding.ASCII.GetString(enc)

If you have unprintable characters, NUL... then this will not be part of the returned string and won't be url-encoded. This is ask true for PHP but it does not means it follows the same rule in every case.

Also I can't tell you what code like:

ec.GetBytes("Your key here");

will do ?!? If you're using an Unicode encoder then it won't give you the same as an ASCII encoder.

Beside encoding also check that the PaddingMode you use match the one used by PHP.

poupou
  • 43,413
  • 6
  • 77
  • 174