-1

I want to use following encryption method in C#. but I don't know whether it is available or not and how to use it exactly. Because I am much more familiar in web :'(. Task is I have to decrypt the user password where it encrypted in desktop app.(written in C#) and send as a json object. Using my php script I have to decode the json object and also decrypt password. Plz help. If this is not achievable plz suggest me a solution to use.

I want to use this code in C#

$key = '12345bcde';
$password = 'myPass@1001';

$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $password, MCRYPT_MODE_CBC, md5(md5($key))));

I got encryption and decryption method from here

Community
  • 1
  • 1
Sara
  • 14,098
  • 13
  • 34
  • 50
  • Just use the 256-bit Rijndael Decryption method. I am 99.9% sure .NET support Rijndael by default. If you want help you need to post what you have attempted and a specfic question. "How do I do this is to broad" and a question without code just shows your lazy. Encrypting a password with Rijndael is NOT secure considering I can view the key used to encrypt the password by viewing the source of the php file. – Security Hound Mar 16 '12 at 11:46
  • It's unusual to encrypt/decrypt passwords. What are you doing this for? Embedding a symmetric key into a desktop app sounds dubious too. You probably should use asymmetric encryption. Possibly SSL already does what you need. – CodesInChaos Mar 16 '12 at 11:49
  • @Ramhound No I just want to know `base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $password, MCRYPT_MODE_CBC, md5(md5($key))))` this is possible with C#. If not suggestions to use any other method. bcoz I am just a beginner in C#. – Sara Mar 16 '12 at 11:52
  • If Rijndael is support by .NET then of course you can do this in C# there isn't a reason you wouldn't be able to even if it wasn't supported by default. All you are doing is MD5 hasing the key twice ( again not secure ) and Base64 encoding the return string. Just do the exact samething in C#. – Security Hound Mar 16 '12 at 11:54
  • @CodeInChaos Thanks for your suggestion. I'll have look at it. I have no idea about C# that is the real problem for me. – Sara Mar 16 '12 at 11:55

1 Answers1

6

The .net framework contains System.Security.Cryptography.Rijndael which will do the task.

BTW: normally you don't decrypt passwords. You use a one way function (preferrably with some salt) to encrypt the passwords and compare the encrypted password.

mrab
  • 2,702
  • 1
  • 17
  • 10