The reason it does not work is because it is filled out incorrectly. PKCS7 is the byte value of the repeated length of the pad (i.e. 00000010 00000010, if your padding is 2 bytes). This is not the string value "0202". It seems that there are no php functions that do this correctly, so I would say that you are using an operating mode that does not require filling. OFB is supported by both C # and php.
YOU CANNOT USE A Fixed IV. For cbc mode, its quite unsafe, for OFB its completely unsafe. Use mcrypt_create_iv to get a new random one each time. Then just add IV to the ciphertext when sending it (it does not need to be encrypted). As a side note, one problem you may have already hit is that php uses a string, and C # uses bytes for IV, and you can't even get the correct conversion even now. I would probably use hex and functions to hide this / from it, to be sure.
Secondly, you need to use something to detect when people are manipulating your data, otherwise they could potentially read the encryption text using error / time codes in the main cryptographic libraries. Hmacs work well and are supported here for php and here for C # . HMAC your message IV + ciphertext and add output to it. On the other hand, run the equivalent C # function from the same data, and then compare the HMAC values. If they are the same, you can protect, if not, reject.
imichaelmiers Apr 15 '12 at 17:35 2012-04-15 17:35
source share