I have inherited some C# code where a PHP page containing the function &decrypt was compiled/transformed into a standalone Windows EXE. I am wanting to take this PHP code and put the functionality into C#.
function &decrypt($enc_text, $password)
{
$iv_len = 16;
$enc_text = base64_decode($enc_text);
$i = $iv_len;
$n = strlen($enc_text);
$plain_text = '';
$iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
while ($i < $n)
{
$block = substr($enc_text, $i, 16);
$plain_text .= $block ^ pack('H*', md5($iv));
$iv = substr($block . $iv, 0, 512) ^ $password;
$i += 16;
}
return $plain_text;
}
I have found a couple a questions that referred to this code, but did not provide much insight:
Just want to decode the code into plain text
and "MD5 decrypt" php function to MySQL stored function
Helpful links:
PHP base64_decode C# equivalent
http://nuronconsulting.com/c-pack-h.aspx
I can get correct results except for the 2nd and 3rd to last characters. I think my base64 decode is still off.
Edit: Updated to latest code being used. Removed intermediate edits.
private string decipher(string ienc_text, string ipassword)
{
int iv_len = 16;
byte[] toEncryptArray = Convert.FromBase64String(ienc_text);
string encryptedStringx = System.Text.Encoding.Default.GetString(toEncryptArray);
string encryptedString = Encoding.GetEncoding(28591).GetString(toEncryptArray);
string password = ipassword;
int i = iv_len;
int n = encryptedString.Length;
string plain_text = "";
string iv = phpXOR(ipassword, encryptedString.Substring(0, iv_len));
while (i < n)
{
string block = encryptedString.Substring(i, iv_len);
string md5 = getMD5(iv);
byte[] testPack = PackH(md5);
string testPackstring = Encoding.Default.GetString(testPack);
string tmp = phpXOR(block, testPackstring);
plain_text += tmp;
string block_iv = block + iv;
string tmp_iv = block_iv;
if (block_iv.Length > 512)
{
tmp_iv = block_iv.Substring(0, 512);
}
iv = phpXOR(tmp_iv, password);
i += 16;
}
return plain_text;
}
public static byte[] PackH(string hex)
{
if ((hex.Length % 2) == 1) hex += '0';
byte[] bytes = new byte[hex.Length / 2];
for (int i = 0; i < hex.Length; i += 2)
{
bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
}
return bytes;
}
string phpXOR(string text, string key)
{
byte[] result = new byte[key.Length];
for (int c = 0; c < key.Length; c++)
result[c] = (byte)(((byte)text[c]) ^ ((byte)key[c]));
return Encoding.Default.GetString(result);
}
public static string getMD5(string iValue)
{
byte[] textBytes = System.Text.Encoding.Default.GetBytes(iValue);
//byte[] textBytes = System.Text.Encoding.GetEncoding(28591).GetBytes(password);
try
{
System.Security.Cryptography.MD5CryptoServiceProvider cryptHandler;
cryptHandler = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] hash = cryptHandler.ComputeHash(textBytes);
string ret = "";
foreach (byte a in hash)
{
if (a < 16)
ret += "0" + a.ToString("x");
else
ret += a.ToString("x");
}
return ret;
}
catch
{
throw;
}
}
The code is not complete in the loop (hence the commented out code), however, the question I posed is answered. The encoding, the XOR issue, the php pack replication is accomplished via helpful links that are in the question.