FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Encrypt/decrypt compatibility with Microsoft Crypto API?
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
Encrypt/decrypt compatibility with Microsoft Crypto API? [message #173897] Wed, 11 May 2011 21:03 Go to next message
Trevor Holyoak is currently offline  Trevor Holyoak
Messages: 3
Registered: February 2011
Karma: 0
Junior Member
We have a Windows program that we have developed that uses the Microsoft
Crypto API to encrypt/decrypt data using a shared secret from which it
derives a session key.

I now need to be able to access that same data (stored in a database)
from our web site using PHP. I've used mcrypt before, but that doesn't
appear to be a compatible solution. I've done enough research to see
that I might be able to use OpenSSL, but I have not yet been able to
determine whether I'll be able to decrypt data that was encrypted with
the MS Crypto API (as well as the reverse).

I've also looked at the possibility of accessing the MS Crypto API
directly through PHP, but I haven't yet found a good way to do that.

The other option is to write another Windows program that can be called
from PHP, passing stuff on the commandline, and then receive output via
a text file. I'm doing something similar to do some calculations for
something else on the web site already - but it's not very fast.

Any suggestions would be greatly appreciated!

Thanks,
Trevor
Re: Encrypt/decrypt compatibility with Microsoft Crypto API? [message #173899 is a reply to message #173897] Wed, 11 May 2011 22:15 Go to previous messageGo to next message
JohnT is currently offline  JohnT
Messages: 16
Registered: April 2011
Karma: 0
Junior Member
On Wed, 11 May 2011 15:03:49 -0600, Trevor wrote:

> We have a Windows program that we have developed that uses the Microsoft
> Crypto API to encrypt/decrypt data using a shared secret from which it
> derives a session key.
>
> I now need to be able to access that same data (stored in a database)
> from our web site using PHP. I've used mcrypt before, but that doesn't
> appear to be a compatible solution. I've done enough research to see
> that I might be able to use OpenSSL, but I have not yet been able to
> determine whether I'll be able to decrypt data that was encrypted with
> the MS Crypto API (as well as the reverse).
>

When I did something similar, I wrote a C applet to do this.
You can't use standard tools because Windows pads the data differently.

I used mcrypt with rijndael-128 and cbc
Has been working successfully for a number of years.

In order to get it to work, I had to do the en/decryption both ways in
windows, and keep the data at each step, then replicate the data at the
linux side.

I think the main issue is that on linux, the data is 0 padded.
On windows, the data is padded with a byte containing the length (in
bytes) of the padding.

Regards
JohnT
Re: Encrypt/decrypt compatibility with Microsoft Crypto API? [message #173941 is a reply to message #173899] Fri, 13 May 2011 22:20 Go to previous messageGo to next message
Trevor is currently offline  Trevor
Messages: 11
Registered: February 2011
Karma: 0
Junior Member
On 5/11/2011 4:15 PM, JohnT wrote:

> When I did something similar, I wrote a C applet to do this.
> You can't use standard tools because Windows pads the data differently.
>
> I used mcrypt with rijndael-128 and cbc
> Has been working successfully for a number of years.
>
> In order to get it to work, I had to do the en/decryption both ways in
> windows, and keep the data at each step, then replicate the data at the
> linux side.
>
> I think the main issue is that on linux, the data is 0 padded.
> On windows, the data is padded with a byte containing the length (in
> bytes) of the padding.

I'm actually running the php site on a Windows server, but it looks like
the endian-ness may still be an issue.

The Windows program was made with PowerBuilder, and since PowerBuilder
is able to create .Net assemblies, and PHP is supposed to be able to use
..Net assemblies, I thought it might be easiest to use the existing code
and put it in an assembly.

Turns out PHP's support for .Net assemblies is not all that great. Yes,
the example at php.net for this functionality works, but as stated in
several stagnant bug reports, other objects within the same mscorlib.dll
assembly don't even work. Is is correct, as it appears, that development
on DOTNET has ceased, leaving it not very usable?

This has been one long week, with nothing really to show for it. :(

- Trevor
Re: Encrypt/decrypt compatibility with Microsoft Crypto API? [message #173942 is a reply to message #173941] Fri, 13 May 2011 22:27 Go to previous messageGo to next message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
Senior Member
Trevor wrote:
> On 5/11/2011 4:15 PM, JohnT wrote:
>
>> When I did something similar, I wrote a C applet to do this.
>> You can't use standard tools because Windows pads the data differently.
>>
>> I used mcrypt with rijndael-128 and cbc
>> Has been working successfully for a number of years.
>>
>> In order to get it to work, I had to do the en/decryption both ways in
>> windows, and keep the data at each step, then replicate the data at the
>> linux side.
>>
>> I think the main issue is that on linux, the data is 0 padded.
>> On windows, the data is padded with a byte containing the length (in
>> bytes) of the padding.
>
> I'm actually running the php site on a Windows server, but it looks like
> the endian-ness may still be an issue.
>
> The Windows program was made with PowerBuilder, and since PowerBuilder
> is able to create .Net assemblies, and PHP is supposed to be able to use
> .Net assemblies, I thought it might be easiest to use the existing code
> and put it in an assembly.
>
> Turns out PHP's support for .Net assemblies is not all that great. Yes,
> the example at php.net for this functionality works, but as stated in
> several stagnant bug reports, other objects within the same mscorlib.dll
> assembly don't even work. Is is correct, as it appears, that development
> on DOTNET has ceased, leaving it not very usable?
>
> This has been one long week, with nothing really to show for it. :(
>
> - Trevor
I fear that is most peoples experience if trying to mix Microsoft with
anything else. It nearly always curdles...;-)


I spent a fruitless hour trying to get Word to understand any document I
could produce 'cant open, out of memory'

Gave up and installed open office on the wife's Mac..
Re: Encrypt/decrypt compatibility with Microsoft Crypto API? [message #174006 is a reply to message #173942] Tue, 17 May 2011 17:38 Go to previous message
Trevor is currently offline  Trevor
Messages: 11
Registered: February 2011
Karma: 0
Junior Member
On 5/13/2011 4:27 PM, The Natural Philosopher wrote:

>> The Windows program was made with PowerBuilder, and since PowerBuilder
>> is able to create .Net assemblies, and PHP is supposed to be able to
>> use .Net assemblies, I thought it might be easiest to use the existing
>> code and put it in an assembly.
>>
>> Turns out PHP's support for .Net assemblies is not all that great.
>> Yes, the example at php.net for this functionality works, but as
>> stated in several stagnant bug reports, other objects within the same
>> mscorlib.dll assembly don't even work. Is is correct, as it appears,
>> that development on DOTNET has ceased, leaving it not very usable?
>>
>> This has been one long week, with nothing really to show for it. :(
>>
>> - Trevor
> I fear that is most peoples experience if trying to mix Microsoft with
> anything else. It nearly always curdles...;-)
>
>
> I spent a fruitless hour trying to get Word to understand any document I
> could produce 'cant open, out of memory'
>
> Gave up and installed open office on the wife's Mac..

I finally got it working. I used PowerBuilder.NET 12.1 to create the
assembly, and used this library to call it from PHP:
http://universalccw.sourceforge.net

- Trevor
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: some of the issues of NOT storing images in a secure database..
Next Topic: New PHP tutorial
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 07:43:43 GMT 2024

Total time taken to generate the page: 0.02218 seconds