PHP equivalent to Rijndael AES encryption/decryption in .Net?

Question

Is there an equivalent functions in PHP that will allow interoperability with the .Net Rijndael AES encryption/decryption? (The encryption .Net code is below).

Basically, if I encrypt in .Net can I decrypt in PHP and vice-versa?

string outStr = null;                       // Encrypted string to return
RijndaelManaged aesAlg = null;              // RijndaelManaged object used to encrypt the data.

// Generate the key from the shared secret and the salt.
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);

// Create a RijndaelManaged object
aesAlg = new RijndaelManaged();
aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8);

// Create a decryptor to perform the stream transform.
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
    // prepend the IV
    msEncrypt.Write(BitConverter.GetBytes(aesAlg.IV.Length), 0, sizeof(int));
    msEncrypt.Write(aesAlg.IV, 0, aesAlg.IV.Length);
    using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
    {
        using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
        {
            //Write all data to the stream.
            swEncrypt.Write(plainText);
        }
    }
    outStr = Convert.ToBase64String(msEncrypt.ToArray());
}

Answer 1

You can, maybe, but I cannot in good conscience recommend it.

PHP offers two extensions that can, in principle, do the job. OpenSSL suffers from not being documented beyond function prototypes, and Mcrypt suffers from being an absolute minefield if you don't happen to know exactly what you're doing. I wouldn't use either if I could possibly get away with it.

If you do attempt this, you will need to implement authentication yourself. You will need to implement padding yourself. If you screw up, you will get no indication even if the library knows perfectly well it's been asked to do something absurd, for the most part it will (silently!) guess at what you meant and continue on (patches for much of this are available, but not yet in mainline).

Godspeed.

Answer 2

As long as PHP and .Net follow specs encryption/decryption should work. You may check this topic for more info and examples Using PHP mcrypt with Rijndael/AES

Answer 3

As @Andrew says, once you get everything in the same spec, it should work. AES is quite a well used algorithm so librarys in both languages should match up. Any problems are usually to do with the password to key derivation functions in the different languages. This project tries to solve the intercommunication issues between .NET and PHP. It implements Rfc2898DeriveBytes() in PHP using a pbkdf2 with 1000 iterations of HMACSHA1 which I guess is what .NET uses by default.

It is a rather simple AES string encryption so there is no authentication. The padding issue is solved by using base64 encoding and rtrimming null characters on decryption so it is NOT a binary safe implementation. I take no credit or responsibility for this code, nor have I tested it between the different environments, but I feel it could help someone fill in the gaps.