SSCrypto/OpenSSL to C# Crypto?

You could use OpenSSL directly in C# with the OpenSSL. NET wrapper!

A couple of things to watch out for: 1- Make sure that you're interpreting the key and data strings correctly. For example, is the key encoded in ASCII instead of UTF8? Does it perhaps represented in binhex format instead?2- You're not initializing the IV (Initialization Vector) before decrypting.It needs to match the IV you're using to encrypt on the Cocoa side.

IIRC, OpenSSL uses what MS calls PKCS7 padding (though OpenSSL refers to it as PKCS5, and I'm not enough of a standards wonk to care why).

One of the classic issues in moving data back and forth from Mac to PC is byte ordering. You didn't say what the execution platform is for the Cocoa code, but that's something to look out for, especially if it's a PowerPC Mac.

There could be something to do with endianness, Try to call Array. Reverse before decryption. Var reversedArr = Array.

Reverse(toEncrytArray) byte resultArray = cTransform. TransformFinalBlock( reversedArr, 0, reversedArr. Length ).

The sending side (the Mac) could also be an Intel machine. The correct place to do byte-swapping is either on the Mac (use little-endian over the wire) or both (use big-endian, aka network byte order, over the wire). – Peter Hosey Jan 25 '09 at 9:24.

So still working on this... It seems the key to my original question is how the Key and IV are generated, as stated above. The function used is EVP_BytesToKey() (openssl.org/docs/crypto/EVP_BytesToKey.html) I haven't had the time to try an implementation of the function in C# yet however I decided to skip EVP_BytesToKey and just use a pre-selected Key and IV on the Cocoa side. So I can get the EXACT same Key and IV on both sides but the final output is still different.

I've also moved to 3DES in the process since it seems easier to work with on both sides. Here is my current code: byte data = Encoding. UTF8.

GetBytes("secret"); byte enc = new byte0; TripleDES tdes = TripleDES.Create(); tdes. Mode = CipherMode. CBC; tdes.

Padding = PaddingMode. Zeros; tdes. IV = Convert.

FromBase64String("cGFzc3dvcmQ="); //iv from Cocoa; tdes. Key = Convert. FromBase64String("cGFzc3dvcmREUjB3U1NAUDY2NjBqdWh0"); //key from Cocoa; ICryptoTransform ict = tdes.CreateEncryptor(); enc = ict.

TransformFinalBlock(data, 0, data. Length); Console. WriteLine(Convert.

ToBase64String(enc)); tdes.Clear(); // Decrypt ICryptoTransform icd = tdes.CreateDecryptor(); byte dec = icd. TransformFinalBlock(Convert. FromBase64String("PyPqLI/d18Q="), 0, enc.

Length); string d = Encoding. UTF8. GetString(dec); Console.

WriteLine(d); Even though the IV and Key are the same, the encrypted text is different than Cocoa... Cocoa output: "PyPqLI/d18Q=" . NET output: "9h8OSwCU1D8=" Any ideas?

You should really post the Cocoa code, too, to give us a chance to find your problem. But there are some hints hidden in what you have posted: Decrypting PyPqLI/d18Q= (base64) with the key and iv gives "97737D09E48B0202" (hex). This looks like the plaintext "97737D09E48B" with PKCS7-padding.So I would start by changing the .

NET code to use PaddingMode. PKCS7 and look closely at where you pass the plaintext to the Cocoa code.

Ok, I'm using the SSCrypto framework and I've added the relevant Cocoa code below... We're using the test code that comes with SSCrpyto (in particular des3): // Test 2: Symmetric encryption and decryption using various ciphers //NSData *seedData1 = SSCrypto getKeyDataWithLength:32; NSData *seedData1 = @"passwordDR0wSS@P6660juht" dataUsingEncoding:NSUTF8StringEncoding; crypto = SSCrypto alloc initWithSymmetricKey:seedData1; NSArray *ciphers = NSArray arrayWithObjects:@"aes256", @"aes128", @"blowfish", @"aes192", @"RC4", @"blowfish", @"RC5", @"des3", @"des", nil; NSString *password = @"secret"; crypto setClearTextWithString:password; for(n = 0; n "); EVP_CIPHER_CTX_cleanup(&cCtx); return nil; } if (!EVP_EncryptFinal(&cCtx, outbuf + outlen, &templen)){ NSLog(@"EVP_EncryptFinal() failed! "); EVP_CIPHER_CTX_cleanup(&cCtx); return nil; } outlen += templen; EVP_CIPHER_CTX_cleanup(&cCtx); } else { // Irrelevant code } // Store the encrypted data as the cipher text self setCipherText:NSData dataWithBytes:outbuf length:outlen; // Release the outbuf, since it was malloc'd if(outbuf) { free(outbuf); } return self cipherTextAsData.

– Rasmus Faber Jan 29 '09 at 20:58 input string base64: 2Zxsh0Kj – Denny Jan 29 '09 at 22:01 Okay. That is not what it is supposed to be.It should have been "secret" (c2VjcmV0 in base64). Something is corrupting it.

Perhaps try moving crypto setClearTextWithString:password; inside the for-loop. Can SSCrypto decrypt the encrypted data? What is logged by "Clear text: '%s' using des3"?

– Rasmus Faber Jan 29 '09 at 22:10 If you haven't updated the decrypt-method to also skip EVP_BytesToKey() then that is your problem. The decrypt-method overwrites the cleartext property of the SSCrypto-class. So you are basically encrypting garbage after the first iteration of the loop.

– Rasmus Faber Jan 29 '09 at 22:13 Right about the decrypt method. I'm now generating the correct base64 value for "input": c2VjcmV0 Unfortunately . NET calls "Bad Data" on: byte dec = icd.

TransformFinalBlock(fromb64, 0, fromb64. Length); where fromb64 = Convert. FromBase64String("2x+a46x9K6k="); I'm also using PKCS7 now.

– Denny Jan 29 '09 at 23:19.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.