I have some C# Code used to encrypt text and I make the PHP equivalent of it. The returned string from C# method is 1560 bytes, but my PHP method returns 2648 bytes and I didn't know why although I'm using the same Encryption Criteria for AES-256 bit as C# App which are:
Block Mode: CBC Padding: PKCS7 Block Size: 16 bytes Encryption Key Size: 32 bytes Initialization Vector Size: 16 bytes
C# Code:
public string AES256Encrypt(string toEncrypt, out string key)
{
try
{
AesManaged AESManaged = new AesManaged();
byte[] AESKey = AESManaged.Key;
byte[] AESIV = AESManaged.IV;
byte[] encryptedData = null;
ICryptoTransform cryptoTransform = AESManaged.CreateEncryptor(AESKey, AESIV);
using (MemoryStream memoryStream = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, cryptoTransform, CryptoStreamMode.Write))
{
using (StreamWriter streamWriter = new StreamWriter(cryptoStream))
{
streamWriter.Write(toEncrypt);
}
encryptedData = memoryStream.ToArray();
}
}
byte[] keyBytes = new byte[AESKey.Length + AESIV.Length];
Array.Copy(AESKey, 0, keyBytes, 0, AESKey.Length);
Array.Copy(AESIV, 0, keyBytes, AESKey.Length, AESIV.Length);
key = Convert.ToBase64String(keyBytes);
return Convert.ToBase64String(encryptedData);
}
catch (Exception ex)
{
key = null;
return null;
}
}
and my PHP Code is:
public function AESencrypt($plaintext, &$macKey)
{
$key = random_bytes(32);
//$key = bin2hex(openssl_random_pseudo_bytes(32));
$keyArr = unpack('C*', $key);
$iv = random_bytes(16);
//$iv = bin2hex(openssl_random_pseudo_bytes(16)) ;
$ivArr = unpack('C*', $iv);
$encryptedData = openssl_encrypt(
$plaintext,
'AES-256-CBC',
$key,
OPENSSL_RAW_DATA,
$iv
);
// while ($encryptedData = openssl_error_string())
// echo $encryptedData . "<br />\n";exit;
$keyBytes = array();
//clone the $keyArr to the keyBytes Array
foreach ($keyArr as $key => $item) {
$keyBytes[$key] = $item;
}
//clone the $ivArr to the keyBytes Array from index 32 to 48
foreach ($ivArr as $key => $item) {
$keyBytes[$key+32] = $item;
}
$string = implode(array_map("chr", $keyBytes));
$returned =
array(
'encrypted' => base64_encode($encryptedData),
'randomSecret' => base64_encode($string),
);
//print '<pre>'; print_r($returned);exit;
return $returned;
}
and this is the object passed to be encrypted for the two applications
<?xml version="1.0" encoding="utf-16"?>
<PaymentRequestInitiationReq
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Sender>
<Id>029</Id>
<Name>Biller</Name>
<RandomValue>54b86c4e2df948659b186571a924e516</RandomValue>
<Password>XG94dze10PfZXrfJ7pDnuyR8MBi2SBQq24r6NLjAN0kz3Ay/OoOahqrfHI0n0azg+GkIqvEdK0ddgKip6AAd5TN14MmGL0hgc99/2JFkSrEL8brylG8MxiZIqTKoEb7hOV84V+tHcolbUNux0o1OOGrD4lgrh3BMV/hddwlwb97sXguadOPEdVVCLCEN3qyo15vGtmgTR1dcaWj1Pj3KIEeQvJifA4FjTSqFLEwLDHMnKZEjjkjDmNGc7pYsWxYP8dm6FAiUbYB+G8PsiFhiHsYxNygsYB/dTn2dY7vgV4iBUD9EnNkbb6dUFIZJ0hCYllKWhONWxKwJ4oK3MGlR3g==</Password>
</Sender>
<SettlementAmounts>
<SettlementAmounts>
<SettlementAccountCode>1073</SettlementAccountCode>
<SettlementAmountsDescription />
<Amount>25</Amount>
</SettlementAmounts>
</SettlementAmounts>
<SenderRequestNumber>01a19e11f5bf4349</SenderRequestNumber>
<SenderInvoiceNumber />
<ServiceCode>140</ServiceCode>
<RequestInitiationDescription />
<Currency>818</Currency>
<IP>::1</IP>
<PaymentMechanism>
<Type>NotSet</Type>
<MechanismType>NotSet</MechanismType>
<Channel />
</PaymentMechanism>
<ExpiryDate>2019-07-17</ExpiryDate>
<PaymentConfirmationUrl>http://127.0.0.1/agri360/index.php?route=checkout/success</PaymentConfirmationUrl>
<PaymentConfirmationRedirectUrl>http://127.0.0.1/agri360/index.php?route=checkout/success</PaymentConfirmationRedirectUrl>
<UserUniqueIdentifier>1234456778</UserUniqueIdentifier>
</PaymentRequestInitiationReq>
Please can anyone help me and show me why this is happening?
