Search code examples
c#phpencryptionblowfish

Convert the decrypt code in PHP to C#

I need to convert BlowFish Descrypt code in PHP to C#.

PHP code (X-Cart),

function mdecrypt($data, $key) {
    $td = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');
    $decrypted_data = mdecrypt_generic($td, func_hex2str($data));

    return $decrypted_data;
}

#
# Convert hex to string
# 
function func_hex2str($str) {
    $ret = "";
    $l = strlen($str);
    for ($i = 0; $i < $l; $i += 2) {
            $ret .= chr(hexdec(substr($str, $i, 2)));
    }     
        echo $ret;

    return $ret;
}

and I tried,

BlowFish algo = new BlowFish("0cb12a77dbb5ee7128ad3aea6154614f");
string details = "138b5a7e2c0e453a"; 

int dLen = details.Length;
string ret = "";
for (int i = 0; i < dLen; i += 2)
{
    ret += (char) Convert.ToInt64(details.Substring(i, 2), 16);
}
details = algo.Decrypt_ECB(ret);
Console.WriteLine(details);

but It print different result between PHP and C#. (PHP : HELLO, C# : ??q???_^)

Someone give me a hint, he said it might be about 'Padding'.

but still I don't get it.

Anybody know what I am doing wrong? please advise me.

Thanks.

Solution

  • BCrypt.Net is an open source implementation of the Blowfish encryption algorithm. You can use that source code to see how it's done I supposed.

    If you need this just for work and Getting Things Done, usage of BCrypt is dead simple:

    string salt = BCryptHelper.GenerateSalt(6);
var hashedPassword = BCryptHelper.HashPassword("password", salt);
Console.WriteLine(BCryptHelper.CheckPassword("password", hashedPassword));

    You can find the souce code here:

        /// <summary>Hash a password using the OpenBSD bcrypt scheme.</summary>
    /// <exception cref="ArgumentException">Thrown when one or more arguments have unsupported or
    ///                                     illegal values.</exception>
    /// <param name="input">The password to hash.</param>
    /// <param name="salt">    the salt to hash with (perhaps generated using BCrypt.gensalt).</param>
    /// <returns>The hashed password</returns>
    public static string HashPassword(string input, string salt)
    {
        if (input == null)
            throw new ArgumentNullException("input");

        if (string.IsNullOrEmpty(salt))
            throw new ArgumentException("Invalid salt", "salt");

        // Determinthe starting offset and validate the salt
        int startingOffset;
        char minor = (char)0;
        if (salt[0] != '$' || salt[1] != '2')
            throw new SaltParseException("Invalid salt version");
        if (salt[2] == '$')
            startingOffset = 3;
        else
        {
            minor = salt[2];
            if (minor != 'a' || salt[3] != '$')
                throw new SaltParseException("Invalid salt revision");
            startingOffset = 4;
        }

        // Extract number of rounds
        if (salt[startingOffset + 2] > '$')
            throw new SaltParseException("Missing salt rounds");

        // Extract details from salt
        int logRounds = Convert.ToInt32(salt.Substring(startingOffset, 2));
        string extractedSalt = salt.Substring(startingOffset + 3, 22);

        byte[] inputBytes = Encoding.UTF8.GetBytes((input + (minor >= 'a' ? "\0" : "")));
        byte[] saltBytes = DecodeBase64(extractedSalt, BCRYPT_SALT_LEN);

        BCrypt bCrypt = new BCrypt();
        byte[] hashed = bCrypt.CryptRaw(inputBytes, saltBytes, logRounds);

        // Generate result string
        StringBuilder result = new StringBuilder();
        result.Append("$2");
        if (minor >= 'a')
            result.Append(minor);
        result.AppendFormat("${0:00}$", logRounds);
        result.Append(EncodeBase64(saltBytes, saltBytes.Length));
        result.Append(EncodeBase64(hashed, (_BfCryptCiphertext.Length * 4) - 1));
        return result.ToString();
    }