Python Translation of C# DES Encryption

[Andreas Pauley]

Hi all,

I'm trying to implement a Python equivalent of a C# method that encrypts
a string.
My Python attempt is in the attached file, but does not return the same
value as the C# method (see below).

Any hints?

Thanks,
Andreas

The C# method:

public static string Encrypt(string decrypted)
{
byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes(decrypted);
byte[] rgbKey = System.Text.ASCIIEncoding.ASCII.GetBytes("12345678");
byte[] rgbIV = System.Text.ASCIIEncoding.ASCII.GetBytes("87654321");

MemoryStream memoryStream = new MemoryStream(1024);

DESCryptoServiceProvider desCryptoServiceProvider = new
DESCryptoServiceProvider();

CryptoStream cryptoStream = new CryptoStream(memoryStream,
desCryptoServiceProvider.CreateEncryptor(rgbKey, rgbIV),
CryptoStreamMode.Write);

cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
byte[] result = new byte[(int)memoryStream.Position];
memoryStream.Position = 0;
memoryStream.Read(result, 0, result.Length);
cryptoStream.Close();
return System.Convert.ToBase64String(result);
}


_____________________________________________________________________________________________
This e-mail contains official information from Quality Business Consultants (Pty) Ltd and is intended for use by the addressee only.
Important notice: Important restrictions, qualifications and disclaimers ("the Disclaimer") apply to this email.
To read this click on the following address: http://www.qbcon.com/disclaimer
The Disclaimer forms part of the content of this email in terms of section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you are unable to access the Disclaimer, send a blank e-mail to (e-mail address removed) and we will send you a copy of the Disclaimer.


#!/usr/bin/env python

from Crypto.Cipher import DES
import base64

def base64DESEncrypt(plaintext):

# Set the key to be used:
rgbKey = "12345678"

# Set the Initial Value (IV) to be used:
rgbIV = "87654321"

des_object=DES.new(rgbKey, DES.MODE_ECB)
des_object.IV = rgbIV

ciphertext = des_object.encrypt(plaintext)
base64_ciphertext = base64.encodestring(ciphertext)

return base64_ciphertext

if __name__ == '__main__':
# The length of the string has to be a multiple of 8, for simplicity (for now).
# The C# code does not have this limitation, so I'd have to look at
# that as well.
print base64DESEncrypt('password')


# Original C# method that I'm trying to translate:
#
#public static string Encrypt(string decrypted)
#{
# byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes(decrypted);
# byte[] rgbKey = System.Text.ASCIIEncoding.ASCII.GetBytes("12345678");
# byte[] rgbIV = System.Text.ASCIIEncoding.ASCII.GetBytes("87654321");
#
# MemoryStream memoryStream = new MemoryStream(1024);
#
# DESCryptoServiceProvider desCryptoServiceProvider = new DESCryptoServiceProvider();
#
# CryptoStream cryptoStream = new CryptoStream(memoryStream,
# desCryptoServiceProvider.CreateEncryptor(rgbKey, rgbIV),
# CryptoStreamMode.Write);
#
# cryptoStream.Write(data, 0, data.Length);
# cryptoStream.FlushFinalBlock();
# byte[] result = new byte[(int)memoryStream.Position];
# memoryStream.Position = 0;
# memoryStream.Read(result, 0, result.Length);
# cryptoStream.Close();
# return System.Convert.ToBase64String(result);
#}

 

[Edward Elliott]

Hi all,

I'm trying to implement a Python equivalent of a C# method that encrypts
a string.
My Python attempt is in the attached file, but does not return the same
value as the C# method (see below).

Any hints?

I can't tell from the code you posted what a DESCryptoServiceProvider does,
but I think you're using two different block cipher modes. The C/C# code
uses an IV, which means it's probably not using ECB mode. Meanwhile your
Python code uses ECB mode, which doesn't even use an IV (the one you
provided is probably just ignored).

You need to find the exact algorithm the DESCryptoServiceProvider uses.
CBC and CTR are common modes with IVs. Besides mode of operation, there's
the issue of how it pads the data (in the cipher, not base64). There could
also be differences in things like the key scheduling routines, but that's
less likely. Until you know exactly what the original code does, your only
option is trial and error.

 

[Gary Doades]

Hi all,

I'm trying to implement a Python equivalent of a C# method that encrypts
a string.
My Python attempt is in the attached file, but does not return the same
value as the C# method (see below).

Any hints?

Thanks,
Andreas

Check out PyDES I have had great success in decrypting strings that have been encrypted with .NET
TripleDES. Although it does not appear to encrypt the string to the same value it does work
perfectly decrypting and encrypting in a way compatible with thwe C# methods.

http://twhiteman.netfirms.com/des.html

Regards,
Gary.

 

[Paul Rubin]

http://twhiteman.netfirms.com/des.html

I'm not sure if that's the same DES lib that I used in a project last
year but as I remember, the lib I used had a bug in 3DES CBC mode that
made it give answers incompatible with the NIST test vectors. It took
considerable head scratching to figure out that the library was
causing the problem. I ended up switching to a different library.
Anyway, be careful. The library that I used did handle the 1DES CBC
and 3DES ECB correctly, fwiw.

 

[Andreas Pauley]

You need to find the exact algorithm the DESCryptoServiceProvider uses.
CBC and CTR are common modes with IVs. Besides mode of operation, there's
the issue of how it pads the data (in the cipher, not base64). There could
also be differences in things like the key scheduling routines, but that's
less likely. Until you know exactly what the original code does, your only
option is trial and error.

I read some of the C# documentation on DESCryptoServiceProvider, but it
was completely useless for
my purpose. The documentation basically only tells you how to use the
class, not what it does.

I managed to *decrypt* a string encrypted by the C# method using CBC
mode, as suggested by Gary (thanks).
The python CBC encryption results in a different encrypted string, but
decrypting both these strings
returns the original plaintext value.

As for padding, the C# method uses characters '\x01' to '\x07' for padding.
If there are 3 padding characters needed (eg with a password of 5
chars), then three '\x03' chars will be used.
Similarly, a 2-char password will be padded with '\x06' * 6

Regards,
Andreas Pauley

_____________________________________________________________________________________________
This e-mail contains official information from Quality Business Consultants (Pty) Ltd and is intended for use by the addressee only.
Important notice: Important restrictions, qualifications and disclaimers ("the Disclaimer") apply to this email.
To read this click on the following address: http://www.qbcon.com/disclaimer
The Disclaimer forms part of the content of this email in terms of section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you are unable to access the Disclaimer, send a blank e-mail to (e-mail address removed) and we will send you a copy of the Disclaimer.