frumbert/Program.cs

## decrypt.php
<?php

// key and iv are generated using c#
const ENC_KEY = 'blXk1AP8piM58TLslBNWJn01d+0iSY73Fr6C34F78Ak=';
const ENC_IV = 'bednml5qJeMgo3ZMQ1yuPZfrpiXE99Aa4C9k4zsPemA=';

// do the decryption
print my_decrypt(ENC_KEY, ENC_IV, filter_input(INPUT_GET, "value", FILTER_SANITIZE_SPECIAL_CHARS)); // could do better validation

class my_decrypt {
	// decrypt RJ256 which was encrypted using c#
	public static function decrypt($key,$iv,$encrypted) {
		// reverse "safe" base64 encoding back to standard
		$encrypted = str_replace(['-', '_', ','],['+', '/', '='] , $encrypted);
		$key = base64_decode($key);
		$iv = base64_decode($iv);
		$encrypted = base64_decode($encrypted);
		$rtn = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
		$rtn = self::unpad($rtn);
		return($rtn);
	}

	//removes PKCS7 padding
	private static function unpad($value) {
		$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
		$packing = ord($value[strlen($value) - 1]);
		if($packing && $packing < $blockSize) {
			for($P = strlen($value) - 1; $P >= strlen($value) - $packing; $P--) {
				if(ord($value{$P}) != $packing) {
					$packing = 0;
				}
			}
		}
		return substr($value, 0, strlen($value) - $packing);
	}

}

## Program.cs
using System;
using System.IO;
using System.Text;
using System.Collections.Generic;
using System.Security.Cryptography;

namespace csharpstuff
{
	class MainClass
	{
		public static void Main(string[] args)
		{

			// generate our keys:
			// Encryption.GenerateKeyIV(out key, out iv);
			// Console.WriteLine("key = {0}, iv = {1}", key, iv);

			var key = "blXk1AP8piM58TLslBNWJn01d+0iSY73Fr6C34F78Ak=,";
			var iv = "bednml5qJeMgo3ZMQ1yuPZfrpiXE99Aa4C9k4zsPemA=";

			// the string we want to encrypt
			var inp = "the quick brown fox jumps over the lazy dog";

			// encrypt and output the sso url
			var outp = Encryption.Encrypt(inp, key, iv);

			// pick up the output
			Console.WriteLine(outp);

		}

	}

	public static class Encryption
	{
		public static string Encrypt(string prm_text_to_encrypt, string prm_key, string prm_iv)
		{
			var sToEncrypt = prm_text_to_encrypt;

			var rj = new RijndaelManaged()
			{
				Padding = PaddingMode.PKCS7,
				Mode = CipherMode.CBC,
				KeySize = 256,
				BlockSize = 256,
			};

			var key = Convert.FromBase64String(prm_key);
			var IV = Convert.FromBase64String(prm_iv);

			var encryptor = rj.CreateEncryptor(key, IV);

			var msEncrypt = new MemoryStream();
			var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);

			var toEncrypt = Encoding.ASCII.GetBytes(sToEncrypt);

			csEncrypt.Write(toEncrypt, 0, toEncrypt.Length);
			csEncrypt.FlushFinalBlock();

			var encrypted = msEncrypt.ToArray();

			// return base64 but with url-breaking values replaced (+ becomes -, etc)
			return (Convert.ToBase64String(encrypted).Replace("+","-").Replace("/","_").Replace("=",","));
		}

		public static string Decrypt(string prm_text_to_decrypt, string prm_key, string prm_iv)
		{

			var sEncryptedString = prm_text_to_decrypt;

			var rj = new RijndaelManaged()
			{
				Padding = PaddingMode.PKCS7,
				Mode = CipherMode.CBC,
				KeySize = 256,
				BlockSize = 256,
			};

			var key = Convert.FromBase64String(prm_key);
			var IV = Convert.FromBase64String(prm_iv);

			var decryptor = rj.CreateDecryptor(key, IV);

			// replace hacked base64 identifiers with their original values
			var sEncrypted = Convert.FromBase64String(sEncryptedString.Replace("-", "+").Replace("_", "/").Replace(",", "="));

			var fromEncrypt = new byte[sEncrypted.Length];

			var msDecrypt = new MemoryStream(sEncrypted);
			var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);

			csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);

			return (Encoding.ASCII.GetString(fromEncrypt));
		}

		public static void GenerateKeyIV(out string key, out string IV)
		{
			var rj = new RijndaelManaged()
			{
				Padding = PaddingMode.PKCS7,
				Mode = CipherMode.CBC,
				KeySize = 256,
				BlockSize = 256,
			};
			rj.GenerateKey();
			rj.GenerateIV();

			key = Convert.ToBase64String(rj.Key);
			IV = Convert.ToBase64String(rj.IV);
		}
	}
}
	<?php

	// key and iv are generated using c#
	const ENC_KEY = 'blXk1AP8piM58TLslBNWJn01d+0iSY73Fr6C34F78Ak=';
	const ENC_IV = 'bednml5qJeMgo3ZMQ1yuPZfrpiXE99Aa4C9k4zsPemA=';

	// do the decryption
	print my_decrypt(ENC_KEY, ENC_IV, filter_input(INPUT_GET, "value", FILTER_SANITIZE_SPECIAL_CHARS)); // could do better validation

	class my_decrypt {
	// decrypt RJ256 which was encrypted using c#
	public static function decrypt($key,$iv,$encrypted) {
	// reverse "safe" base64 encoding back to standard
	$encrypted = str_replace(['-', '_', ','],['+', '/', '='] , $encrypted);
	$key = base64_decode($key);
	$iv = base64_decode($iv);
	$encrypted = base64_decode($encrypted);
	$rtn = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
	$rtn = self::unpad($rtn);
	return($rtn);
	}

	//removes PKCS7 padding
	private static function unpad($value) {
	$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
	$packing = ord($value[strlen($value) - 1]);
	if($packing && $packing < $blockSize) {
	for($P = strlen($value) - 1; $P >= strlen($value) - $packing; $P--) {
	if(ord($value{$P}) != $packing) {
	$packing = 0;
	}
	}
	}
	return substr($value, 0, strlen($value) - $packing);
	}

	}
	using System;
	using System.IO;
	using System.Text;
	using System.Collections.Generic;
	using System.Security.Cryptography;

	namespace csharpstuff
	{
	class MainClass
	{
	public static void Main(string[] args)
	{

	// generate our keys:
	// Encryption.GenerateKeyIV(out key, out iv);
	// Console.WriteLine("key = {0}, iv = {1}", key, iv);

	var key = "blXk1AP8piM58TLslBNWJn01d+0iSY73Fr6C34F78Ak=,";
	var iv = "bednml5qJeMgo3ZMQ1yuPZfrpiXE99Aa4C9k4zsPemA=";

	// the string we want to encrypt
	var inp = "the quick brown fox jumps over the lazy dog";

	// encrypt and output the sso url
	var outp = Encryption.Encrypt(inp, key, iv);

	// pick up the output
	Console.WriteLine(outp);

	}

	}

	public static class Encryption
	{
	public static string Encrypt(string prm_text_to_encrypt, string prm_key, string prm_iv)
	{
	var sToEncrypt = prm_text_to_encrypt;

	var rj = new RijndaelManaged()
	{
	Padding = PaddingMode.PKCS7,
	Mode = CipherMode.CBC,
	KeySize = 256,
	BlockSize = 256,
	};

	var key = Convert.FromBase64String(prm_key);
	var IV = Convert.FromBase64String(prm_iv);

	var encryptor = rj.CreateEncryptor(key, IV);

	var msEncrypt = new MemoryStream();
	var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);

	var toEncrypt = Encoding.ASCII.GetBytes(sToEncrypt);

	csEncrypt.Write(toEncrypt, 0, toEncrypt.Length);
	csEncrypt.FlushFinalBlock();

	var encrypted = msEncrypt.ToArray();

	// return base64 but with url-breaking values replaced (+ becomes -, etc)
	return (Convert.ToBase64String(encrypted).Replace("+","-").Replace("/","_").Replace("=",","));
	}

	public static string Decrypt(string prm_text_to_decrypt, string prm_key, string prm_iv)
	{

	var sEncryptedString = prm_text_to_decrypt;

	var rj = new RijndaelManaged()
	{
	Padding = PaddingMode.PKCS7,
	Mode = CipherMode.CBC,
	KeySize = 256,
	BlockSize = 256,
	};

	var key = Convert.FromBase64String(prm_key);
	var IV = Convert.FromBase64String(prm_iv);

	var decryptor = rj.CreateDecryptor(key, IV);

	// replace hacked base64 identifiers with their original values
	var sEncrypted = Convert.FromBase64String(sEncryptedString.Replace("-", "+").Replace("_", "/").Replace(",", "="));

	var fromEncrypt = new byte[sEncrypted.Length];

	var msDecrypt = new MemoryStream(sEncrypted);
	var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);

	csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);

	return (Encoding.ASCII.GetString(fromEncrypt));
	}

	public static void GenerateKeyIV(out string key, out string IV)
	{
	var rj = new RijndaelManaged()
	{
	Padding = PaddingMode.PKCS7,
	Mode = CipherMode.CBC,
	KeySize = 256,
	BlockSize = 256,
	};
	rj.GenerateKey();
	rj.GenerateIV();

	key = Convert.ToBase64String(rj.Key);
	IV = Convert.ToBase64String(rj.IV);
	}
	}
	}