Solved

Help with RijndaelManaged encryption problem using c#

Posted on 2007-03-25
2
1,499 Views
Last Modified: 2012-05-05
I need some help figuring out an issue using RijndaelManaged to encrypt and decrypt a string.

I took the code from

http://www.obviex.com/samples/Encryption.aspx

and used as is get an error about padding invalid SO I changed the padding to Padding.None and it seems to encrypt..or at least it returns an encrypted value without givig me the padding error.

but when I decrypt the string it doesnt return as the original value but instead returns as some gobbledeegoock

Below is my code and this is the data I feed to the methods....but before you loko at the code this is what I encrypt

7henewp@s5phr@se
this is what returns encrypted.
gPtlrVtf+cKn0Yu7EQrgDQ==
but this is what gets decrypted.
h`*B7*Z



protected void Button1_Click(object sender, EventArgs e)
    {
        string plainText = "7henewp@s5phr@se";
        string passPhrase = "encrypt7heb@st@rd";
        string saltValue = "2s@lty4me";
        string hashAlgorith = "SHA1";
        int pwIterations = 7;
        string initVector = "@1B9f5P2!0n3G69T";
        int keySize = 256;

        TextBox1.Text = plainText;

        string cipherText = RijndaelSimple.Encrypt(plainText,
                                                   passPhrase,
                                                   saltValue,
                                                   hashAlgorith,
                                                   pwIterations,
                                                   initVector,
                                                   keySize);
        Label1.Text = cipherText;

        string results = RijndaelSimple.Decrypt(cipherText,
                                                passPhrase,
                                                saltValue,
                                                hashAlgorith,
                                                pwIterations,
                                                initVector,
                                                keySize);
        Label2.Text = results;

public class RijndaelSimple
{
      public static string Encrypt(string plaintext,
                                 string passPhrase,
                                 string saltValue,
                                 string hashAlgorithm,
                                 int pwIterations,
                                 string initVector,
                                 int keySize)
   
      {
       
        byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
        byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
        byte[] plainTextBytes = Encoding.UTF8.GetBytes(plaintext);
        PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, pwIterations);
        byte[] keyBytes = password.GetBytes(keySize / 8);
        RijndaelManaged symmetricKey = new RijndaelManaged();
        symmetricKey.Mode = CipherMode.CBC;
        symmetricKey.Padding = PaddingMode.None;
        ICryptoTransform encryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
        MemoryStream memoryStream = new MemoryStream();
        CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
        cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
        cryptoStream.FlushFinalBlock();
        byte[] cipherTextBytes = memoryStream.ToArray();
        memoryStream.Close();
        cryptoStream.Close();
        string cipherText = Convert.ToBase64String(cipherTextBytes);
        return cipherText;
      }
    public static string Decrypt(string ciphertext,
                                 string passPhrase,
                                 string saltValue,
                                 string hashAlgorithm,
                                 int pwIterations,
                                 string initVector,
                                 int keySize)
    {

        byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
        byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
        byte[] cipherTextBytes = Convert.FromBase64String(ciphertext);
        PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, pwIterations);
        byte[] keyBytes = password.GetBytes(keySize / 8);
        RijndaelManaged symmetricKey = new RijndaelManaged();
        symmetricKey.Mode = CipherMode.CBC;
        symmetricKey.Padding = PaddingMode.None;
        ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
        MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
        CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
        byte[] plainTextBytes = new byte[cipherTextBytes.Length];
        int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
        memoryStream.Close();
        cryptoStream.Close();
        string plainText = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
        return plainText;
    }
}
0
Comment
Question by:Prysson
2 Comments
 
LVL 3

Accepted Solution

by:
kingtam2000 earned 500 total points
ID: 18788663
It's caused by the fact that you are decrypting the string twice, as the encryption function is the same as the decryption function.  You should change the following code in the encrypt function to encrypt it:
        ICryptoTransform encryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
to
       ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);

Once that is changed it should work.

Hope that helps.
0
 

Author Comment

by:Prysson
ID: 18788772
Awesome catch..I dpont know how many times I looked through that and kept missing it.

Thanks for the help!!!
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question