Java Encryption Url Variable to Decrypt in C#

I am trying to use your software to encrypt/decrypt the following which a client is sending me from Java and I am trying to decrypt in C#:

Information provided from the client:

Encryption mode: AES
Blocking mode: CBC
Padding mode: PKCS5PADDING

Test key:
933aeffebf46b9f5a54fee575d723283

Encrypted URL:
http://test.com/login.htm?message=bcec60d0f3c71bef2207a4d08b65bf3ec7e100f7a564ec3c5c65fbbffbb2819162d738aae003c954956e6efe5760a75be68472b3f87b335a0f1e3f8d0626c45deca8f8b7b81a2b8993c2bbc5bd7acf2e&iv=308b72a06f3770c86c2d0cafd67c54d4

message decodes to:
sid=S123456&name=Fred+Smith&usertype=BC&bucode=SW&expires=1246044953238
-----------------------------------
Additional Information:

The encrypted URL has 2 parameters:
"      message - the AES-encrypted string in hexadecimal format
"      iv - the initialization vector for this message.  NOTE: the iv will be different for each message

The decrypted message is set up like URL parameters with the values UTF-8 url-encoded :
"      sid - user's unique id
"      name - first and last
"      usertype - position code
"      bucode - business unit code
"      expires - timestamp (in milliseconds) when this message should expire

NOTES on the "expires" field:
"      The milliseconds are counted from 1/1/1970 00:00:00 GMT
"      By default, the expire time is set to 30 minutes from the point we generate the encrypted URL to account for discrepancies in system clocks.  If you want to use a national time service to ensure our clocks are synched, we could decrease the amount of time allowed before expiration.
"      If the message is decoded after the expiration time, it should be considered invalid and access should be denied.


using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
 
namespace RijndaelManaged_Examples
{
    class RijndaelMemoryExample
    {
        public static void Main()
        {
            try
            {
 
								string original = "sid=S123456&name=Fred+Smith&usertype=BC&bucode=SW&expires=1246044953238";
 
                // Create a new instance of the RijndaelManaged
                // class.  This generates a new key and initialization 
                // vector (IV).
                RijndaelManaged myRijndael = new RijndaelManaged();
 
								byte[] key = System.Text.Encoding.UTF8.GetBytes("933aeffebf46b9f5a54fee575d723283");
								myRijndael.Key = key;
 
								byte[] IV = System.Text.Encoding.UTF8.GetBytes("308b72a06f3770c86c2d0cafd67c54d4");
								//myRijndael.BlockSize = 16;
								myRijndael.IV = IV;
								myRijndael.Mode = CipherMode.CBC;
								myRijndael.Padding = PaddingMode.PKCS7;
 
                // Encrypt the string to an array of bytes.
                //byte[] encrypted = encryptStringToBytes_AES(original, myRijndael.Key, myRijndael.IV);
 
								byte[] encrypted = System.Text.Encoding.UTF8.GetBytes("bcec60d0f3c71bef2207a4d08b65bf3ec7e100f7a564ec3c5c65fbbffbb2819162d738aae003c954956e6efe5760a75be68472b3f87b335a0f1e3f8d0626c45deca8f8b7b81a2b8993c2bbc5bd7acf2e");
								
								// Convert utf-8 bytes to a string.
								string s_unicode2 = System.Text.Encoding.UTF8.GetString(encrypted);
								Console.WriteLine("Encrypted:   {0}", s_unicode2);
                // Decrypt the bytes to a string.
                string roundtrip = decryptStringFromBytes_AES(encrypted, myRijndael.Key, myRijndael.IV);
 
                //Display the original data and the decrypted data.
                Console.WriteLine("Original:   {0}", original);
                Console.WriteLine("Round Trip: {0}", roundtrip);
								Console.Read();
            }
            catch (Exception e)
            {
                Console.WriteLine("Error: {0}", e.Message);
								Console.Read();
            }
        }
 
        static byte[] encryptStringToBytes_AES(string plainText, byte[] Key, byte[] IV)
        {
            // Check arguments.
            if (plainText == null || plainText.Length <= 0)
                throw new ArgumentNullException("plainText");
            if (Key == null || Key.Length <= 0)
                throw new ArgumentNullException("Key");
            if (IV == null || IV.Length <= 0)
                throw new ArgumentNullException("Key");
 
            // Declare the stream used to encrypt to an in memory
            // array of bytes.
            MemoryStream msEncrypt = null;
 
            // Declare the RijndaelManaged object
            // used to encrypt the data.
            RijndaelManaged aesAlg = null;
 
            try
            {
                // Create a RijndaelManaged object
                // with the specified key and IV.
                aesAlg = new RijndaelManaged();
								aesAlg.BlockSize = 256;
                aesAlg.Key = Key;
                aesAlg.IV = IV;
								
								aesAlg.Mode = CipherMode.CBC;
								aesAlg.Padding = PaddingMode.PKCS7;
 
                // Create a decrytor to perform the stream transform.
                ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
 
                // Create the streams used for encryption.
                msEncrypt = new MemoryStream();
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {
                        //Write all data to the stream.
                        swEncrypt.Write(plainText);
                    }
                }
 
            }
            finally
            {
 
                // Clear the RijndaelManaged object.
                if (aesAlg != null)
                    aesAlg.Clear();
            }
 
            // Return the encrypted bytes from the memory stream.
            return msEncrypt.ToArray();
 
        }
 
        static string decryptStringFromBytes_AES(byte[] cipherText, byte[] Key, byte[] IV)
        {
            // Check arguments.
            if (cipherText == null || cipherText.Length <= 0)
                throw new ArgumentNullException("cipherText");
            if (Key == null || Key.Length <= 0)
                throw new ArgumentNullException("Key");
            if (IV == null || IV.Length <= 0)
                throw new ArgumentNullException("Key");
 
            // Declare the RijndaelManaged object
            // used to decrypt the data.
            RijndaelManaged aesAlg = null;
 
            // Declare the string used to hold
            // the decrypted text.
            string plaintext = null;
 
            try
            {
                // Create a RijndaelManaged object
                // with the specified key and IV.
                aesAlg = new RijndaelManaged();
								aesAlg.BlockSize = 256;
                aesAlg.Key = Key;
                aesAlg.IV = IV;
 
								aesAlg.Mode = CipherMode.CBC;
								aesAlg.Padding = PaddingMode.PKCS7;
 
 
                // Create a decrytor to perform the stream transform.
                ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
                // Create the streams used for decryption.
                using (MemoryStream msDecrypt = new MemoryStream(cipherText))
                {
                    using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                    {
                        using (StreamReader srDecrypt = new StreamReader(csDecrypt))
 
                            // Read the decrypted bytes from the decrypting stream
                            // and place them in a string.
                            plaintext = srDecrypt.ReadToEnd();
                    }
                }
 
            }
            finally
            {
 
                // Clear the RijndaelManaged object.
                if (aesAlg != null)
                    aesAlg.Clear();
            }
 
            return plaintext;
 
        }
    }
}

Open in new window

smolinitekAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jens FiedererTest Developer/ValidatorCommented:
You definitely want to set your blocksize to 256, otherwise you will fail setting the IV.

After that....the PKCS 5 is a problem.

See

http://www.codeproject.com/KB/vb/PKSCStandard.aspx
0
Jens FiedererTest Developer/ValidatorCommented:
Hmm....even using the CryptoStream directly and decoding just the first block (so padding wouldn't matter) my output has little resemblance to your original input.
0
Jens FiedererTest Developer/ValidatorCommented:
OK, I don't think you should be using System.Text.Encoding.UTF8.GetBytes to get your bytes - that encodes the characters into UTF8 bytes, it does not interpret HEX bytes.   Use something like:

   byte[] FromHex(string hex)
    {
        if (hex.Length % 2 == 1)
        {
            hex = "0" + hex;
        }
        byte[] output = new byte[hex.Length / 2];
        for (int i = 0; i < hex.Length; i += 2)
        {
            output[i/2] = byte.Parse(hex.Substring(i, 2), System.Globalization.NumberStyles.HexNumber);
        }
        return output;
    }
0
Jens FiedererTest Developer/ValidatorCommented:
Yup....replace System.Text.Encoding.UTF8.GetBytes by FromHex (as above), use a BlockSize of 128 (at that size PKCS5 and PKCS7 use the same padding), and you are OK.

I get:

plaintext
"sid=S123456&name=Fred+Smith&usertype=BC&bucode=SW&expires=1246044953238"
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.