1

I am trying to replicate this Java code in C#. 

 BASE64Decoder dec = new BASE64Decoder(); byte[] salt = null; try { salt = dec.decodeBuffer(saltStr); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } Security.insertProviderAt(new BouncyCastleProvider(), 1); String alg = "PBEWITHSHA256AND256BITAES-CBC-BC"; int derivedKeyLength = 256; int iterations = 20000; KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); try { SecretKeyFactory f = SecretKeyFactory.getInstance(alg); byte[] result = f.generateSecret(spec).getEncoded(); BASE64Encoder endecoder = new BASE64Encoder(); System.out.println(endecoder.encode(result)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeySpecException e) { // TODO Auto-generated catch block e.printStackTrace(); }

This is what I have so far, but it's failing. I am new to the Crypto world (so there may be an easier way to do this that I don't know) so any help would be appreciated. Thanks!

 var iterations = 20000; PbeParametersGenerator pGen = new Pkcs12ParametersGenerator(new Sha256Digest()); pGen.Init(Encoding.ASCII.GetBytes(password), Convert.FromBase64String(salt), iterations); ICipherParameters par = pGen.GenerateDerivedParameters("AES256", 256); IBufferedCipher c = CipherUtilities.GetCipher("PBEWITHSHA256AND256BITAES-CBC-BC"); Console.WriteLine(c.AlgorithmName); c.Init(true, par); byte[] enc = c.DoFinal(Convert.FromBase64String(salt)); Console.WriteLine("The output is :"); Console.WriteLine(Convert.ToBase64String(enc));

The issue is that the encrypted result is not the same in the Java and C# with the same password, the same salt, and the same number of iterations.

Update:

The problem was that the Java code (not written by me, is not doing the cipher encryption) it's only generating the key parameters. This code would give the same output as the Java code.

 var iterations = 20000; var sltBytes = Convert.FromBase64String(salt); byte[] byteSalt = Convert.FromBase64String(salt); byte[] pwdb = PbeParametersGenerator.Pkcs12PasswordToBytes(password.ToCharArray()); PbeParametersGenerator pGen = new Pkcs12ParametersGenerator(new Sha256Digest()); pGen.Init(pwdb, Convert.FromBase64String(salt), iterations); var par = (ParametersWithIV)pGen.GenerateDerivedParameters("AES256", 256, 128); var kpar = (KeyParameter)par.Parameters; byte[] by = kpar.GetKey(); Console.WriteLine(Convert.ToBase64String(by));
Improve this question
4
  • 2
    What is failing, what i the issue? Commented Feb 11, 2013 at 17:42
  • 1
    Sorry about that, I added the issue is that the result in the Java version and the C# version are different with the same parameters. Commented Feb 11, 2013 at 18:15
  • Can you verify that both versions of salt end up being the same? Commented Feb 11, 2013 at 18:37
  • They are the same, C# returns the an unsigned byte array that is the same as the signed byte array version that Java does. Commented Feb 11, 2013 at 19:11

2 Answers 2

Reset to default
2

Your call to GenerateDerivedParameters("AES256", 256) is specifying a different key length than the derivedKeyLength in Java.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Actually, good catch! but that's not it. The result is still different.
In that case, seeing as there is no clear issue with the code itself, it might be that the salt is not as identical as you think. Also, I'm not 100% sure about this, but Encoding.ASCII.GetBytes might be giving slightly different output compared to your call to toCharArray() in Java.
On that note, give Encoding.UTF8.GetBytes a try.
There's also options for UTF16.GetBytes and Unicode.GetBytes. If neither of those work, then I would again look at the salt as a possible culprit.
1

I think this is your problem:

Here you specify a derived key length of 128

int derivedKeyLength = 128; ... KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength);

Here you specify a derived key length of 256

ICipherParameters par = pGen.GenerateDerivedParameters("AES256", 256);
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.