0

Steps to reproduce the unexpected result:

  1. Using http://aesencryption.net/ I encrypt the text HappyCoding with yecpPqAJ+PnBMtggWVz42WME3TjhG313OhvBuUJOFtc= as the key and 256-Bit option chosen in the drop-down. I receive Lox/sfjNyXOzP9ZE8Fjj9REcuB+iJ1EXXuNjf2du29c= as a result.

  2. I then run it through the Decrypt function in my code: 

    var testAesString = "Lox/sfjNyXOzP9ZE8Fjj9REcuB+iJ1EXXuNjf2du29c="; var decryptedString = Decrypt(testAesString, key);

    and receive "�ГYC���{R\u0017V��@\u0013�NH�$�|�\u001a)˪n�mp" instead of "HappyCoding"

The code for the Decrypt function is below:

private static string Decrypt(string stringCypher_Text, string stringKey) { Byte[] Key = Convert.FromBase64String(stringKey); Byte[] Cypher_Text = Convert.FromBase64String(stringCypher_Text); RijndaelManaged Crypto = null; MemoryStream MemStream = null; ICryptoTransform Decryptor = null; CryptoStream Crypto_Stream = null; StreamReader Stream_Read = null; string Plain_Text; try { Crypto = new RijndaelManaged(); Crypto.Padding = PaddingMode.Zeros; Crypto.Key = Key; Crypto.BlockSize = 256; Crypto.Mode = CipherMode.ECB; Crypto.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; Decryptor = Crypto.CreateDecryptor(Crypto.Key, Crypto.IV); MemStream = new MemoryStream(Cypher_Text); Crypto_Stream = new CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read); Stream_Read = new StreamReader(Crypto_Stream); Plain_Text = Stream_Read.ReadToEnd(); } finally { if (Crypto != null) Crypto.Clear(); MemStream.Flush(); MemStream.Close(); } return Plain_Text; }

I am not receiving any errors. I am receiving an unexpected result. I don't know how to approach this in regards to testing it further. My thought is maybe the website I am using to receive the encrypted values in the first place is using different settings etc.

Any direction on how to test and/or resolve is appreciated.

Improve this question
15
  • you have to decode the raw stream using an encoder such as utf8 or ascii. Commented Feb 2, 2016 at 21:04
  • You're generating a new Initialization Vector - shouldn't it be the same as the one used to do the encryption? Commented Feb 2, 2016 at 21:04
  • @Tim the website I mentioned doesn't have a parameter for IV. I am unsure of the initial IV used to do the encryption. Commented Feb 2, 2016 at 21:08
  • 1
    The site aesencryption.net doesn't seem to expect the key to be base64-encoded. Commented Feb 2, 2016 at 21:09
  • 2
    Possible duplicate of What C# AES encryption options to use so result can be decrypted on a public web site? Commented Feb 2, 2016 at 21:21

2 Answers 2

Reset to default
2

Played around with it a bit more and got the following to work. The site appears to just grab the first 32 bytes of whatever string you use as key.

 public static string DecryptLikeSite(string base64EncodedCipherText, string key) { using (var alg = new RijndaelManaged()) { alg.BlockSize = 256; alg.Key = System.Text.Encoding.ASCII.GetBytes(key).Take(32).ToArray(); alg.Mode = CipherMode.ECB; alg.Padding = PaddingMode.Zeros; alg.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; var cipherText = Convert.FromBase64String(base64EncodedCipherText); using (ICryptoTransform decryptor = alg.CreateDecryptor()) { using (var ms = new MemoryStream(cipherText)) { using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read)) { using (var sr = new StreamReader(cs)) { return sr.ReadToEnd().Replace("\0", string.Empty); } } } } } } public static void Test() { string key = "yecpPqAJ+PnBMtggWVz42WME3TjhG313OhvBuUJOFtc="; string expectedPlainText = "HappyCoding"; string base64EncodedSiteCipherText = "Lox/sfjNyXOzP9ZE8Fjj9REcuB+iJ1EXXuNjf2du29c="; string plainText = DecryptLikeSite(base64EncodedSiteCipherText, key); bool success = expectedPlainText == plainText; }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Because the cipher text is two blocks, but the plain text is less than one block, I guess that the first block is an IV.

Try using the first 16 bytes of the cipher text as an IV in CBC mode, and decrypt the next 16 bytes.

Improve this answer

2 Comments

It's because of the extra block of zeroes that is used for padding.
@Mark Wow that is a terrible application of crypto.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.