使用 Java 解密代码截断 C# 加密数据

Question

All,I am posting some encrypted xml data(Using AES-128 ) to another application that uses Java to decrypt.When the Java code decrypts the xml,the start tag of the xml is getting truncated and fails validation.I don't have access to their code base .I can decrypt the same data using C# without any data loss.Please see the code I use to encrypt and Decrypt the data . I have researched this and based on the research ,I added the FlushFinalBlocks() and Close() to the CryptoStream in the encryption logic ,but this doesnt seem to fix the issue.

Encryption Code:

public static string Aes128Encrypt(string plainText)
        {
            string encodedPayload = null;
            string base64Iv = null;
            string base64Key = null;
            byte[] plainBytes = Encoding.UTF8.GetBytes(plainText);  
            using (RijndaelManaged aesAlg = new RijndaelManaged())
            {
                aesAlg.KeySize = 128;
                aesAlg.Mode = CipherMode.CBC;
                aesAlg.Padding = PaddingMode.PKCS7;
                aesAlg.BlockSize = 128;            
                base64Iv = Convert.ToBase64String(aesAlg.IV);
                base64Key = Convert.ToBase64String(aesAlg.Key);
                // Create a decrytor to perform the stream transform.
                ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

                // Create the streams used for encryption.
                using (MemoryStream msEncrypt = new MemoryStream())
                {
                    using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                    {                       
                        csEncrypt.Write(plainBytes, 0, plainBytes.Length);
                        csEncrypt.FlushFinalBlock();                        
                        encodedPayload  = Convert.ToBase64String(msEncrypt.ToArray());
                        csEncrypt.Close();
                    }
                    msEncrypt.Flush();
                    msEncrypt.Close();
                }
            }
            return encodedPayload  ;
        }

Decryption Code:

public static string Aes128Decrypt(string base64Key, string base64IV, string encodedPayload)
        {
            string plainText = null;
            byte[] key = Convert.FromBase64String(base64Key);
            byte[] iv = Convert.FromBase64String(base64IV);
            byte[] encryptedBytes = Convert.FromBase64String(encodedPayload);
            using (RijndaelManaged aesAlg = new RijndaelManaged())
            {
                aesAlg.KeySize = 128;
                aesAlg.Mode = CipherMode.CBC;
                aesAlg.BlockSize = 128;                
                aesAlg.Padding = PaddingMode.PKCS7;
                aesAlg.Key = key;
                aesAlg.IV = iv;

                // Create a decrytor to perform the stream transform.
                ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);

                // Create the streams used for decryption.
                using (MemoryStream msDecrypt = new MemoryStream(encryptedBytes))
                {
                    using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                    {
                        using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                        {
                            plainText = srDecrypt.ReadToEnd();
                        }                        
                    }

                }
            }

            return plainText;


        }

Testing Code:

string textXml = @"<person>
                                    <firstName>Rennish</firstName>
                                    <lastName>Joseph</lastName>
                                    <accountNumber>12345678910</accountNumber>
                                    <ssn>123456</ssn>
                                    </person>";
                Aes128Encrypt(textXml);
                string encodedPayload = "4p6uU7SiqB0uCzsrWXMOStP02HM7mKA6QVzcKoNdu3w1+MYLjYVbW/Ig3XPKRRafeu+WKDMuKJJaEREkrZt/Ycvc50wfe2naJ9d0UT5B7Fre1gIsNfZUIK3SF304+WF8zX730mVsluJABKT3JCkk9AkOGCQWPYzcZvH9dojIqGP7V+2j1+IMOPMWWFIitkAi8B7ALxMuMcepzX2/cxHxH7NeID0ytEGUzGfJXSAzQcvBX9dWwUqdMX3Eip5SRPMsotnWWsFTjDuOiZk/q5fuxxWbS6cuYn/64C/vQjEIuheQKn0ZOIDLNPCUavvWD2u6PWNKMNgW/qUIq13W9PQxzIiQxrT7ZqPFJu75C1KdXXUG5lghU7EBAGehHC/5BqFjs9SuYJkV1RrchMEzytrJIQ7Zp4CnOU6Q1rEhFTaMk/s=";
                string encodedKey = "2zpVbIxqvjSfJo7zkXzl2A==";
                string encodedIV = "5WOQPdmB/BkECmuPdNTaLw==";
                Aes128Decrypt(encodedKey, encodedIV, encodedPayload);

Data after encryption at the JAVA application looks like this

<rson>
    <firstName>Rennish</firstName>
    <lastName>Joseph</lastName>
    <accountNumber>12345678910</accountNumber>
    <ssn>123456</ssn>
</person>

Answer 1

Interesting problem.

I think the encryption and decryption works fine on both sides.

If part of the encrypted message was lost in transmission you would not be able to decrypt it due to the avalanche effect. So it appears that characters go missing in the plain text.

This might be an encoding issue in the plain text message. The bytes you have encoded and the bytes they decoded are probably the same. The way they are interpreted might not be.

Now there are two options here:

Either <person> becomes <rson> or it becomes rson> and there was a copy-paste mistake.

If the latter case is true then we're missing 3 bytes. This makes me think that the protocol might presume the presence of a byte order marker andsimply removes the first 3 bytes to get rid of it.

If the former case you'd have some very weird encoding issues. As all missing characters appear to be in the ascii range so they shouldn't have these issues.

Easy to test though:
1. Try sending with a byte order marker.
2. Try sending with <XXperson>
3. Try sending some characters with accents and the like.