RFC2898DeriveBytes not decrypting

Question

I am having some issues using RFC2898DeriveBytes. Here is the situation: I am creating a public/private key pair using RSACryptoProvider and I use Rfc2898 to encrypt the private key file. I am using the following code for encryption:

 Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(frm2.txtPassphrase.Text, saltbyte);

 // Encrypt the data.
 TripleDES encAlg = TripleDES.Create();
 encAlg.Key = key.GetBytes(16);

 // Create the streams used for encryption. 
 byte[] encrypted;
 using (FileStream fsEncrypt = new FileStream(@"D:\test.xml", FileMode.Create, System.IO.FileAccess.Write))
 {
     using (CryptoStream csEncrypt = new CryptoStream(fsEncrypt, encAlg.CreateEncryptor(), CryptoStreamMode.Write))
     {
          using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
          {
               //Write all data to the stream.
               swEncrypt.Write(privateKeyXml);
          }
      }
 }

This is for decryption:

TripleDES decAlg = TripleDES.Create();
Rfc2898DeriveBytes key1 = new Rfc2898DeriveBytes(frm1.txtPassphrase.Text, saltbyte);
decAlg.Key = key1.GetBytes(16);

// Create the streams used for decryption. 
using (FileStream fsDecrypt = new FileStream(@"D:\test.xml", FileMode.Open, System.IO.FileAccess.Read))
{
    using (CryptoStream csDecrypt = new CryptoStream(fsDecrypt, decAlg.CreateDecryptor(), CryptoStreamMode.Read))
    {
        using (StreamReader srDecrypt = new StreamReader(csDecrypt))
        {

             // Read the decrypted bytes from the decrypting stream 
             // and place them in a string.
             decPrivateKeyXml = srDecrypt.ReadToEnd();
         }
     }
}

Now the problem is that when I get the decPrivateKeyXml, all except the first few words come out correct. The first few words are just scrambled:

"�� ���dalue><Modulus>u9N+amIgXTw1zzJ+bxXoKaaGwCVFeXkKvdx0vhd24X7vvcJpnkA6gFgOeypbTTGm3if1QM/lyLN3qoprBkHJKDo7ldzj5a4L2Xb1tP1yUyNDban/KzkzsGK0h3fLO8UxRE6cHIB5cyEUmgmkjpFoXzz7DovUrZh3Z3qV20AHZLs=</Modulus><Exponent>AQAB</Exponent><P>5pCr4yPtn8ZyZskIpFM9pgZI1BUBIJYYhnYPywrMTj1smsQGuCswXNrcKsGvF6c9KrrXFF69AgbzcAsQwI449Q==</P><Q>0IvXoP8uELT/v8lG5R0YmvrgTfVQNJp8n8PT7J1dN3dsCDUHa+rK2Q4XSehFHT8XQgiENICkYg6xsdJqXXxY7w==</Q><DP>KwpSrAIm966J6JoanOJVHcsKiVyqazTZuzAK3rJTVT+uKG3zeynEy3CnrOufDeFQT8u1Hr5YtioqA35tUCS8iQ==</DP><DQ>UXZOxJTpaZ1KSaBWESlMcz2MYOdybRnrlHzqS4Ms5n2/tXUBcSZGFoNqlXQli0cZzrGE8v1NOQCEaPHImrv4AQ==</DQ><InverseQ>rX3TlQMreZvjm+fNS5UK90tj/KQQAlP0u5xxgEAUVfr8ZE/hsSOcB0MuXPyeGExRyRiBdSUsj64BHOVPH9+mcw==</InverseQ><D>H04JtNtz/3YolccZsZQaJM7/iIjtwmg9NRXIU2J/yueoN51ukxSra3bBux99JimPYVmRk+LSrpfS6xa07c8LIqMaC6nFQCVF6yJH3sHuDuL7Hob2dVZ+egyjeCVu8vyn1R4/SAZ4AaWtmc8c0Zt3hSvdDMCtN61HWegFmugvRkk=</D></RSAKeyValue>"

I don't know what is wrong with the code....

Answer 1

.NET uses a random IV for CBC encryption. You need to store this IV with the ciphertext and initialize your decryptor with it. Normally the IV is prefixed to the ciphertext.