RijndaelManaged Decryption in .net 5 not working
Question
I have below code in .net framework to decrypt some information and it is working fine. I have been tasked to upgrade this code to .net 5 and the same code is not working.
Current code in .net framework works fine
private static string DecryptStringFromBytes(string cypherText, byte[] key)
{
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
if (key == null || key.Length <= 0)
throw new ArgumentNullException("key");
string plaintext;
using (var rijAlg = new RijndaelManaged())
{
rijAlg.BlockSize = 256;
rijAlg.Key = key;
rijAlg.Mode = CipherMode.CBC;
rijAlg.Padding = PaddingMode.Zeros;
rijAlg.IV = ASCIIEncoding.ASCII.GetBytes(MD5(MD5(_encryptionKey)));
ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);
using (var msDecrypt = new MemoryStream(cipherTextBytes))
using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
using (var srDecrypt = new StreamReader(csDecrypt))
plaintext = srDecrypt.ReadToEnd();
}
return plaintext;
}
private static string MD5(string testString)
{
byte[] asciiBytes = ASCIIEncoding.ASCII.GetBytes(testString);
byte[] hashedBytes = MD5CryptoServiceProvider.Create().ComputeHash(asciiBytes);
string hashedString = BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
return hashedString;
}
The same code when I tried in .net 5 it is giving me the below error. "BlockSize must be 128 in this implementation"
When I changed the block size in the above code to 128- the error disappeared but the decrypted text is all with glibberish text (not in readable format).
I did some research on this and I realized that .net core does not yet support 256 block size and a workaround is to use it with Bouncy Castle library. I did some google search on this and after looking at some samples I updated the code to the below
public static string DecryptFromBouncyCastle(string cipherText, byte[] key)
{
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
if (key == null || key.Length <= 0)
throw new ArgumentNullException("key");
var ivStringBytes = new byte[16];
var engine = new RijndaelEngine(256);
var blockCipher = new CbcBlockCipher(engine);
var cipher = new PaddedBufferedBlockCipher(blockCipher, new ZeroBytePadding());
var keyParam = new KeyParameter(key);
var keyParamWithIV = new ParametersWithIV(keyParam, ivStringBytes, 0, 32);
cipher.Init(false, keyParamWithIV);
var outputBytes = new byte[cipher.GetOutputSize(cipherTextBytes.Length)];
var length = cipher.ProcessBytes(cipherTextBytes, outputBytes, 0);
var finalBytes = cipher.DoFinal(outputBytes, 0, length);
var resultText = Encoding.UTF8.GetString(finalBytes);
return resultText;
}
private static string MD5(string testString)
{
byte[] asciiBytes = ASCIIEncoding.ASCII.GetBytes(testString);
byte[] hashedBytes = MD5CryptoServiceProvider.Create().ComputeHash(asciiBytes);
string hashedString = BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
return hashedString;
}
This code is not giving me any error but I see some part of the decryption was working. I see 30% of the decrypted text and rest some junk characters.
I am not so familiar with the encryption/decryption internals and I am struggling to understand where the problem is. It may be a small issue but I could not figure out.
I would appreciate if someone could review this code and let me know where the issue is with my code or suggest if any other better alternate solution.
1 answers
solution1
1 ACCPTED 2022-04-04 21:06:55
The IV and the DoFinal() call must be modified:
var ivStringBytes = ASCIIEncoding.ASCII.GetBytes(MD5(MD5(_encryptionKey))); // Fix 1
...
length += cipher.DoFinal(outputBytes, length); // Fix 2
var resultText = Encoding.UTF8.GetString(outputBytes, 0, length); // Fix 3
Note that a static IV is insecure. Also, AES should be preferred over Rijndael with a 256 bits blocksize.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.