Rijndael decryption in C#

Question

I need to decrypt a string using Rijndael and those values:

key size - 192

block size - 128

key - cmdAj45F37I5ud2134FDg2fF

When I'm using the code below I get an error : string size illigle, can anyone help me?

public static string DecryptRijndael(string value, string encryptionKey)
    {

            var key = Encoding.UTF8.GetBytes(encryptionKey); //must be 16 chars 
            var rijndael = new RijndaelManaged
            {
                BlockSize = 128,
                IV = key,
                KeySize = 192,
                Key = key
            };

            var buffer = Convert.FromBase64String(value);
            var transform = rijndael.CreateDecryptor();
            string decrypted;
            using (var ms = new MemoryStream())
            {
                using (var cs = new CryptoStream(ms, transform, CryptoStreamMode.Write))
                {
                    cs.Write(buffer, 0, buffer.Length);
                    cs.FlushFinalBlock();
                    decrypted = Encoding.UTF8.GetString(ms.ToArray());
                    cs.Close();
                }
                ms.Close();
            }

            return decrypted;

    }

Answer 1

One (big) problem is in using UTF8.GetBytes() to get the byte[] from string. It is hard to control the number of bytes and it is not very safe.

Use Rfc2898DeriveBytes.GetBytes() instead. And then you can specify the desired length.

But of course you have to do that while encrypting as well.
And I agrre with Luke's remarks about the IV

Answer 2

Can you see the comment in your code that says the key "must be 16 chars" ? Your key looks more like 24 characters to me!

In this case you're re-using the key as the IV -- not recommended best practice anyway -- but the size of the IV must match the block size, which is set to 128 bits/16 bytes.

Having said that, the problem I just described should give you the error "Specified initialization vector (IV) does not match the block size for this algorithm" , not "string size illigle" , so this might be a red herring.

Answer 3

Error is because of the input being 64 bit encoded.

IV and key is not the same. IV is for salting. Anyway the error you are getting is because the input is 64bit encoded. so do this and the error will go.

var decodedEncryptionKey= Base64Decode(encryptionKey);

var key = Encoding.UTF8.GetBytes(decodedEncryptionKey);

here is the full code:

 private string decyptInit(string toBeDecrypted, string key, string initVector)
    {
        var keyByte = Encoding.Default.GetBytes(key);
        var decodedIV = Base64Decode(initVector);
        var iv = Encoding.Default.GetBytes(decodedIV);

        var rijndael = new RijndaelManaged
        {
            BlockSize = 128,
            IV = iv,
            KeySize = 192,
            Key = keyByte
        };

        var buffer = Convert.FromBase64String(toBeDecrypted);
        var transform = rijndael.CreateDecryptor();
        string decrypted;
        using (var ms = new MemoryStream())
        {
            using (var cs = new CryptoStream(ms, transform, CryptoStreamMode.Write))
            {
                cs.Write(buffer, 0, buffer.Length);
                cs.FlushFinalBlock();
                decrypted = Encoding.UTF8.GetString(ms.ToArray());
                cs.Close();
            }
            ms.Close();
        }

        return decrypted;
    } public static string Base64Decode(string base64EncodedData)
    {
        var base64EncodedBytes = System.Convert.FromBase64String(base64EncodedData);
        return System.Text.Encoding.UTF8.GetString(base64EncodedBytes);
    }