As per https://www.nuget.org/packages/Blazor.SubtleCrypto
The package uses SubtleCrypto encrypt/decrypt methods and AES-GCM algorithm and returned in ciphertext.
I am under the impression that using a shared key used during encryption, I should be able to decrypt the ciphertext in the backend using System.Security.Cryptography.
But I encounter an exception:
System.Security.Cryptography.CryptographicException : The computed authentication tag did not match the input authentication tag.
private static string Decrypt(string cypherText)
{
// convert from base64 to raw bytes spans
var encryptedData = Convert.FromBase64String(cypherText).AsSpan();
var key = Convert.FromBase64String("V4iOXGCoPpX3UncQ5W9bsfUCqIlWvewbMsBNT4IHZRQ=").AsSpan();
// 128 bit encryption / 8 bit = 16 bytes
var tagSizeBytes = 16;
var ivSizeBytes = 12; // 12 bytes iv
// cipher text size is whole data - iv - tag
var cipherSize = encryptedData.Length - tagSizeBytes - ivSizeBytes;
// extract iv (nonce) 12 bytes prefix
var iv = encryptedData.Slice(0, ivSizeBytes);
// followed by the real cipher text
var cipherBytes = encryptedData.Slice(ivSizeBytes, cipherSize);
// followed by the tag (trailer)
var tagStart = ivSizeBytes + cipherSize;
var tag = encryptedData.Slice(tagStart);
// now that we have all the parts, the decryption
Span<byte> plainBytes = cipherSize < 1024
? stackalloc byte[cipherSize]
: new byte[cipherSize];
using var aes = new AesGcm(key);
aes.Decrypt(iv, cipherBytes, tag, plainBytes);
return Encoding.UTF8.GetString(plainBytes);
}
Related
I am trying to convert the following php code to C#:
$m_params = urlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key, json_encode($arParams), MCRYPT_MODE_ECB)));
What the documentation says:
m_params : A JSON array of data of
additional parameters
encrypted using the
Rijindael-256 algorithm and
encoded using a base64
algorithm.
What I've assumed?
Step 1: Create an array of params i.e. $arParams
For php its declared like:
$arParams = array(
'success_url' => 'http://google.com/new_success_url',
'fail_url' => 'http://google.com/new_fail_url',
'status_url' => 'http://google.com/new_status_url',
);
For C# I've declared it like this:
var additional_params = new object[]
{
new {"http://google.com/new_success_url"},
new {"http://google.com/new_fail_url"},
new {"http://google.com/new_status_url"},
};
Step 2: Encode to JSON string, I've used JsonConvert.SerializeObject(additional_params);
Step 3: Encrypt the result using RIJNDAEL-256 Algorithm using ECB (I've used CBC as well)
Step 4: Encode the result using base64. I've used Convert.ToBase64String(encrypted);
Step 5: Url encode the result. I've used HttpUtility.UrlEncode(base64String, Encoding.UTF8);
Step 6: Save the result in m_params
My current code looks like this:
var additional_params = new object[]
{
new {"http://google.com/new_success_url"},
new {"http://google.com/new_fail_url"},
new {"http://google.com/new_status_url"},
};
string m_params ="";
//converting to Json object additional params
var jsonEncoded = JsonConvert.SerializeObject(additional_params);
try
{
string original = jsonEncoded;
// Create a new instance of the RijndaelManaged
// class. This generates a new key and initialization
// vector (IV).
using (RijndaelManaged myRijndael = new RijndaelManaged())
{
var final_Key = CreateMD5(payeer.m_key + payeer.m_orderid);
var rfc = CreateKey(final_Key);
// Encrypt the string to an array of bytes.
byte[] encrypted = EncryptStringToBytes(original, rfc[0], rfc[1]);
var base64String = Convert.ToBase64String(encrypted);
m_params = HttpUtility.UrlEncode(base64String, Encoding.UTF8);
// Decrypt the bytes to a string.
string roundtrip = DecryptStringFromBytes(encrypted, rfc[0], rfc[1]);
//Display the original data and the decrypted data.
Console.WriteLine("Original: {0}", original);
Console.WriteLine("Round Trip: {0}", roundtrip);
}
static byte[] EncryptStringToBytes(string plainText, byte[] Key, byte[] IV)
{
// Check arguments.
if (plainText == null || plainText.Length <= 0)
throw new ArgumentNullException("plainText");
if (Key == null || Key.Length <= 0)
throw new ArgumentNullException("Key");
if (IV == null || IV.Length <= 0)
throw new ArgumentNullException("IV");
byte[] encrypted;
// Create an RijndaelManaged object
// with the specified key and IV.
using (RijndaelManaged rijAlg = new RijndaelManaged())
{
rijAlg.Key = Key;
rijAlg.IV = IV;
rijAlg.Mode = CipherMode.ECB;
// rijAlg.KeySize = 256;
rijAlg.BlockSize = 256;
rijAlg.Padding = PaddingMode.PKCS7;
// Create an encryptor to perform the stream transform.
ICryptoTransform encryptor = rijAlg.CreateEncryptor(rijAlg.Key, rijAlg.IV);
// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
}
encrypted = msEncrypt.ToArray();
}
}
}
// Return the encrypted bytes from the memory stream.
return encrypted;
}
public static string CreateMD5(string input)
{
// Use input string to calculate MD5 hash
using (System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create())
{
byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
byte[] hashBytes = md5.ComputeHash(inputBytes);
// Convert the byte array to hexadecimal string
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashBytes.Length; i++)
{
sb.Append(hashBytes[i].ToString("X2"));
}
return sb.ToString();
}
}
public static dynamic CreateKey(string password)
{
var salt = new byte[] { 1, 2, 23, 234, 37, 48, 134, 63, 248, 4 };
const int Iterations = 9872;
using (var rfc2898DeriveBytes = new Rfc2898DeriveBytes(password, salt, Iterations))
{
var key = rfc2898DeriveBytes.GetBytes(32);
var IV = rfc2898DeriveBytes.GetBytes(16);
dynamic[] arr = new dynamic[2];
arr[0] = key;
arr[1] = IV;
return arr;
}
}
Its not giving the same output. Am I missing something??
As mentioned in President James K. Polk's comment, Rijndael with a block size of 256 bits is only supported in the .NET Framework, not in .NET Core. You did not specify the version you are running, but since you use a block size of 256 bits in the posted code (rijAlg.BlockSize = 256;), I assume you are running .NET Framework (otherwise, you need to apply a third party library that supports Rijndael with a block size of 256 bits, such as BouncyCastle/C#).
Both codes use a different padding. mcrypt applies Zero padding by default, the C# code explicitly uses PKCS7 padding (which is also the C# default). So that the C# code provides the same result as the PHP code, it is necessary to switch to Zero padding in the C# code (it should be noted that Zero padding is unreliable, unlike PKCS7 padding).
When additional_params is instantiated (which, by the way, does not compile on my machine), the variable names are missing, so they are also missing in the serialization. An anonymous type could be used instead. Also, note that json_encode() escapes the slash (/) by default, i.e. converts it to a \/, which has to be done manually in the C# code, e.g. with Replace("/", "\\/"). One possible implementation of the JSON serialization is:
using Newtonsoft.Json;
...
var additionalParams = new
{
success_url = "http://google.com/new_success_url",
fail_url = "http://google.com/new_fail_url",
status_url = "http://google.com/new_status_url"
};
string jsonEncoded = JsonConvert.SerializeObject(additionalParams).Replace("/", "\\/");
In the PHP code, the key is derived from a password using the MD5 digest. By default, md5() returns the result as a hexadecimal string, which converts the 16 bytes hash into a 32 bytes value that is applied as the key, so that AES-256 is used. PHP represents the hexadecimal digits with lowercase letters, which must also be implemented accordingly in the C# code, e.g.:
using System;
using System.Text;
using System.Security.Cryptography;
...
MD5 md5 = MD5.Create();
string password = "My password"; // test password
byte[] passwordHash = md5.ComputeHash(Encoding.UTF8.GetBytes(password));
string passwordHashHex = BitConverter.ToString(passwordHash).Replace("-", "").ToLower(); // convert byte array to lowercase hex string as in PHP
byte[] key = Encoding.UTF8.GetBytes(passwordHashHex);
where the conversion of the byte array to the hexadecimal string is done with BitConverter, see here.
A possible implementation for the encryption is:
using System;
using System.IO;
using System.Web;
using System.Text;
using System.Security.Cryptography;
...
byte[] encrypted = null;
using (RijndaelManaged rijndael = new RijndaelManaged())
{
rijndael.Key = key;
rijndael.Mode = CipherMode.ECB; // default: CBC
rijndael.BlockSize = 256; // default: 128
rijndael.Padding = PaddingMode.Zeros; // default: PKCS7
ICryptoTransform encryptor = rijndael.CreateEncryptor(rijndael.Key, null);
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
swEncrypt.Write(jsonEncoded);
}
encrypted = msEncrypt.ToArray();
}
}
}
string base64String = Convert.ToBase64String(encrypted);
string m_params = HttpUtility.UrlEncode(base64String, Encoding.UTF8);
Console.WriteLine(m_params);
where this code with the used test password gives the following result:
C3pldgsLDSqfG28cbt%2fv0uiBNQT6cWn86iRwg%2bv2blTzR7Lsnra%2b2Ok35Ex9f9UbG%2bjhKgITUQ8kO3DrIrWUQWirzYzwGBucHNRThADf60rGUIBDdjZ2kOIhDVXUzlMsZtBvYIgFoIqFJXCbhZq9GGnKtABUOa5pcmIYeUn%2b%2fqG1mdtJenP5vt8n0eTxsAd6CFc1%2bguR0wZx%2fEZAMsBBRw%3d%3d
in accordance with the result of the following PHP code:
$key = md5('My password'); // test password
$arParams = array(
'success_url' => 'http://google.com/new_success_url',
'fail_url' => 'http://google.com/new_fail_url',
'status_url' => 'http://google.com/new_status_url',
);
$m_params = urlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key, json_encode($arParams), MCRYPT_MODE_ECB)));
print($m_params . "\n");
Note that C# uses lowercase letters for the url encoding, while PHP uses uppercase letters, which represents the same url encoding, see RFC 3986, sec. 2.1. If the C# code should nevertheless also apply uppercase letters for the url encoding, this can easily be achieved using regular expressions, see e.g. here.
A few remarks regarding security:
The PHP code applies the insecure ECB mode. For security reasons, a mode with an IV should be used, e.g. CBC or GCM. The latter provides implicit authenticated encryption. The IV is randomly generated for each encryption, is not secret and is sent to the recipient along with the ciphertext (usually prepended).
MD5 as a key derivation function (KDF) is also insecure. Here, a reliable KDF should be used, e.g. PBKDF2.
In addition, using the hexadecimal string as the key weakens the same, since each byte is reduced to the 16 values of the hexadecimal number system. More secure is the use of the binary data generated by the KDF, so that each byte can take 256 different values.
mcrypt is deprecated. A possible alternative is openssl.
At the moment I'm stucked on the symmetrical encryption between PHP and C#, no matter how I rewrite my script I always get either an error message or the encrypted text even more encrypted. I have been trying allmost every suggestion that is offered on the internet for 3 days without success, I hope someone can help me to finish the encryption and decryption process. You can find examples of my scripts below.
This is how I build and send the message containing the Key, IV and Encrypted text:
function alphaNumeric () : string {
$number = rand(32, 127);
return $number >= 48 && $number <= 57
|| $number >= 65 && $number <= 90
|| $number >= 97 && $number <= 122
? chr($number)
: alphaNumeric();
}
function randomBytes (int $length, string $byteString = '') : string {
return $length > 0
? randomBytes($length - 1, $byteString.alphaNumeric())
: $byteString;
}
$key = randomBytes(16);
$iv = randomBytes(16);
$data = 'This text should be encrypted in PHP and decrypted in C#!';
$encrypted = openssl_encrypt($data, 'aes-128-cbc', $key, 1, $iv);
$message = $key.$iv.$encrypted;
file_put_contents('message.txt', $message);
echo $message;
die;
this is what I send from PHP and what I receive again in C#:
UeWeXUAnu98RKTkMiBGLWpMNy4CRKJErOqTTUfJWrtXziFTELGG+647lw/XT846dj8tlNMITLVBg2cKS3dFINeKot4zlb+gVpfq4oIb/M3a8n3a9XWaeIOrHpNedZmMrYiZoCQ==
UeWeXUAnu98RKTkMiBGLWpMNy4CRKJErOqTTUfJWrtXziFTELGG+647lw/XT846dj8tlNMITLVBg2cKS3dFINeKot4zlb+gVpfq4oIb/M3a8n3a9XWaeIOrHpNedZmMrYiZoCQ==
and at the end this is the c# code which should decrypt the message:
public static void Main()
{
var client = new HttpClient();
var requestUri = "http://localhost/message.php";
while (Console.ReadLine() == string.Empty)
{
var response = client.GetAsync(requestUri).Result;
if (!response.IsSuccessStatusCode)
{
continue;
}
var content = response.Content.ReadAsStringAsync().Result;
if (string.IsNullOrWhiteSpace(content) || content.Length < 48)
{
continue;
}
File.WriteAllText("../../../message.txt", content);
var keyString = content.Substring(0, 16);
var keyBytes = Encoding.UTF8.GetBytes(keyString);
var ivString = content.Substring(16, 16);
var ivBytes = Encoding.UTF8.GetBytes(ivString);
var encString = content.Substring(32);
var encBytes = Encoding.UTF8.GetBytes(encString);
Console.WriteLine($"{keyBytes.Length}: {keyString}");
Console.WriteLine($"{ivBytes.Length}: {ivString}");
Console.WriteLine($"{encBytes.Length}: {encString}");
try
{
var plainText = Decrypt(encBytes, keyBytes, ivBytes);
Console.WriteLine(plainText);
}
catch (Exception e)
{
Console.WriteLine($"Error: {e.Message}");
}
}
}
static string Decrypt(byte[] encrypted, byte[] key, byte[] iv)
{
using var alg = AesCryptoServiceProvider.Create();
//alg.IV = iv;
//alg.Key = key;
//alg.KeySize = 128;
//alg.BlockSize = 256;
//alg.Mode = CipherMode.CBC;
alg.Padding = PaddingMode.PKCS7;
var decryptor = alg.CreateDecryptor(key, iv);
using var ms = new MemoryStream(encrypted);
using var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);
using var sr = new StreamReader(cs);
return sr.ReadToEnd();
}
this is the message I'm currently getting:
Thanks in advance.
There are the following issues in the C# code:
In the PHP code a 32 bytes key is generated, but because of the specified AES-128 (aes-128-cbc), only the first 16 bytes are taken into account. Accordingly, in the C# code only the first 16 bytes of the key may be considered and not the full 32 bytes (see first comment).
In the PHP code openssl_encrypt returns the ciphertext Base64 encoded by default, so this part of the ciphertext must be Base64 decoded in the C# code and not UTF8 encoded (see second comment).
AesCryptoServiceProvider uses CBC mode and PKCS7 padding by default, so both do not need to be explicitly specified in the C# code.
The following C# code decrypts the ciphertext encrypted with the PHP code:
string content = "UeWeXUAnu98RKTkMiBGLWpMNy4CRKJErOqTTUfJWrtXziFTELGG+647lw/XT846dj8tlNMITLVBg2cKS3dFINeKot4zlb+gVpfq4oIb/M3a8n3a9XWaeIOrHpNedZmMrYiZoCQ==";
var keyString = content.Substring(0, 16);
var keyBytes = Encoding.UTF8.GetBytes(keyString);
var ivString = content.Substring(32, 16);
var ivBytes = Encoding.UTF8.GetBytes(ivString);
var encString = content.Substring(48);
var encBytes = Convert.FromBase64String(encString);
using var alg = AesCryptoServiceProvider.Create();
alg.IV = ivBytes;
alg.Key = keyBytes;
var decryptor = alg.CreateDecryptor(keyBytes, ivBytes);
using var ms = new MemoryStream(encBytes);
using var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);
using var sr = new StreamReader(cs);
string decrypted = sr.ReadToEnd();
Console.WriteLine(decrypted);
Please consider with regard to the PHP-Code, that it is inconsistent when a 32 bytes key is generated for AES-128. Instead, a 16 bytes key should be generated. Alternatively, you can switch to AES-256 (aes-256-cbc). And also keep in mind the hint in the first comment: A key must generally not be sent with the ciphertext, because any attacker could easily decrypt the data.
My situation: I'm rewriting a server in C# which was written in C++ for learning purposes. At some point the client will send a password to the server which is encrypted. They used the Rijndael encryption for the password.
You can find the original encryption class here:
Rijndael.h: https://github.com/astorks/FlyFF/blob/master/Source/_Common/Rijndael.h
Rijndael.cpp: https://github.com/astorks/FlyFF/blob/master/Source/_Common/Rijndael.cpp#L926
As you can see in the .cpp-file, they use this key and IV:
char const* CRijndael::sm_chain0 = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
char szDefaultKey[32] = "dldhsvmflvm";
Here's the part, where they actually decrypt the password in the original server (https://github.com/astorks/FlyFF/blob/master/Source/CERTIFIER/DPCertifier.cpp#L256)
// MAX_PASSWORD is actually 42. So 16*42 = 672 byte
char szEnc[ 16 * MAX_PASSWORD ] = {0, };
char szDec[ 16 * MAX_PASSWORD ] = {0, };
ar.Read( szEnc, 16 * MAX_PASSWORD );
g_xRijndael->ResetChain();
g_xRijndael->Decrypt( szEnc, szDec, 16 * MAX_PASSWORD, CRijndael::CBC );
Now i'm at the part where i correctly get the packet from the client and where i need to decrypt the password. My current C# code doesn't decrypt the data correctly and i can't figure out why. This is my code:
public static class Rijndael
{
private static ICryptoTransform decryptor { get; set; }
private static RijndaelManaged rijndael { get; set; }
public static void Init()
{
byte[] decryptKey = Encoding.ASCII.GetBytes("dldhsvmflvm").Concat(Enumerable.Repeat((byte)0, 21).ToArray()).ToArray();
byte[] decryptIV = Enumerable.Repeat((byte)0, 16).ToArray();
// I've tried BlockSize 128 and 256. It actually should be 128 since it's 16 on the original server (16 * 8 = 128)
rijndael = new RijndaelManaged() { Padding = PaddingMode.Zeros, Mode = CipherMode.CBC, KeySize = 256, BlockSize = 128, Key = decryptKey, IV = decryptIV };
decryptor = rijndael.CreateDecryptor(decryptKey, decryptIV);
}
public static string decrypt(byte[] data)
{
string password = null;
using (MemoryStream ms = new MemoryStream(data))
using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read))
using (StreamReader sr = new StreamReader(cs))
password = sr.ReadToEnd();
return password;
}
}
They picked 32 bytes at the serverside but only filled them with 11 characters: dldhsvmflvm. That's why i fill the other 21 bytes with 0.
32*8 = 256 Bit = KeySize
I get an error when i would use a IV like byte[32] and fill it with 0. It said smth like the IV doesn't fit to the blocksize. That's why it has 16 bytes now and is filled with 0. Could this be the problem and if so, how could i fix it?
Besides that, i have no idea what could went wrong. Hopefully you can save my day, Stackoverflow. :)
As xanatos said i've added 5 Zeros instead instead of 21, because they key should only be 16 bytes instead of 32 bytes.
It's working without problems now. Thanks to everyone!
I am trying to solve an encryption issue I am having between php and c#.
I have encrypted data using the following php and openssl operation.
$encrypt_method = "AES-256-CBC";
$secret_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
$secret_iv = 'XXXXXXXXXXXXXXXX';
$key = hash ('sha256', $secret_key);
$iv = substr (hash ('sha256', $secret_iv), 0, 16);
$output = openssl_encrypt ($string, $encrypt_method, $key, 0, $iv);
$output = base64_encode ($output);
I have tried a couple of methods in C# to decrypt but this is what I am trying now.
public string Encrypt_Decrypt(string action, string value) {
string secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
string secretIV = "XXXXXXXXXXXXXXXX";
string key = Hash(secretKey);
string iv = Hash(secretIV).Substring(0,16);
string retValue = "";
if (action == "encrypt") {
retValue = EncryptString(value, key, iv);
}
else if (action == "decrypt") {
retValue = DecryptString(value, key, iv);
}
}
// Hash to match php hash function
public static string Hash(string unhashedString) {
return BitConverter.ToString(new SHA256CryptoServiceProvider().ComputeHash(Encoding.Default.GetBytes(unhashedString))).Replace("-", String.Empty).ToLower();
}
public static string DecryptString(string cipherData, string keyString, string ivString) {
byte[] key = Encoding.UTF8.GetBytes(keyString);
Console.WriteLine(key.Length);
byte[] iv = Encoding.UTF8.GetBytes(ivString);
Console.WriteLine(iv.Length);
byte[] cipherCrypt = Convert.FromBase64String(cipherData);
for (int i = 0; i < cipherCrypt.Length; i++) {
Console.Write(cipherCrypt[i] + " ");
}
try {
RijndaelManaged crypto = new RijndaelManaged();
crypto.Key = key;
crypto.IV = iv;
crypto.Mode = CipherMode.CBC;
crypto.KeySize = 256;
crypto.BlockSize = 128;
crypto.Padding = PaddingMode.None;
ICryptoTransform decryptor = crypto.CreateDecryptor(crypto.Key, crypto.IV);
using (MemoryStream memStream = new MemoryStream(cipherCrypt)) {
using (CryptoStream cryptoStream = new CryptoStream(memStream, decryptor, CryptoStreamMode.Read)) {
using (StreamReader streamReader = new StreamReader(cryptoStream)) {
return streamReader.ReadToEnd();
}
}
}
}
catch (CryptographicException e) {
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
I have tried a couple different encoding types when getting the byte[] for the operation.
I keep getting the following error:
Specified key is not a valid size for this algorithm.
Not sure what I am missing. Any help is appreciated.
Also, I already read through this and tried what the solution suggestion recommended. I got the same resulting error.
UPDATE - 01
I have updated the code here to reflect the code I have changed.
The key length is 32,
The iv length is 16,
The data coming in at "cipherData" is length 32,
When "cipherData" goes through "FromBase64String(cipherData)" it comes out as a 24 byte array. This is causing an issue for the decryptor which wants a 32 byte array.
There are obviously problems with the key size. The code between PHP and C# seem to match. The problem seems to be that the code is wrong in both cases.
Let's see how long the key actually is:
Start with a 32 byte key (non-encoded).
Hash the key with SHA-256: 32 bytes (non-encoded).
Encode to hex (integrated into PHP's hash() function by default): 64 bytes.
AES only supports the following key sizes: 16, 24 and 32 bytes. openssl_encrypt() will only use the first 32 bytes of the hex key silently. So, you need to use the first 32 bytes in C#.
Note that openssl_encrypt() takes an options argument which denotes that the output is Base64 when OPENSSL_RAW_DATA is not set. It means that the PHP output was encoded twice with Base64. So you need to decode it twice in C#.
I am using rijndaelmanaged algoritham for password encryption
Is there a way to restrict the size of the encrypted text key?
eg:1, ABC - Encrypted key size 10
2, ABCDHGF - Encrypted key size 10
Means Fixed size !!
If you do not need to have password back from encrypted data, you can use hash algorithms. First compute the hash value for the password and then encrypt this hash value. Since hash values have fixed length your encrypted data will have a fixed length. When you need to check a password, decrypt the encrypted value and recalculate hash value from entered password then check if they match.
For example on a sign up page
var encryptedPwd = Encrypt(ComputeHash(txtPassword.Text));
Save(txtUsername.Text, encryptedPwd);
And on a login page
var encryptedPwd = SelectPwd(txtUsername.Text);
var pwdHash1 = Decrypt(encryptedPwd);
var pwdHash2 = ComputeHash(txtPassword.Text);
if (AreEqual(pwdHash1, pwdHash2))
// Login OK!
else
// Login fail
Another option could be making a custom padding. Say your passwords will have max length of 16 characters. Then you can pad every password to 16 chars with some fixed char. Then encrypt this padded password. It would be easier for validation but using hash is a bit more secure.
Sign up
var encryptedPwd = Encrypt(txtPassword.Text.PadRight(16, 'X'));
Save(txtUsername.Text, encryptedPwd);
Login
var encryptedPwd = SelectPwd(txtUsername.Text);
var pwd1 = Decrypt(encryptedPwd);
var pwd2 = txtPassword.Text.PadRight(16, 'X');
if (AreEqual(pwd1, pwd2))
// Login OK!
else
// Login fail
Instead of using a simple hash, it's suggested to use a password-strengthening algorithm, like the one specified in Rfc2898
string password = "P#$$w0rd";
byte[] salt = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7 }; // this is fixed... It would be better you used something different for each user
// You can raise 1000 to greater numbers... more cycles = more security. Try
// balancing speed with security.
Rfc2898DeriveBytes pwdGen = new Rfc2898DeriveBytes(password, salt, 1000);
// generate key and iv
byte[] key = pwdGen.GetBytes(16);
byte[] iv = pwdGen.GetBytes(16);
byte[] encrypted;
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Key = key;
rijndaelCipher.IV = iv;
// Or your data
byte[] data = System.Text.Encoding.UTF8.GetBytes("hello world");
var encryptor = rijndaelCipher.CreateEncryptor();
encrypted = encryptor.TransformFinalBlock(data, 0, data.Length);
}
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Key = key;
rijndaelCipher.IV = iv;
var decryptor = rijndaelCipher.CreateDecryptor();
byte[] decrypted = decryptor.TransformFinalBlock(encrypted, 0, encrypted.Length);
// this if you are encrypting text, otherwise decrypted is already your data
string text = System.Text.Encoding.UTF8.GetString(decrypted);
}