my doubt is about the key to decrypt a encrypted string, without the same key used to encrypt the string i dont get the original string ok, but I need to protect this key not use her in hardcode because any hacker could decompiling a dll and see this key, if I to store this key in any archive, the hacker could copy this archive and my method and decrypt my text, how can i prevent this attack? following my code implementation, here the salt and key are static I'm trying to think in anyway to safe these datas
private static byte[] salt = new byte[255];
private static byte[] key;
internal static string EncryptString(string InputText)
{
System.Security.Cryptography.RijndaelManaged RijndaelCipher =
new System.Security.Cryptography.RijndaelManaged();
RNGCryptoServiceProvider rcs = new RNGCryptoServiceProvider();
rcs.GetBytes(salt);
key = RijndaelCipher.Key;
byte[] plainText = System.Text.Encoding.Unicode.GetBytes(InputText);
System.Security.Cryptography.PasswordDeriveBytes SecretKey =
new System.Security.Cryptography.PasswordDeriveBytes(RijndaelCipher.Key, salt);
System.Security.Cryptography.ICryptoTransform Encryptor =
RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
System.IO.MemoryStream memoryStream = new System.IO.MemoryStream();
System.Security.Cryptography.CryptoStream cryptoStream =
new System.Security.Cryptography.CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainText, 0, plainText.Length);
cryptoStream.FlushFinalBlock();
byte[] CipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string EncryptedData = Convert.ToBase64String(CipherBytes);
return EncryptedData;
}
internal static string DecryptString(string text)
{
System.Security.Cryptography.RijndaelManaged RijndaelCipher =
new System.Security.Cryptography.RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(text);
System.Security.Cryptography.PasswordDeriveBytes SecretKey =
new System.Security.Cryptography.PasswordDeriveBytes(RijndaelCipher.Key, salt);
ICryptoTransform Decryptor =
RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
System.IO.MemoryStream memoryStream = new System.IO.MemoryStream(EncryptedData);
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
byte[] PlainText = new byte[EncryptedData.Length];
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
cryptoStream.Close();
string DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
return DecryptedData;
}
#endregion
}
Related
C#
public void start()
{
Constants.APIENCRYPTKEY = Convert.ToBase64String(Encoding.Default.GetBytes(Session(32)));
Constants.APIENCRYPTSALT = Convert.ToBase64String(Encoding.Default.GetBytes(Session(16)));
string results = EncryptService("start");
}
private static string Session(int length)
{
Random random = new Random();
const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
public static string DecryptService(string value)
{
string message = value;
string password = Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTKEY));
SHA256 mySHA256 = SHA256Managed.Create();
byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password));
byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTSALT)));
string decrypted = DecryptString(message, key, iv);
return decrypted;
}
public static string DecryptString(string cipherText, byte[] key, byte[] iv)
{
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.CBC;
encryptor.Key = key;
encryptor.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform aesDecryptor = encryptor.CreateDecryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesDecryptor, CryptoStreamMode.Write);
string plainText = String.Empty;
try
{
byte[] cipherBytes = Convert.FromBase64String(cipherText);
cryptoStream.Write(cipherBytes, 0, cipherBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] plainBytes = memoryStream.ToArray();
plainText = Encoding.ASCII.GetString(plainBytes, 0, plainBytes.Length);
}
finally
{
memoryStream.Close();
cryptoStream.Close();
}
return plainText;
}
public static string EncryptService(string value)
{
string message = value;
string password = Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTKEY));
SHA256 mySHA256 = SHA256Managed.Create();
byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password));
byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTSALT)));
string encrypted = EncryptString(message, key, iv);
int property = Int32.Parse((OnProgramStart.AID.Substring(0, 2)));
string final = encrypted + Security.Obfuscate(property);
return final;
}
public static string EncryptString(string plainText, byte[] key, byte[] iv)
{
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.CBC;
encryptor.Key = key;
encryptor.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write);
byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length);
return cipherText;
}
This is what I got so far in PHP
function decrypt_string($msg='', $salt='', $key='')
{
$key = utf8_encode(base64_decode($key));
$key = hash('sha256', $key);
$salt = utf8_encode(base64_decode($salt));
$salt = EncodingASCII($salt);
$method = 'aes-256-cbc';
$msg = openssl_decrypt($msg, $method, $key, OPENSSL_RAW_DATA, $salt);
return $msg;
}
The encrypt and decrypt works perfect on c#, but I can't get it to decrypt on php. Haven't attempted to make the encrypt in php yet. My c# application calls on the php script with a encrypted data and needs to be decrypted on the php side then encrypted data sent back to the c# application.
I have got a string for you guys.
Normal string = nmrufETK
Encrypted string = ultYIi4GtHhb//Cl0J8wIg==
Here is the things that I know so far, the old decyrption method was :
public static List<string> hadibuloc = new List<string>();
Functions.hadibuloc.Add("OZt4nd8ZZpAEnZBdU3Z7");
Functions.hadibuloc.Add("fkheb1PFtPIKTi05Zpzz");
Functions.hadibuloc.Add("0kx96D8OzZ3rznUk4qyi");
Functions.hadibuloc.Add("TgAji9cqMALlhJV12elB");
Functions.hadibuloc.Add("0XQ3XXjUo3HTzzevUmDm");
Functions.hadibuloc.Add("F3Ib4qRHXDgQwoJyhWra");
Functions.hadibuloc.Add("eRWoJ0s1B0uln8fFgxqX");
Functions.hadibuloc.Add("iUE0FKl2Ntawpt6sbV7u");
Functions.hadibuloc.Add("me9fMa0WTreWRrmYpBh7");
Functions.hadibuloc.Add("kyJB0qCUq269fzREzRxD");
Functions.hadibuloc.Add("WnTufxOov40st4L6qZF9");
Functions.hadibuloc.Add("7csfQq3YunqM9ziygmw8");
Functions.hadibuloc.Add("EyqWVpgOvZkyJCAmlgCh");
Functions.hadibuloc.Add("D2RAYhyatrMYrZjLdlqL");
Functions.hadibuloc.Add("nSdcM6NAAyekiwYHQqZl");
Functions.hadibuloc.Add("B3RPgAHYEpwKsFCkrLSq");
Functions.hadibuloc.Add("JgQuRU88IQC5Z77JUTiD");
Functions.hadibuloc.Add("v57wd6YIJTGhettATB8L");
Functions.hadibuloc.Add("Qzc1nrxQwuIOMrGynhXu");
Functions.hadibuloc.Add("ad5AKkogV91AfmdNwkEO");
Functions.hadibuloc.Add("vaG2jNiDHa5p18hazzyZ");
Functions.hadibuloc.Add("BbYJbJOcX4w5F84nrWYl");
Functions.hadibuloc.Add("QGMq1ffFpBV64UpWeLCP");
Functions.hadibuloc.Add("lrLJqwoJGAuwmqA12MWR");
Functions.hadibuloc.Add("VFqyK09HS3920srKbBvp");
Functions.hadibuloc.Add("wVjVwspocrBWWAnFz53M");
Functions.hadibuloc.Add("oGMgDdEBpy8vHa5RZQHa");
Functions.hadibuloc.Add("BAUsGUgYBvi7tGMJRmy6");
Functions.hadibuloc.Add("l1nEhAHzWbRlGQeOi9pz");
Functions.hadibuloc.Add("PLpbqWSUnkAoLJam79cD");
Functions.hadibuloc.Add("SWbChkYzbfB0XKKcE1wb");
Functions.hadibuloc.Add("ZRlERlOLlbbW7l4u4SLB");
Functions.hadibuloc.Add("4FaDBRIw2bRkeqLALQwq");
Functions.hadibuloc.Add("Z3Yb3QdFgAbOUMD4TT2E");
Functions.hadibuloc.Add("0QjIrotDsTJrBMVOUGEx");
Functions.hadibuloc.Add("rrBABwOTnnjoZH81Y10w");
Functions.hadibuloc.Add("Ig8OIDYp7SaHel8gQhYE");
Functions.hadibuloc.Add("Zkcq9DLCmmMb2pvgsnox");
Functions.hadibuloc.Add("Ta9QRpW1vH3vYNaWDuaT");
Functions.hadibuloc.Add("I5B3gCvXSrgfg7aKdyJ8");
Functions.hadibuloc.Add("F5U7PteCDqjtT2YYMbte");
Functions.hadibuloc.Add("NOzV5qhSRxEmEwHGrjSv");
Functions.hadibuloc.Add("9Ocg4R5TAqIQLJVY9aJA");
Functions.hadibuloc.Add("AoXect0Wd914NAKW957w");
Functions.hadibuloc.Add("ebNIGbCQ5e4vRkoKQ4SN");
Functions.hadibuloc.Add("DyQb0qmcovqZS6xA5Nbq");
Functions.hadibuloc.Add("7HjmPVonDspqmixH2FrJ");
Functions.hadibuloc.Add("EqU8wj6HBrXi5nW9l16l");
Functions.hadibuloc.Add("NI85VXOjCS0dgtylMyt1");
Functions.hadibuloc.Add("zFjG4ZJbkzrZxPwW5C1P");
Functions.hadibuloc.Add("sqkTwAiMc5iMRvam2AHs");
Functions.hadibuloc.Add("Kd2XiFoFdCheMCsD5SNk");
Functions.hadibuloc.Add("2PcWLkcAiLOo4AcM1n6f");
Functions.hadibuloc.Add("fZKaPRgxgb6EGc9A4epo");
Functions.hadibuloc.Add("pJCNj8hiQYd0mSwAAlG9");
Functions.hadibuloc.Add("FHLEOcgR8nZkPETgIau7");
Functions.hadibuloc.Add("fP0IIV133SBrSAhcm2xL");
Functions.hadibuloc.Add("J7dYgJsix1trFydJBCiD");
Functions.hadibuloc.Add("kuy5ZNe3SKh6NNwKsusq");
Functions.hadibuloc.Add("yw35qZxwIPY4vAndktx3");
Functions.hadibuloc.Add("lFIn4TrpaXAL6TUXTfRa");
Functions.hadibuloc.Add("2ajBkzl7mSl08rm0m9qq");
Functions.hadibuloc.Add("rQiGJrCD2qOw2cbTrHdX");
Functions.hadibuloc.Add("08Gm5pOBmKQPIpWw7NIu");
Functions.hadibuloc.Add("WRjgeZMotIAmyiGalpt3");
Functions.hadibuloc.Add("rYy1MGiBLxfMBufX9IJn");
Functions.hadibuloc.Add("LIv4dk2eh1DbWmuP2Xao");
Functions.hadibuloc.Add("xeNNc12ef0pmgBs3rYpV");
Functions.hadibuloc.Add("6IcTB4F0MYf3XEvPZ3Pp");
Functions.hadibuloc.Add("4FEEfd1l5qNsoX7VPkiS");
Functions.hadibuloc.Add("0kGF2Rb8HKT4Spn41RW1");
Functions.hadibuloc.Add("HDEsDvrgokF0b5jgXJ3J");
Functions.hadibuloc.Add("iU1NeT7jYaN7HB8eNn9V");
Functions.hadibuloc.Add("NT4HJ9M77hkWK3TqaFRR");
Functions.hadibuloc.Add("GEFxqMf38desyg3wO1K4");
Functions.hadibuloc.Add("Zgwk37JrBl9o3JMeQtZA");
Functions.hadibuloc.Add("64YkqXguAr8AmWTNKQj3");
Functions.hadibuloc.Add("tGWLK6h9TPrSFSA4ZocS");
Functions.hadibuloc.Add("9yHnDOfweXcCXOp1chBx");
Functions.hadibuloc.Add("LTuAf0bPkFYrQ5TbMD6U");
Functions.hadibuloc.Add("M4k0pUF7P04bLHs6dJV1");
Functions.hadibuloc.Add("x5X0gVtjCe8GDrfOFsaX");
Functions.hadibuloc.Add("BrFjmwvJMKjmLg5mYWRQ");
Functions.hadibuloc.Add("4iAcBuNr58pP2gux67ud");
Functions.hadibuloc.Add("jLuuVi2la7KfxRNNecG5");
Functions.hadibuloc.Add("3QssdnIkbDrMcQWQ2lsb");
Functions.hadibuloc.Add("7wvkS2KuPwCOApEMJW2s");
Functions.hadibuloc.Add("1ZxJdP8JxP4PR1t4yE9D");
Functions.hadibuloc.Add("aFL5rH066RA3eLF6BSrm");
Functions.hadibuloc.Add("pAvKpwz4fc4lmtsbNjHO");
Functions.hadibuloc.Add("ukOhB5O7NxLMgyC0q1rb");
Functions.hadibuloc.Add("69qB4rzAA4BsCYfY3c74");
Functions.hadibuloc.Add("fKYNy6gkdPDyk0pTkkN2");
Functions.hadibuloc.Add("l0SPSH2CeMdpPAa6tVP8");
Functions.hadibuloc.Add("NQkNZKgSFEq8sDHUCLAf");
Functions.hadibuloc.Add("yzM5F818BdeRcC8pHNjB");
Functions.hadibuloc.Add("tj8hZFSq4blLgTdPMlv1");
Functions.hadibuloc.Add("wXP72vnkO9eLMslKSphJ");
Functions.hadibuloc.Add("hdtln0yAp9O2StGrXkZL");
Functions.hadibuloc.Add("Ujvws8KLRf7fyz1oo9Fm");
public static string Uzaksunucudangelenmetnicoz(string metin)
{
string result = "";
try
{
List<string> list = new List<string>();
list.Add("6MRVk2iHrsSWxY739uU6");
list.Add("JNEbV73AIVv01UI4cCN9");
list.Add("fRUzPptifIk7mYhAGuwq");
list.Add("4okJUC1Nv8hT2RjIOlDH");
list.Add("jWJjtopKxt27xbPUmigk");
list.Add("cQiqthahKNnbJXUsXNai");
list.Add("LrGUCKUxIKsbHEoGNoZB");
list.Add("j3UVDV6B5P3ZTewgLs1J");
list.Add("a864WixaWMit6RdbnowV");
list.Add("bLfWxqaXSEsa9uNoDY1z");
list.Add("aTwGuGAL1aDEYLqZdydm");
list.Add("fipquWXp6Fde1l1yoePJ");
list.Add("xEFesiTXtE8GNiJoPURP");
list.Add("z1rleac3uxRnrwrlZ47P");
list.Add("HnauZy36NMCbnKQpBvXy");
list.Add("LsenKihueSeUm5D3vyGm");
list.Add("fBAvk2yApQGD90wPmTuz");
list.Add("kL61T5rai5sq1fPDPQIG");
list.Add("u4lTisX4LxhTouLGiVqv");
list.Add("dhgB32wDm0PgUccGC7vi");
list.Add("pDMQv1GbeU2h3aOP2aFf");
list.Add("Z9tMsKaXoC9569dQWLoH");
list.Add("wwl9YoScNaklEk6lYBRk");
list.Add("61oIv3D0asY8qHcsMvvn");
list.Add("AcUgy8GNAKmUmsi1wJZ2");
list.Add("cxAIFZaLeEYooksNACUm");
list.Add("hXtoz3WI4WWcD15U1HVj");
list.Add("1xU1M828PODASWox3CWc");
list.Add("XGJ6H04SndlopxeuJR2X");
list.Add("7XsDr8tAklPAUhRwgS31");
list.Add("SyUH2DS12ObKTXYzapMm");
list.Add("eyRb3S2EOIfnfHJZImOr");
list.Add("x47P7emhboAYBbSGN9BP");
list.Add("u2hp1Lnq0dJWqh5CXwFx");
list.Add("2DwFQJGsQdd46liK6YfI");
list.Add("qzlgXi9wFVsevBVljM7P");
list.Add("7iaN5LVfWpes5IZtvNJs");
list.Add("BjTUTmlDb9Haj3iiL4H8");
list.Add("E0vZK3rAmSD5TJQYqo06");
list.Add("cV0nXoWnC2qfAF6ijKti");
list.Add("ZnXX4xjkWxyhVzAE5f4T");
list.Add("uiBq4ynA6zVpvYcLG3Rr");
list.Add("iQddCas3XU4Wg1kJd0VG");
list.Add("TbLVNp3vf1d3uVYpNA9V");
list.Add("S9VKQiW7fMONpIZLoiZp");
list.Add("782urFNgLyB4NsVMF5PL");
list.Add("d0FetEyv8Kcpb4xsq4WL");
list.Add("vDxNe5VujuZxfmVWFzDO");
list.Add("eqSfybAFoNRwaWjTwGKl");
list.Add("pme5Rz3bm3afIJUNvGao");
list.Add("5GYm7wSxmD2XTfa1fMW2");
list.Add("G4pMJhDsO95pIAL8cPmS");
list.Add("htdFa3r1vnR3YfHoj518");
list.Add("AVwD2PBtkLy2IC6WPG3x");
list.Add("PCbXpVgmU0psYRcRLhDj");
list.Add("aoHChiGFaFSa4fy5lVcY");
list.Add("nDGKEbbKdNn1qF7YziCT");
list.Add("g9Caz2rzK3BrZM9Yywnk");
list.Add("9MDd0QU1Wasw7PARMzfC");
list.Add("BDTGEK8nSErokxtpx5qI");
list.Add("kAoxMqmbts92s2SvjXCQ");
list.Add("tI2AMshUkr7NvwjWWMWK");
list.Add("wjwPea52QEF5XteTWTBR");
list.Add("6QcQXhY6YhfaBOof38X9");
list.Add("T3ztIItPddcqCa6l4W9q");
list.Add("fk61VH7gogvZqScilAjc");
list.Add("rNiGeeaesugz1EuIhlkA");
list.Add("MUo3726lbUu1noFFdNQL");
list.Add("hXh5Ojy9M2mhscBQIFsU");
list.Add("UOC2A4ql6K0FnExnuy5N");
list.Add("jgQBAXfvMZ4anhRJkrhw");
list.Add("BCaFEzbVQZDSDePt2aOK");
list.Add("WwK7FAI1M3P6iLHChuDe");
list.Add("UyQTMeFsYPFWPmwSsyAn");
list.Add("LCJI9dPxYZUIpbVOLRXa");
list.Add("AljvoFtljUvbetI2uAm8");
list.Add("J9dS4PNwjQY95ZJrWgZK");
list.Add("LNXcRGdEUfZoaFUxYvnz");
list.Add("9TGNyTWYec9O5j77yKH2");
list.Add("0VfAzTM1kSPW1AEPgUgy");
list.Add("oPPBTadoRQuryClE6Set");
list.Add("LK5Taw6rC5LIqD8XlMuw");
list.Add("zydeLNO5dDco6rcniPQo");
list.Add("qorqKozLU6AEK00sij17");
list.Add("em5FrXNJf7dlUrPmMZAb");
list.Add("XGhnM6PUAbF6rqnumKN6");
list.Add("xobFyWikgplryg4zJ71Y");
list.Add("r7xh75Hg3Q1tjzx01zlb");
list.Add("3cUXFakPJAzY8TlO1g6t");
list.Add("ZaM8ELOP57j8wvagTkgj");
list.Add("YZtR13683gxaYnfHt2m2");
list.Add("uXjIph0fYIQUApaDhswh");
list.Add("yDewQ1dWb39AKRszMl2x");
list.Add("8wf1DTnyLhDICzoppHex");
list.Add("ubO0rGOZpD4WMN1zZYMS");
list.Add("iXS26dUzA4NFOAwHgHyg");
list.Add("XOHZ5TOPuMF8YqqWRXb8");
list.Add("oJzOJ5zoZKA6wnHJcJNZ");
list.Add("rzWXMzAgaWwZ2POulBbU");
list.Add("g7LoA9c7fNTnBbTWPBPu");
list.Add("uVCH6x1GfXEkB561Lx61");
list.Add("BJruYhyvqBtXTvZk93ua");
list.Add("uCkfQp4gFBOzlZTM59kn");
list.Add("yZD9B59o92Eqmbe3mJG5");
list.Add("vgdoztnujq9BTPoiQaQP");
list.Add("jfyJazaJJ3HgyUCmbVhN");
list.Add("MoZTMDMVMg3pFE94Q0Hp");
list.Add("sSHRIeqtDRWRIl3hqA50");
list.Add("4Bz3N3tfDwkyckMoJjVO");
list.Add("hBS3Dk5CN2VpWRmtbaxa");
SHA256 sha = SHA256.Create();
byte[] key = sha.ComputeHash(Encoding.ASCII.GetBytes(list[6].Substring(6)));
byte[] iv = new byte[16];
sha.Dispose();
result = Functions.DecryptString(metin, key, iv);
}
catch
{
result = "undefined";
}
return result;
}
public static string DecryptString(string cipherText, byte[] key, byte[] iv)
{
Aes aes = Aes.Create();
aes.Mode = CipherMode.CBC;
byte[] array = new byte[32];
Array.Copy(key, 0, array, 0, 32);
aes.Key = array;
aes.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform transform = aes.CreateDecryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
string result = string.Empty;
try
{
byte[] array2 = Convert.FromBase64String(cipherText);
cryptoStream.Write(array2, 0, array2.Length);
cryptoStream.FlushFinalBlock();
byte[] array3 = memoryStream.ToArray();
result = Encoding.ASCII.GetString(array3, 0, array3.Length);
}
finally
{
memoryStream.Close();
cryptoStream.Close();
}
return result;
}
And this was the old encrytion method :
public static string AES256Hash(string plaintext)
{
SHA256 sha = SHA256.Create();
byte[] key = sha.ComputeHash(Encoding.ASCII.GetBytes(Functions.hadibuloc[87].Substring(8)));
byte[] iv = new byte[16];
sha.Dispose();
return Functions.EncryptString(plaintext, key, iv);
}
public static string EncryptString(string plainText, byte[] key, byte[] iv)
{
Aes aes = Aes.Create();
aes.Mode = CipherMode.CBC;
byte[] array = new byte[32];
Array.Copy(key, 0, array, 0, 32);
aes.Key = array;
aes.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform transform = aes.CreateEncryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
byte[] bytes = Encoding.ASCII.GetBytes(plainText);
cryptoStream.Write(bytes, 0, bytes.Length);
cryptoStream.FlushFinalBlock();
byte[] array2 = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(array2, 0, array2.Length);
}
But as I said these were old codes that used. And I think he used a method that similar to these. I want the method that he used to encrypt. My english is not good if theres and spelling or grammer mistake sorry for that if you didnt understand my question you feel free to ask again.
It will be impossible to determine an encryption algorithm without source code or some amount of reverse engineering. The old encryption uses AES256 in CBC mode, but that is obvious.
If you don't have access to the new code, then you probably shouldn't be attempting this anyways..
In ms SQL server, I have a field text with data look like below:
"!"$$$$$$!#$$$$!!!!! !!!!!!!!!!!!!! "!! ! " !" ! !" !!!! ! !!"!".
I belive that from a plain text string, they using a Rijndael algorithm to encrypted this string. from encrypted string, it was transform to string above.
Can anyone recognize what the algorithm to decrypt from string above to the encrypted string of Rijndael algorithm?
thanks
Hi me drona please find the below code. It will useful from you.
public static class Encrypt
{
// This size of the IV (in bytes) must = (keysize / 8). Default keysize is 256, so the IV must be
// 32 bytes long. Using a 16 character string here gives us 32 bytes when converted to a byte array.
private const string initVector = "pemgail9uzpgzl88";
// This constant is used to determine the keysize of the encryption algorithm
private const int keysize = 256;
//Encrypt
public static string EncryptString(string plainText, string passPhrase)
{
byte[] initVectorBytes = Encoding.UTF8.GetBytes(initVector);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(cipherTextBytes);
}
//Decrypt
public static string DecryptString(string cipherText, string passPhrase)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
enter code here
I am trying to establish a connection to a Server using MD5 Authentication.
The server returns me the challenge key.
How can I use it to encrypt my password and send it back to the server.
The encryption method currently I know needs Password Hash, Salt Key, and VI Code.
How Can I make it .
static readonly string PasswordHash = "PasswordHash";
static readonly string SaltKey = "SaltKey";
static readonly string VIKey = "#1B2c3D4e5F6g7H8";
public static string Encrypt(string plainText)
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(256 / 8);
var symmetricKey = new RijndaelManaged() { Mode = CipherMode.CBC, Padding = PaddingMode.Zeros };
var encryptor = symmetricKey.CreateEncryptor(keyBytes, Encoding.ASCII.GetBytes(VIKey));
byte[] cipherTextBytes;
using (var memoryStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
cipherTextBytes = memoryStream.ToArray();
cryptoStream.Close();
}
memoryStream.Close();
}
return Convert.ToBase64String(cipherTextBytes);
Only part of the string is getting decrypted, i think it has to do with my encoding.
Here is what happens:
string s = "The brown fox jumped over the green frog";
string k = "urieurut";
string enc = EncryptString(s, k);
string dec = DecryptString(enc, k);
The RESULT is this: The brown fox juϼ㴘裴혽Ή⪻ㆉr th≸ g⟤een frog
public static string EncryptString(string stringToEncrypt, string encryptionKey)
{
string encrypted = String.Empty;
UnicodeEncoding UE = new UnicodeEncoding();
byte[] key = UE.GetBytes(encryptionKey);
RijndaelManaged RMCrypto = new RijndaelManaged();
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, RMCrypto.CreateEncryptor(key, key), CryptoStreamMode.Write);
byte[] encryptedString = UE.GetBytes(stringToEncrypt);
cs.Write(encryptedString, 0, encryptedString.Length);
cs.FlushFinalBlock();
cs.Close();
encrypted = UE.GetString(ms.ToArray());
return encrypted;
}
public static string DecryptString(string stringToDecrypt, string encryptionKey)
{
string decrypted = String.Empty;
UnicodeEncoding UE = new UnicodeEncoding();
byte[] key = UE.GetBytes(encryptionKey);
byte[] data = UE.GetBytes(stringToDecrypt);
RijndaelManaged RMCrypto = new RijndaelManaged();
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, RMCrypto.CreateDecryptor(key, key), CryptoStreamMode.Write);
cs.Write(data, 0, data.Length);
cs.FlushFinalBlock();
cs.Close();
decrypted = UE.GetString(ms.ToArray());
return decrypted;
}
Here you go:
string s = "The brown fox jumped over the green frog";
string k = "urieurut";
byte[] enc = EncryptString(s, k);
string dec = DecryptString(enc, k);
You can't attempt to interpret an encrypted bunch of bytes as a Unicode string. Keep them as bytes. The decrypted version can be converted back to string.
Also note the disposing of disposable objects below. You could wind up with some resources being held too long or leak if you don't release them properly with using() or Dispose().
public static byte[] EncryptString(string stringToEncrypt, string encryptionKey)
{
UnicodeEncoding UE = new UnicodeEncoding();
byte[] key = UE.GetBytes(encryptionKey);
using (RijndaelManaged RMCrypto = new RijndaelManaged())
using (MemoryStream ms = new MemoryStream())
using (ICryptoTransform encryptor = RMCrypto.CreateEncryptor(key, key))
using (CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
byte[] encryptedString = UE.GetBytes(stringToEncrypt);
cs.Write(encryptedString, 0, encryptedString.Length);
cs.FlushFinalBlock();
return ms.ToArray();
}
}
public static string DecryptString(byte[] stringToDecrypt, string encryptionKey)
{
UnicodeEncoding UE = new UnicodeEncoding();
byte[] key = UE.GetBytes(encryptionKey);
using (RijndaelManaged RMCrypto = new RijndaelManaged())
using (MemoryStream ms = new MemoryStream())
using (ICryptoTransform decryptor = RMCrypto.CreateDecryptor(key, key))
using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write))
{
cs.Write(stringToDecrypt, 0, stringToDecrypt.Length);
cs.FlushFinalBlock();
return UE.GetString(ms.ToArray());
}
}
I solved my issue by using base64 string for the encryption - i may look at other options but i only needed these methods for a small amount of data, here is the final code:
public static string EncryptString(string stringToEncrypt, string encryptionKey)
{
string encrypted = String.Empty;
byte[] key = Encoding.Unicode.GetBytes(encryptionKey);
RijndaelManaged RMCrypto = new RijndaelManaged();
RMCrypto.Padding = PaddingMode.PKCS7;
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, RMCrypto.CreateEncryptor(key, key), CryptoStreamMode.Write);
byte[] encryptedString = Encoding.ASCII.GetBytes(stringToEncrypt);
cs.Write(encryptedString, 0, encryptedString.Length);
cs.FlushFinalBlock();
cs.Close();
//encrypted = Encoding.ASCII.GetString(ms.ToArray());
return Convert.ToBase64String(ms.ToArray());
}
public static string DecryptString(string stringToDecrypt, string encryptionKey)
{
string decrypted = String.Empty;
byte[] key = Encoding.Unicode.GetBytes(encryptionKey);
byte[] data = Convert.FromBase64String(stringToDecrypt);
RijndaelManaged RMCrypto = new RijndaelManaged();
RMCrypto.Padding = PaddingMode.PKCS7;
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, RMCrypto.CreateDecryptor(key, key), CryptoStreamMode.Write);
cs.Write(data, 0, data.Length);
cs.FlushFinalBlock();
cs.Close();
decrypted = Encoding.ASCII.GetString(ms.ToArray());
return decrypted;
}
Not sure about your specific code chunk, but Jeff Atwood did a nice little library that I've used before:
http://www.codeproject.com/KB/security/SimpleEncryption.aspx
It's worth a look as it simplifies the process of encrypting things a lot, I actually had to port to C# as there wasn't a port available when I saw it. However there is now a C# port (in the comments section).