I am trying to establish a connection to a Server using MD5 Authentication.
The server returns me the challenge key.
How can I use it to encrypt my password and send it back to the server.
The encryption method currently I know needs Password Hash, Salt Key, and VI Code.
How Can I make it .
static readonly string PasswordHash = "PasswordHash";
static readonly string SaltKey = "SaltKey";
static readonly string VIKey = "#1B2c3D4e5F6g7H8";
public static string Encrypt(string plainText)
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(256 / 8);
var symmetricKey = new RijndaelManaged() { Mode = CipherMode.CBC, Padding = PaddingMode.Zeros };
var encryptor = symmetricKey.CreateEncryptor(keyBytes, Encoding.ASCII.GetBytes(VIKey));
byte[] cipherTextBytes;
using (var memoryStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
cipherTextBytes = memoryStream.ToArray();
cryptoStream.Close();
}
memoryStream.Close();
}
return Convert.ToBase64String(cipherTextBytes);
Related
C#
public void start()
{
Constants.APIENCRYPTKEY = Convert.ToBase64String(Encoding.Default.GetBytes(Session(32)));
Constants.APIENCRYPTSALT = Convert.ToBase64String(Encoding.Default.GetBytes(Session(16)));
string results = EncryptService("start");
}
private static string Session(int length)
{
Random random = new Random();
const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
public static string DecryptService(string value)
{
string message = value;
string password = Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTKEY));
SHA256 mySHA256 = SHA256Managed.Create();
byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password));
byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTSALT)));
string decrypted = DecryptString(message, key, iv);
return decrypted;
}
public static string DecryptString(string cipherText, byte[] key, byte[] iv)
{
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.CBC;
encryptor.Key = key;
encryptor.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform aesDecryptor = encryptor.CreateDecryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesDecryptor, CryptoStreamMode.Write);
string plainText = String.Empty;
try
{
byte[] cipherBytes = Convert.FromBase64String(cipherText);
cryptoStream.Write(cipherBytes, 0, cipherBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] plainBytes = memoryStream.ToArray();
plainText = Encoding.ASCII.GetString(plainBytes, 0, plainBytes.Length);
}
finally
{
memoryStream.Close();
cryptoStream.Close();
}
return plainText;
}
public static string EncryptService(string value)
{
string message = value;
string password = Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTKEY));
SHA256 mySHA256 = SHA256Managed.Create();
byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password));
byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(Constants.APIENCRYPTSALT)));
string encrypted = EncryptString(message, key, iv);
int property = Int32.Parse((OnProgramStart.AID.Substring(0, 2)));
string final = encrypted + Security.Obfuscate(property);
return final;
}
public static string EncryptString(string plainText, byte[] key, byte[] iv)
{
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.CBC;
encryptor.Key = key;
encryptor.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write);
byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length);
return cipherText;
}
This is what I got so far in PHP
function decrypt_string($msg='', $salt='', $key='')
{
$key = utf8_encode(base64_decode($key));
$key = hash('sha256', $key);
$salt = utf8_encode(base64_decode($salt));
$salt = EncodingASCII($salt);
$method = 'aes-256-cbc';
$msg = openssl_decrypt($msg, $method, $key, OPENSSL_RAW_DATA, $salt);
return $msg;
}
The encrypt and decrypt works perfect on c#, but I can't get it to decrypt on php. Haven't attempted to make the encrypt in php yet. My c# application calls on the php script with a encrypted data and needs to be decrypted on the php side then encrypted data sent back to the c# application.
I have got a string for you guys.
Normal string = nmrufETK
Encrypted string = ultYIi4GtHhb//Cl0J8wIg==
Here is the things that I know so far, the old decyrption method was :
public static List<string> hadibuloc = new List<string>();
Functions.hadibuloc.Add("OZt4nd8ZZpAEnZBdU3Z7");
Functions.hadibuloc.Add("fkheb1PFtPIKTi05Zpzz");
Functions.hadibuloc.Add("0kx96D8OzZ3rznUk4qyi");
Functions.hadibuloc.Add("TgAji9cqMALlhJV12elB");
Functions.hadibuloc.Add("0XQ3XXjUo3HTzzevUmDm");
Functions.hadibuloc.Add("F3Ib4qRHXDgQwoJyhWra");
Functions.hadibuloc.Add("eRWoJ0s1B0uln8fFgxqX");
Functions.hadibuloc.Add("iUE0FKl2Ntawpt6sbV7u");
Functions.hadibuloc.Add("me9fMa0WTreWRrmYpBh7");
Functions.hadibuloc.Add("kyJB0qCUq269fzREzRxD");
Functions.hadibuloc.Add("WnTufxOov40st4L6qZF9");
Functions.hadibuloc.Add("7csfQq3YunqM9ziygmw8");
Functions.hadibuloc.Add("EyqWVpgOvZkyJCAmlgCh");
Functions.hadibuloc.Add("D2RAYhyatrMYrZjLdlqL");
Functions.hadibuloc.Add("nSdcM6NAAyekiwYHQqZl");
Functions.hadibuloc.Add("B3RPgAHYEpwKsFCkrLSq");
Functions.hadibuloc.Add("JgQuRU88IQC5Z77JUTiD");
Functions.hadibuloc.Add("v57wd6YIJTGhettATB8L");
Functions.hadibuloc.Add("Qzc1nrxQwuIOMrGynhXu");
Functions.hadibuloc.Add("ad5AKkogV91AfmdNwkEO");
Functions.hadibuloc.Add("vaG2jNiDHa5p18hazzyZ");
Functions.hadibuloc.Add("BbYJbJOcX4w5F84nrWYl");
Functions.hadibuloc.Add("QGMq1ffFpBV64UpWeLCP");
Functions.hadibuloc.Add("lrLJqwoJGAuwmqA12MWR");
Functions.hadibuloc.Add("VFqyK09HS3920srKbBvp");
Functions.hadibuloc.Add("wVjVwspocrBWWAnFz53M");
Functions.hadibuloc.Add("oGMgDdEBpy8vHa5RZQHa");
Functions.hadibuloc.Add("BAUsGUgYBvi7tGMJRmy6");
Functions.hadibuloc.Add("l1nEhAHzWbRlGQeOi9pz");
Functions.hadibuloc.Add("PLpbqWSUnkAoLJam79cD");
Functions.hadibuloc.Add("SWbChkYzbfB0XKKcE1wb");
Functions.hadibuloc.Add("ZRlERlOLlbbW7l4u4SLB");
Functions.hadibuloc.Add("4FaDBRIw2bRkeqLALQwq");
Functions.hadibuloc.Add("Z3Yb3QdFgAbOUMD4TT2E");
Functions.hadibuloc.Add("0QjIrotDsTJrBMVOUGEx");
Functions.hadibuloc.Add("rrBABwOTnnjoZH81Y10w");
Functions.hadibuloc.Add("Ig8OIDYp7SaHel8gQhYE");
Functions.hadibuloc.Add("Zkcq9DLCmmMb2pvgsnox");
Functions.hadibuloc.Add("Ta9QRpW1vH3vYNaWDuaT");
Functions.hadibuloc.Add("I5B3gCvXSrgfg7aKdyJ8");
Functions.hadibuloc.Add("F5U7PteCDqjtT2YYMbte");
Functions.hadibuloc.Add("NOzV5qhSRxEmEwHGrjSv");
Functions.hadibuloc.Add("9Ocg4R5TAqIQLJVY9aJA");
Functions.hadibuloc.Add("AoXect0Wd914NAKW957w");
Functions.hadibuloc.Add("ebNIGbCQ5e4vRkoKQ4SN");
Functions.hadibuloc.Add("DyQb0qmcovqZS6xA5Nbq");
Functions.hadibuloc.Add("7HjmPVonDspqmixH2FrJ");
Functions.hadibuloc.Add("EqU8wj6HBrXi5nW9l16l");
Functions.hadibuloc.Add("NI85VXOjCS0dgtylMyt1");
Functions.hadibuloc.Add("zFjG4ZJbkzrZxPwW5C1P");
Functions.hadibuloc.Add("sqkTwAiMc5iMRvam2AHs");
Functions.hadibuloc.Add("Kd2XiFoFdCheMCsD5SNk");
Functions.hadibuloc.Add("2PcWLkcAiLOo4AcM1n6f");
Functions.hadibuloc.Add("fZKaPRgxgb6EGc9A4epo");
Functions.hadibuloc.Add("pJCNj8hiQYd0mSwAAlG9");
Functions.hadibuloc.Add("FHLEOcgR8nZkPETgIau7");
Functions.hadibuloc.Add("fP0IIV133SBrSAhcm2xL");
Functions.hadibuloc.Add("J7dYgJsix1trFydJBCiD");
Functions.hadibuloc.Add("kuy5ZNe3SKh6NNwKsusq");
Functions.hadibuloc.Add("yw35qZxwIPY4vAndktx3");
Functions.hadibuloc.Add("lFIn4TrpaXAL6TUXTfRa");
Functions.hadibuloc.Add("2ajBkzl7mSl08rm0m9qq");
Functions.hadibuloc.Add("rQiGJrCD2qOw2cbTrHdX");
Functions.hadibuloc.Add("08Gm5pOBmKQPIpWw7NIu");
Functions.hadibuloc.Add("WRjgeZMotIAmyiGalpt3");
Functions.hadibuloc.Add("rYy1MGiBLxfMBufX9IJn");
Functions.hadibuloc.Add("LIv4dk2eh1DbWmuP2Xao");
Functions.hadibuloc.Add("xeNNc12ef0pmgBs3rYpV");
Functions.hadibuloc.Add("6IcTB4F0MYf3XEvPZ3Pp");
Functions.hadibuloc.Add("4FEEfd1l5qNsoX7VPkiS");
Functions.hadibuloc.Add("0kGF2Rb8HKT4Spn41RW1");
Functions.hadibuloc.Add("HDEsDvrgokF0b5jgXJ3J");
Functions.hadibuloc.Add("iU1NeT7jYaN7HB8eNn9V");
Functions.hadibuloc.Add("NT4HJ9M77hkWK3TqaFRR");
Functions.hadibuloc.Add("GEFxqMf38desyg3wO1K4");
Functions.hadibuloc.Add("Zgwk37JrBl9o3JMeQtZA");
Functions.hadibuloc.Add("64YkqXguAr8AmWTNKQj3");
Functions.hadibuloc.Add("tGWLK6h9TPrSFSA4ZocS");
Functions.hadibuloc.Add("9yHnDOfweXcCXOp1chBx");
Functions.hadibuloc.Add("LTuAf0bPkFYrQ5TbMD6U");
Functions.hadibuloc.Add("M4k0pUF7P04bLHs6dJV1");
Functions.hadibuloc.Add("x5X0gVtjCe8GDrfOFsaX");
Functions.hadibuloc.Add("BrFjmwvJMKjmLg5mYWRQ");
Functions.hadibuloc.Add("4iAcBuNr58pP2gux67ud");
Functions.hadibuloc.Add("jLuuVi2la7KfxRNNecG5");
Functions.hadibuloc.Add("3QssdnIkbDrMcQWQ2lsb");
Functions.hadibuloc.Add("7wvkS2KuPwCOApEMJW2s");
Functions.hadibuloc.Add("1ZxJdP8JxP4PR1t4yE9D");
Functions.hadibuloc.Add("aFL5rH066RA3eLF6BSrm");
Functions.hadibuloc.Add("pAvKpwz4fc4lmtsbNjHO");
Functions.hadibuloc.Add("ukOhB5O7NxLMgyC0q1rb");
Functions.hadibuloc.Add("69qB4rzAA4BsCYfY3c74");
Functions.hadibuloc.Add("fKYNy6gkdPDyk0pTkkN2");
Functions.hadibuloc.Add("l0SPSH2CeMdpPAa6tVP8");
Functions.hadibuloc.Add("NQkNZKgSFEq8sDHUCLAf");
Functions.hadibuloc.Add("yzM5F818BdeRcC8pHNjB");
Functions.hadibuloc.Add("tj8hZFSq4blLgTdPMlv1");
Functions.hadibuloc.Add("wXP72vnkO9eLMslKSphJ");
Functions.hadibuloc.Add("hdtln0yAp9O2StGrXkZL");
Functions.hadibuloc.Add("Ujvws8KLRf7fyz1oo9Fm");
public static string Uzaksunucudangelenmetnicoz(string metin)
{
string result = "";
try
{
List<string> list = new List<string>();
list.Add("6MRVk2iHrsSWxY739uU6");
list.Add("JNEbV73AIVv01UI4cCN9");
list.Add("fRUzPptifIk7mYhAGuwq");
list.Add("4okJUC1Nv8hT2RjIOlDH");
list.Add("jWJjtopKxt27xbPUmigk");
list.Add("cQiqthahKNnbJXUsXNai");
list.Add("LrGUCKUxIKsbHEoGNoZB");
list.Add("j3UVDV6B5P3ZTewgLs1J");
list.Add("a864WixaWMit6RdbnowV");
list.Add("bLfWxqaXSEsa9uNoDY1z");
list.Add("aTwGuGAL1aDEYLqZdydm");
list.Add("fipquWXp6Fde1l1yoePJ");
list.Add("xEFesiTXtE8GNiJoPURP");
list.Add("z1rleac3uxRnrwrlZ47P");
list.Add("HnauZy36NMCbnKQpBvXy");
list.Add("LsenKihueSeUm5D3vyGm");
list.Add("fBAvk2yApQGD90wPmTuz");
list.Add("kL61T5rai5sq1fPDPQIG");
list.Add("u4lTisX4LxhTouLGiVqv");
list.Add("dhgB32wDm0PgUccGC7vi");
list.Add("pDMQv1GbeU2h3aOP2aFf");
list.Add("Z9tMsKaXoC9569dQWLoH");
list.Add("wwl9YoScNaklEk6lYBRk");
list.Add("61oIv3D0asY8qHcsMvvn");
list.Add("AcUgy8GNAKmUmsi1wJZ2");
list.Add("cxAIFZaLeEYooksNACUm");
list.Add("hXtoz3WI4WWcD15U1HVj");
list.Add("1xU1M828PODASWox3CWc");
list.Add("XGJ6H04SndlopxeuJR2X");
list.Add("7XsDr8tAklPAUhRwgS31");
list.Add("SyUH2DS12ObKTXYzapMm");
list.Add("eyRb3S2EOIfnfHJZImOr");
list.Add("x47P7emhboAYBbSGN9BP");
list.Add("u2hp1Lnq0dJWqh5CXwFx");
list.Add("2DwFQJGsQdd46liK6YfI");
list.Add("qzlgXi9wFVsevBVljM7P");
list.Add("7iaN5LVfWpes5IZtvNJs");
list.Add("BjTUTmlDb9Haj3iiL4H8");
list.Add("E0vZK3rAmSD5TJQYqo06");
list.Add("cV0nXoWnC2qfAF6ijKti");
list.Add("ZnXX4xjkWxyhVzAE5f4T");
list.Add("uiBq4ynA6zVpvYcLG3Rr");
list.Add("iQddCas3XU4Wg1kJd0VG");
list.Add("TbLVNp3vf1d3uVYpNA9V");
list.Add("S9VKQiW7fMONpIZLoiZp");
list.Add("782urFNgLyB4NsVMF5PL");
list.Add("d0FetEyv8Kcpb4xsq4WL");
list.Add("vDxNe5VujuZxfmVWFzDO");
list.Add("eqSfybAFoNRwaWjTwGKl");
list.Add("pme5Rz3bm3afIJUNvGao");
list.Add("5GYm7wSxmD2XTfa1fMW2");
list.Add("G4pMJhDsO95pIAL8cPmS");
list.Add("htdFa3r1vnR3YfHoj518");
list.Add("AVwD2PBtkLy2IC6WPG3x");
list.Add("PCbXpVgmU0psYRcRLhDj");
list.Add("aoHChiGFaFSa4fy5lVcY");
list.Add("nDGKEbbKdNn1qF7YziCT");
list.Add("g9Caz2rzK3BrZM9Yywnk");
list.Add("9MDd0QU1Wasw7PARMzfC");
list.Add("BDTGEK8nSErokxtpx5qI");
list.Add("kAoxMqmbts92s2SvjXCQ");
list.Add("tI2AMshUkr7NvwjWWMWK");
list.Add("wjwPea52QEF5XteTWTBR");
list.Add("6QcQXhY6YhfaBOof38X9");
list.Add("T3ztIItPddcqCa6l4W9q");
list.Add("fk61VH7gogvZqScilAjc");
list.Add("rNiGeeaesugz1EuIhlkA");
list.Add("MUo3726lbUu1noFFdNQL");
list.Add("hXh5Ojy9M2mhscBQIFsU");
list.Add("UOC2A4ql6K0FnExnuy5N");
list.Add("jgQBAXfvMZ4anhRJkrhw");
list.Add("BCaFEzbVQZDSDePt2aOK");
list.Add("WwK7FAI1M3P6iLHChuDe");
list.Add("UyQTMeFsYPFWPmwSsyAn");
list.Add("LCJI9dPxYZUIpbVOLRXa");
list.Add("AljvoFtljUvbetI2uAm8");
list.Add("J9dS4PNwjQY95ZJrWgZK");
list.Add("LNXcRGdEUfZoaFUxYvnz");
list.Add("9TGNyTWYec9O5j77yKH2");
list.Add("0VfAzTM1kSPW1AEPgUgy");
list.Add("oPPBTadoRQuryClE6Set");
list.Add("LK5Taw6rC5LIqD8XlMuw");
list.Add("zydeLNO5dDco6rcniPQo");
list.Add("qorqKozLU6AEK00sij17");
list.Add("em5FrXNJf7dlUrPmMZAb");
list.Add("XGhnM6PUAbF6rqnumKN6");
list.Add("xobFyWikgplryg4zJ71Y");
list.Add("r7xh75Hg3Q1tjzx01zlb");
list.Add("3cUXFakPJAzY8TlO1g6t");
list.Add("ZaM8ELOP57j8wvagTkgj");
list.Add("YZtR13683gxaYnfHt2m2");
list.Add("uXjIph0fYIQUApaDhswh");
list.Add("yDewQ1dWb39AKRszMl2x");
list.Add("8wf1DTnyLhDICzoppHex");
list.Add("ubO0rGOZpD4WMN1zZYMS");
list.Add("iXS26dUzA4NFOAwHgHyg");
list.Add("XOHZ5TOPuMF8YqqWRXb8");
list.Add("oJzOJ5zoZKA6wnHJcJNZ");
list.Add("rzWXMzAgaWwZ2POulBbU");
list.Add("g7LoA9c7fNTnBbTWPBPu");
list.Add("uVCH6x1GfXEkB561Lx61");
list.Add("BJruYhyvqBtXTvZk93ua");
list.Add("uCkfQp4gFBOzlZTM59kn");
list.Add("yZD9B59o92Eqmbe3mJG5");
list.Add("vgdoztnujq9BTPoiQaQP");
list.Add("jfyJazaJJ3HgyUCmbVhN");
list.Add("MoZTMDMVMg3pFE94Q0Hp");
list.Add("sSHRIeqtDRWRIl3hqA50");
list.Add("4Bz3N3tfDwkyckMoJjVO");
list.Add("hBS3Dk5CN2VpWRmtbaxa");
SHA256 sha = SHA256.Create();
byte[] key = sha.ComputeHash(Encoding.ASCII.GetBytes(list[6].Substring(6)));
byte[] iv = new byte[16];
sha.Dispose();
result = Functions.DecryptString(metin, key, iv);
}
catch
{
result = "undefined";
}
return result;
}
public static string DecryptString(string cipherText, byte[] key, byte[] iv)
{
Aes aes = Aes.Create();
aes.Mode = CipherMode.CBC;
byte[] array = new byte[32];
Array.Copy(key, 0, array, 0, 32);
aes.Key = array;
aes.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform transform = aes.CreateDecryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
string result = string.Empty;
try
{
byte[] array2 = Convert.FromBase64String(cipherText);
cryptoStream.Write(array2, 0, array2.Length);
cryptoStream.FlushFinalBlock();
byte[] array3 = memoryStream.ToArray();
result = Encoding.ASCII.GetString(array3, 0, array3.Length);
}
finally
{
memoryStream.Close();
cryptoStream.Close();
}
return result;
}
And this was the old encrytion method :
public static string AES256Hash(string plaintext)
{
SHA256 sha = SHA256.Create();
byte[] key = sha.ComputeHash(Encoding.ASCII.GetBytes(Functions.hadibuloc[87].Substring(8)));
byte[] iv = new byte[16];
sha.Dispose();
return Functions.EncryptString(plaintext, key, iv);
}
public static string EncryptString(string plainText, byte[] key, byte[] iv)
{
Aes aes = Aes.Create();
aes.Mode = CipherMode.CBC;
byte[] array = new byte[32];
Array.Copy(key, 0, array, 0, 32);
aes.Key = array;
aes.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform transform = aes.CreateEncryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
byte[] bytes = Encoding.ASCII.GetBytes(plainText);
cryptoStream.Write(bytes, 0, bytes.Length);
cryptoStream.FlushFinalBlock();
byte[] array2 = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(array2, 0, array2.Length);
}
But as I said these were old codes that used. And I think he used a method that similar to these. I want the method that he used to encrypt. My english is not good if theres and spelling or grammer mistake sorry for that if you didnt understand my question you feel free to ask again.
It will be impossible to determine an encryption algorithm without source code or some amount of reverse engineering. The old encryption uses AES256 in CBC mode, but that is obvious.
If you don't have access to the new code, then you probably shouldn't be attempting this anyways..
In ms SQL server, I have a field text with data look like below:
"!"$$$$$$!#$$$$!!!!! !!!!!!!!!!!!!! "!! ! " !" ! !" !!!! ! !!"!".
I belive that from a plain text string, they using a Rijndael algorithm to encrypted this string. from encrypted string, it was transform to string above.
Can anyone recognize what the algorithm to decrypt from string above to the encrypted string of Rijndael algorithm?
thanks
Hi me drona please find the below code. It will useful from you.
public static class Encrypt
{
// This size of the IV (in bytes) must = (keysize / 8). Default keysize is 256, so the IV must be
// 32 bytes long. Using a 16 character string here gives us 32 bytes when converted to a byte array.
private const string initVector = "pemgail9uzpgzl88";
// This constant is used to determine the keysize of the encryption algorithm
private const int keysize = 256;
//Encrypt
public static string EncryptString(string plainText, string passPhrase)
{
byte[] initVectorBytes = Encoding.UTF8.GetBytes(initVector);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(cipherTextBytes);
}
//Decrypt
public static string DecryptString(string cipherText, string passPhrase)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
enter code here
when i use this code to encrypt and decrypt i got an error said
Padding is invalid and cannot be removed.
any idea
public static class Crypto
{
private static readonly byte[] initVectorBytes = Encoding.ASCII.GetBytes("tu89geji340t89u2");
// This constant is used to determine the keysize of the encryption algorithm.
private const int keysize = 256;
public static string Encrypt(string plainText, string passPhrase)
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
using (PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null))
{
byte[] keyBytes = password.GetBytes(keysize / 8);
using (RijndaelManaged symmetricKey = new RijndaelManaged())
{
symmetricKey.Mode = CipherMode.CBC;
using (ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes))
{
using (MemoryStream memoryStream = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
return Convert.ToBase64String(cipherTextBytes);
}
}
}
}
}
}
public static string Decrypt(string cipherText, string passPhrase)
{
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
using (PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null))
{
byte[] keyBytes = password.GetBytes(keysize / 8);
using (RijndaelManaged symmetricKey = new RijndaelManaged())
{
symmetricKey.Mode = CipherMode.CBC;
using (ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes))
{
using (MemoryStream memoryStream = new MemoryStream(cipherTextBytes))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
{
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
}
}
}
}
}
}
I tried the following using your methods and it worked fine:
var passPhrase = "123456";
var e = Encrypt("testtesttesttest", passPhrase);
Console.WriteLine(e); // YEtSJshcn686ZO+JlEQ48ap/odhuvIGalbAT1XhinqQ=
var d = Decrypt(e, passPhrase);
Console.WriteLine(d); // testtesttesttest
This suggests that you're either passing a different passPhrase to Decrypt() to the one you passed to Encrypt(), or that you are somehow corrupting the ciphertext prior to decryption. (Are you perhaps calling Decrypt with the ciphertext and passphrase parameters reversed?)
It's also worth noting that essentially everything in the comments at the top of your code is wrong:
You're not passing any salt to PasswordDeriveBytes.
The size of the IV must be equal to the block size (16 bytes), it is unrelated to the key size used.
Passing a 16 character string through Encoding.ASCII.GetBytes() results in a 16 byte output, not 32 bytes. (This rather coincidentally means that your initVectorBytes is in fact the correct length for the IV).
Furthermore, PasswordDeriveBytes is deprecated and should not be used. You should be using Rfc2898DeriveBytes instead, and you should be using a proper salt value. The IV should also not be a static value, and definitely not one derived from an ASCII string!
my doubt is about the key to decrypt a encrypted string, without the same key used to encrypt the string i dont get the original string ok, but I need to protect this key not use her in hardcode because any hacker could decompiling a dll and see this key, if I to store this key in any archive, the hacker could copy this archive and my method and decrypt my text, how can i prevent this attack? following my code implementation, here the salt and key are static I'm trying to think in anyway to safe these datas
private static byte[] salt = new byte[255];
private static byte[] key;
internal static string EncryptString(string InputText)
{
System.Security.Cryptography.RijndaelManaged RijndaelCipher =
new System.Security.Cryptography.RijndaelManaged();
RNGCryptoServiceProvider rcs = new RNGCryptoServiceProvider();
rcs.GetBytes(salt);
key = RijndaelCipher.Key;
byte[] plainText = System.Text.Encoding.Unicode.GetBytes(InputText);
System.Security.Cryptography.PasswordDeriveBytes SecretKey =
new System.Security.Cryptography.PasswordDeriveBytes(RijndaelCipher.Key, salt);
System.Security.Cryptography.ICryptoTransform Encryptor =
RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
System.IO.MemoryStream memoryStream = new System.IO.MemoryStream();
System.Security.Cryptography.CryptoStream cryptoStream =
new System.Security.Cryptography.CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainText, 0, plainText.Length);
cryptoStream.FlushFinalBlock();
byte[] CipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string EncryptedData = Convert.ToBase64String(CipherBytes);
return EncryptedData;
}
internal static string DecryptString(string text)
{
System.Security.Cryptography.RijndaelManaged RijndaelCipher =
new System.Security.Cryptography.RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(text);
System.Security.Cryptography.PasswordDeriveBytes SecretKey =
new System.Security.Cryptography.PasswordDeriveBytes(RijndaelCipher.Key, salt);
ICryptoTransform Decryptor =
RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
System.IO.MemoryStream memoryStream = new System.IO.MemoryStream(EncryptedData);
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
byte[] PlainText = new byte[EncryptedData.Length];
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
cryptoStream.Close();
string DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
return DecryptedData;
}
#endregion
}