System.Security.Cryptography.Aes Class
-
I am trying to encrypt and decrypt some text using System.Security.Cryptography.Aes.[^]. Here's my Console app:
var password = "thisIsAReallllllllyLongPasswordForTesting";
var passPhrase = "E546C8DF278CD5931069B522E695D4F2";
var initVector = "HR$2pIjHR$2pIj12";
var encrypted = Cryptography.EncryptString(password, passPhrase, initVector);Console.WriteLine("Encrypted password");
Console.WriteLine(encrypted.ToString());string decrypted = Cryptography.DecryptString(encrypted, passPhrase, initVector);
Console.WriteLine("decrypted password");
Console.WriteLine(decrypted);Here's my crypto class:
public static class Cryptography
{
public static string EncryptString(string plainText, string passPhrase, string initVector)
{
string encrypted = "";// Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetBytes(initVector); // Create a new MemoryStream object to contain the encrypted bytes. using (var memoryStream = new MemoryStream()) { // Create a CryptoStream object to perform the encryption. using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)) { // Encrypt the plaintext. using (var streamWriter = new StreamWriter(cryptoStream)) { streamWriter.Write(plainText); } encrypted = Encoding.UTF8.GetString(memoryStream.ToArray()); } } } return encrypted; } public static string DecryptString(string encryptedText, string passPhrase, string initVector) { string decrypted; // Convert the input string to bytes var inputBytes = Encoding.ASCII.GetBytes(encryptedText); //PadToMultipleOf(ref inputBytes, 16); // Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.Get -
I am trying to encrypt and decrypt some text using System.Security.Cryptography.Aes.[^]. Here's my Console app:
var password = "thisIsAReallllllllyLongPasswordForTesting";
var passPhrase = "E546C8DF278CD5931069B522E695D4F2";
var initVector = "HR$2pIjHR$2pIj12";
var encrypted = Cryptography.EncryptString(password, passPhrase, initVector);Console.WriteLine("Encrypted password");
Console.WriteLine(encrypted.ToString());string decrypted = Cryptography.DecryptString(encrypted, passPhrase, initVector);
Console.WriteLine("decrypted password");
Console.WriteLine(decrypted);Here's my crypto class:
public static class Cryptography
{
public static string EncryptString(string plainText, string passPhrase, string initVector)
{
string encrypted = "";// Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetBytes(initVector); // Create a new MemoryStream object to contain the encrypted bytes. using (var memoryStream = new MemoryStream()) { // Create a CryptoStream object to perform the encryption. using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)) { // Encrypt the plaintext. using (var streamWriter = new StreamWriter(cryptoStream)) { streamWriter.Write(plainText); } encrypted = Encoding.UTF8.GetString(memoryStream.ToArray()); } } } return encrypted; } public static string DecryptString(string encryptedText, string passPhrase, string initVector) { string decrypted; // Convert the input string to bytes var inputBytes = Encoding.ASCII.GetBytes(encryptedText); //PadToMultipleOf(ref inputBytes, 16); // Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetYou need to pad the input buffer BEFORE encrypting it, to get the length of the encrypted text right. There are a bunch of different things you can use for padding. Google something like "AES padding" to see what's acceptable to the implementation.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
-
I am trying to encrypt and decrypt some text using System.Security.Cryptography.Aes.[^]. Here's my Console app:
var password = "thisIsAReallllllllyLongPasswordForTesting";
var passPhrase = "E546C8DF278CD5931069B522E695D4F2";
var initVector = "HR$2pIjHR$2pIj12";
var encrypted = Cryptography.EncryptString(password, passPhrase, initVector);Console.WriteLine("Encrypted password");
Console.WriteLine(encrypted.ToString());string decrypted = Cryptography.DecryptString(encrypted, passPhrase, initVector);
Console.WriteLine("decrypted password");
Console.WriteLine(decrypted);Here's my crypto class:
public static class Cryptography
{
public static string EncryptString(string plainText, string passPhrase, string initVector)
{
string encrypted = "";// Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetBytes(initVector); // Create a new MemoryStream object to contain the encrypted bytes. using (var memoryStream = new MemoryStream()) { // Create a CryptoStream object to perform the encryption. using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)) { // Encrypt the plaintext. using (var streamWriter = new StreamWriter(cryptoStream)) { streamWriter.Write(plainText); } encrypted = Encoding.UTF8.GetString(memoryStream.ToArray()); } } } return encrypted; } public static string DecryptString(string encryptedText, string passPhrase, string initVector) { string decrypted; // Convert the input string to bytes var inputBytes = Encoding.ASCII.GetBytes(encryptedText); //PadToMultipleOf(ref inputBytes, 16); // Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.Getworking example: Windows / Android (C#/Java) Compatible Data Encryption with Compression[^] (yes, it's mine). It's got more than you need with compression before encryption but it shows the AES steps.
Be wary of strong drink. It can make you shoot at tax collectors - and miss. Lazarus Long, "Time Enough For Love" by Robert A. Heinlein
-
working example: Windows / Android (C#/Java) Compatible Data Encryption with Compression[^] (yes, it's mine). It's got more than you need with compression before encryption but it shows the AES steps.
Be wary of strong drink. It can make you shoot at tax collectors - and miss. Lazarus Long, "Time Enough For Love" by Robert A. Heinlein
Thank you
In theory, theory and practice are the same. But in practice, they never are.” If it's not broken, fix it until it is. Everything makes sense in someone's mind.
-
You need to pad the input buffer BEFORE encrypting it, to get the length of the encrypted text right. There are a bunch of different things you can use for padding. Google something like "AES padding" to see what's acceptable to the implementation.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
Thank you
In theory, theory and practice are the same. But in practice, they never are.” If it's not broken, fix it until it is. Everything makes sense in someone's mind.
-
working example: Windows / Android (C#/Java) Compatible Data Encryption with Compression[^] (yes, it's mine). It's got more than you need with compression before encryption but it shows the AES steps.
Be wary of strong drink. It can make you shoot at tax collectors - and miss. Lazarus Long, "Time Enough For Love" by Robert A. Heinlein
I replied a couple of times on the post you provided
In theory, theory and practice are the same. But in practice, they never are.” If it's not broken, fix it until it is. Everything makes sense in someone's mind.
-
I am trying to encrypt and decrypt some text using System.Security.Cryptography.Aes.[^]. Here's my Console app:
var password = "thisIsAReallllllllyLongPasswordForTesting";
var passPhrase = "E546C8DF278CD5931069B522E695D4F2";
var initVector = "HR$2pIjHR$2pIj12";
var encrypted = Cryptography.EncryptString(password, passPhrase, initVector);Console.WriteLine("Encrypted password");
Console.WriteLine(encrypted.ToString());string decrypted = Cryptography.DecryptString(encrypted, passPhrase, initVector);
Console.WriteLine("decrypted password");
Console.WriteLine(decrypted);Here's my crypto class:
public static class Cryptography
{
public static string EncryptString(string plainText, string passPhrase, string initVector)
{
string encrypted = "";// Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetBytes(initVector); // Create a new MemoryStream object to contain the encrypted bytes. using (var memoryStream = new MemoryStream()) { // Create a CryptoStream object to perform the encryption. using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)) { // Encrypt the plaintext. using (var streamWriter = new StreamWriter(cryptoStream)) { streamWriter.Write(plainText); } encrypted = Encoding.UTF8.GetString(memoryStream.ToArray()); } } } return encrypted; } public static string DecryptString(string encryptedText, string passPhrase, string initVector) { string decrypted; // Convert the input string to bytes var inputBytes = Encoding.ASCII.GetBytes(encryptedText); //PadToMultipleOf(ref inputBytes, 16); // Create an Aes object with the specified key and IV. using (Aes aes = Aes.Create()) { aes.Key = Encoding.ASCII.GetBytes(passPhrase); aes.IV = Encoding.ASCII.GetThe variable names and string in your example suggest you are trying to encrypt a password. That is almost always the wrong thing to do. If you're trying to write an authentication system, you should be storing a salted hash of the users' passwords, using a unique salt per record, and multiple iterations of a cryptographically-secure one-way hash. There is no way to "decrypt" the password; instead, you use the stored salt and repeat the hashing operation on the entered password, then compare it to the stored hash. Secure Password Authentication Explained Simply[^] Salted Password Hashing - Doing it Right[^] If instead you're trying to store passwords or access keys for third-party systems, where you actually need to retrieve the original password, then you need to consider how you're going to store the encryption keys securely; how you're going to rotate them to minimize the impact if one is leaked; any many other complex issues. For example, you seem to be using a fixed IV for every value you encrypt, which is not secure.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer