What should I do with the Encrypt code of this Decrypt code?

[patrick]

Hello.
Decrypt code.
What should I do with the Encrypt code of this Decrypt code?
Please Help me

        public string Decrypt(string data)
        {
          
                using (RijndaelManaged rijndael = new RijndaelManaged())
                using (Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(_Key, Convert.FromBase64String(data).Take(16).ToArray()))
                using (ICryptoTransform decryptor = rijndael.CreateDecryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)))
                using (MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(data).Skip(16).ToArray()))
                using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
                using (StreamReader streamReader = new StreamReader(cryptoStream))
                    data = streamReader.ReadToEnd();


            return data;
        }

 

[patrick]

You didn't do this:


Also, using "plain bytes" here as salt is a very bad idea! You should see why.

I modified it as you taught me. Rfc2898DeriveBytes was modified to 16 bytes.
However, decryption does not work.

decryption is fixed. Encrypt must be modified to fit decryption .

What's wrong with the code?
Please Help me.

 public string Encrypt(string data)
        {
            byte[] salt1 = new byte[16];

            byte[] plainBytes = Encoding.Unicode.GetBytes(data);
            RijndaelManaged rijndael = new RijndaelManaged();

            var rfc2898 = new Rfc2898DeriveBytes(_Key, salt1);
            var ms = new MemoryStream();
            using (var cs = new CryptoStream(ms, rijndael.CreateEncryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)), CryptoStreamMode.Write))
            {
                cs.Write(plainBytes, 0, plainBytes.Length);
            }
                    
            return Convert.ToBase64String(ms.ToArray());
        }

 public string Decrypt(string data)
        {
                using (RijndaelManaged rijndael = new RijndaelManaged())
                using (Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(_Key, Convert.FromBase64String(data).Take(16).ToArray()))
                using (ICryptoTransform decryptor = rijndael.CreateDecryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)))
                using (MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(data).Skip(16).ToArray()))
                using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
                using (StreamReader streamReader = new StreamReader(cryptoStream))
                    data = streamReader.ReadToEnd();
            return data;
        }

 

[Skydiver]

Where do you put the salt into the output stream so that the decryption can use the same salt used by the encryption?

Where do generate the salt for the encrypted data? Notice that you allocate space for the salt on line 3, and try to create the actual encryption key on line 8. By default C# arrays will be zero filled, unlike C/C++ which will have random data (unless the allocator is overridden).

 

[JohnH]

As I said, I recommend var rfc2898 = new Rfc2898DeriveBytes(_Key, 16); to generate random 16 bytes salt. Then write the rfc2898.Salt byte array to memory stream.

 

[patrick]

You didn't do this:


Also, using "plain bytes" here as salt is a very bad idea! You should see why.

I modified it as you taught me. Rfc2898DeriveBytes was modified to 16 bytes.
However, decryption does not work.

decryption is fixed. Encrypt must be modified to fit decryption .

What's wrong with the code?
Please Help me.

 public string Encrypt(string data)
        {
            byte[] plainBytes = Encoding.Unicode.GetBytes(data);
            RijndaelManaged rijndael = new RijndaelManaged();

            var rfc2898 = new Rfc2898DeriveBytes(_Key, 16);
            var ms = new MemoryStream();
            using (var cs = new CryptoStream(ms, rijndael.CreateEncryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)), CryptoStreamMode.Write))
            {
                cs.Write(plainBytes, 0, plainBytes.Length);
            }
                      
            return Convert.ToBase64String(ms.ToArray());
        }

 

[JohnH]

"Then write the rfc2898.Salt byte array to memory stream" = ms.Write(rfc2898.Salt, 0, 16);

 

[patrick]

"Then write the rfc2898.Salt byte array to memory stream" = ms.Write(rfc2898.Salt, 0, 16);

I think we're almost at a solution.
If you encrypt ABCDEFG A\0B\0C\0D\0E\0F\0G\0 is decrypted.
If you encrypt ABCDEFGABCDEFG must be Decrypted.

public string Encrypt(string data)
        {
            byte[] plainBytes = Encoding.Unicode.GetBytes(data);
            RijndaelManaged rijndael = new RijndaelManaged();

            var rfc2898 = new Rfc2898DeriveBytes(_Key, 16);
            var ms = new MemoryStream();
            using (var cs = new CryptoStream(ms, rijndael.CreateEncryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)), CryptoStreamMode.Write))
            {              
                cs.Write(plainBytes, 0, plainBytes.Length);
                ms.Write(rfc2898.Salt, 0, 16);
            }          

            return Convert.ToBase64String(ms.ToArray());
        }

 

[JohnH]

Now where does the Decrypt method read the salt from, was first or last in bytes? I really can't remember, this thread has become so long.

 

[patrick]

Now where does the Decrypt method read the salt from, was first or last in bytes? I really can't remember, this thread has become so long.

        public string Decrypt(string data)
        {
 using (RijndaelManaged rijndael = new RijndaelManaged())
using (Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(_Key, Convert.FromBase64String(data).Take(16).ToArray()))
using (ICryptoTransform decryptor = rijndael.CreateDecryptor(rfc2898.GetBytes(32), rfc2898.GetBytes(16)))
using (MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(data).Skip(16).ToArray()))
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
 using (StreamReader streamReader = new StreamReader(cryptoStream))
                    data = streamReader.ReadToEnd();

            return data;
        }

 

[patrick]

Now where does the Decrypt method read the salt from, was first or last in bytes? I really can't remember, this thread has become so long.

Solved.
Thank you so much for your teachings.