Reputation: 11
This is the Java encryption code that I am trying to convert into an equivalent C# code:
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.Validate;
public class Encryptor
private static final String CIPHER_ALOGRITHM = "AES/CBC/PKCS5Padding";
private static final String KEY_ALOGRITHM = "PBKDF2WithHmacSHA1";
private static final String KEY_SPEC_ALOGRITHM = "AES";
private static final String ENCODING = "UTF-8";
public static String decrypt(String password, String encodedCiphertextAndIv) throws GeneralSecurityException,
String[] ra = encodedCiphertextAndIv.split(":");
byte[] ciphertext = Base64.decodeBase64(ra[0]);
byte[] iv = Base64.decodeBase64(ra[1]);
/* Decrypt the message, given derived key and initialization vector. */
Cipher cipher = Cipher.getInstance(CIPHER_ALOGRITHM);
cipher.init(Cipher.DECRYPT_MODE, getSecret(password), new IvParameterSpec(iv));
String plaintext = new String(cipher.doFinal(ciphertext), ENCODING);
return plaintext;
static SecretKey getSecret(String password) throws GeneralSecurityException
byte[] salt = Arrays.copyOf(password.getBytes(), 8);
/* Derive the key, given password and salt. */
SecretKeyFactory factory = SecretKeyFactory.getInstance(KEY_ALOGRITHM);
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 1024, 128);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), KEY_SPEC_ALOGRITHM);
return secret;
public static String encrypt(String password, String plainText) throws GeneralSecurityException,
if (plainText == null)
return plainText;
String[] plainTextValues = new String[]
String[] encryptedValues = encrypt(password, plainTextValues);
return encryptedValues[0];
public static String[] encrypt(String password, String[] plainTextValues) throws GeneralSecurityException,
if (plainTextValues == null || plainTextValues.length == 0)
return new String[] {};
Validate.notEmpty(password, "password must not be empty");
/* Encrypt the message. */
Cipher cipher = Cipher.getInstance(CIPHER_ALOGRITHM);
cipher.init(Cipher.ENCRYPT_MODE, getSecret(password));
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
String encodedIv = new String(Base64.encodeBase64(iv));
String[] encryptedValues = new String[plainTextValues.length];
for (int i = 0; i < plainTextValues.length; i++)
String plainText = plainTextValues[i];
if (plainText == null)
encryptedValues[i] = plainText;
byte[] ciphertext = cipher.doFinal(plainText.getBytes(ENCODING));
String encodedCiphertext = new String(Base64.encodeBase64(ciphertext));
encryptedValues[i] = encodedCiphertext + ":" + encodedIv;
return encryptedValues;
public static void main(String[] args) throws Exception
String password = "The Secret";
String plainText = "Hello, World!";
String enc = encrypt(password, plainText);
System.out.println(decrypt(password, enc));
This is the C# code that I have tried:
using System;
using System.Text;
using System.Security.Cryptography;
namespace ConsoleApplication1
class Program
private const string CIPHER_ALOGRITHM = "AES/CBC/PKCS5Padding";
private const string KEY_ALOGRITHM = "PBKDF2WithHmacSHA1";
private const string KEY_SPEC_ALOGRITHM = "AES";
private const string ENCODING = "UTF-8";
static void Main(string[] args)
string key = "The Secret";
string plainTextValue = "Hello, World!";
Program p = new Program();
string encryptedvalue = p.Encrypt(key, plainTextValue);
//Console.WriteLine("encryptedvalaue:{0}", encryptedvalue);
string decryptedvalue = p.Decrypt(appsecret, encryptedvalue);
//Console.WriteLine("decryptedvalue:{0}", decryptedvalue);
public RijndaelManaged GetRijndaelManaged(String secretKey)
var keyBytes = new byte[16];
var secretKeyBytes = Encoding.UTF8.GetBytes(secretKey);
Array.Copy(secretKeyBytes, keyBytes, Math.Min(keyBytes.Length, secretKeyBytes.Length));
return new RijndaelManaged
Mode = CipherMode.CBC,
Padding = PaddingMode.PKCS7,
KeySize = 128,
BlockSize = 128,
Key = keyBytes,
IV = keyBytes
public byte[] Encrypt(byte[] plainBytes, RijndaelManaged rijndaelManaged)
return rijndaelManaged.CreateEncryptor().TransformFinalBlock(plainBytes, 0, plainBytes.Length);
public byte[] Decrypt(byte[] encryptedData, RijndaelManaged rijndaelManaged)
return rijndaelManaged.CreateDecryptor().TransformFinalBlock(encryptedData, 0, encryptedData.Length);
/// <summary>
/// Encrypts plaintext using AES 128bit key and a Chain Block Cipher and returns a base64 encoded string
/// </summary>
/// <param name="plainText">Plain text to encrypt</param>
/// <param name="key">Secret key</param>
/// <returns>Base64 encoded string</returns>
public String Encrypt(String key, String plainText)
var plainBytes = Encoding.UTF8.GetBytes(plainText);
return Convert.ToBase64String(Encrypt(plainBytes, GetRijndaelManaged(key)));
/// <summary>
/// Decrypts a base64 encoded string using the given key (AES 128bit key and a Chain Block Cipher)
/// </summary>
/// <param name="encryptedText">Base64 Encoded String</param>
/// <param name="key">Secret Key</param>
/// <returns>Decrypted String</returns>
public String Decrypt(String key, String encryptedText)
var encryptedBytes = Convert.FromBase64String(encryptedText);
return Encoding.UTF8.GetString(Decrypt(encryptedBytes, GetRijndaelManaged(key)));
But the encryption done on C# side does not yield the same value when decrypted using Java code. The scenario is that my web application (build on .net C#) has to transfer encrypted data to a java application which will decrypt it. So I need to ensure that encryption on .net is equivalent to the Java encryption.
Need your help.
Upvotes: 1
Views: 4507
Reputation: 1936
Looks like you are not hashing your key in C# implementation. This line
cipher.init(Cipher.ENCRYPT_MODE, getSecret(password));
is responsible for that in Java snippet.
But in C# you just use the secret as a plain text to encrypt.
I did similar task and here's the missing piece that hashes the secret and allows you to generate iv and key values for AES encryption:
var derivedPassword = new Rfc2898DeriveBytes(secretKey, saltBytes);
var symmetricKey = new RijndaelManaged();
byte[] keyBytes = derivedPassword.GetBytes(symmetricKey.KeySize/8);
byte[] initBytes = derivedPassword.GetBytes(symmetricKey.BlockSize/8);
Upvotes: 1