CODEWITHSUNDEEP
c#.netencryptioncryptographytripledes
DarioDF
DarioDF

Reputation: 301

C# .NET Cryptography don't decrypt properly

I'm trying to encrypt and decrypt a text in C# (.NET 3.5) figuring out that this simple code doesn't work:

    private const string KEY = "Chiave";

    static void Main(string[] args)
    {

        string plainText = "Data to be encrypted";

        byte[] keyArray;
        MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
        keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(KEY));

        byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(plainText);

        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        tdes.Key = keyArray;
        tdes.Mode = CipherMode.CBC;
        tdes.Padding = PaddingMode.PKCS7;

        ICryptoTransform cTransform = tdes.CreateEncryptor();
        byte[] encArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);

        tdes = new TripleDESCryptoServiceProvider();
        tdes.Key = keyArray;
        tdes.Mode = CipherMode.CBC;
        tdes.Padding = PaddingMode.PKCS7;

        cTransform = tdes.CreateDecryptor();
        byte[] decArray = cTransform.TransformFinalBlock(encArray, 0, encArray.Length);

        if (encArray.Length == decArray.Length)
        {
            for (int i = 0; i < encArray.Length; ++i)
                Console.Out.Write("{0,3}|{1,3}", encArray[i], decArray[i]);
        } else
            Console.Out.Write("Length error!");

        Console.In.Read();
    }

It seems the encrypt or decrypt phase messes up some bytes in the beginning of the text (in a different way any time I run the program) sometimes changing even the length of the byte array. I was able to make it work using ECB cipher, but my data has some static blocks which leads to the same result any time.

From https://msdn.microsoft.com/it-it/library/system.security.cryptography.ciphermode(v=vs.110).aspx about ECB:

Important: This mode is not recommended because it opens the door for multiple security exploits. If the plain text to be encrypted contains substantial repetition, it is feasible for the cipher text to be broken one block at a time. It is also possible to use block analysis to determine the encryption key. Also, an active adversary can substitute and exchange individual blocks without detection, which allows blocks to be saved and inserted into the stream at other points without detection.

These are some results after the enc. and dec.:

��u��T�be encrypted
U����ŋbe encrypted
5�AL\"0be encrypted

And so on, thanks in advice.

Upvotes: 1

Views: 567

Answers (1)

Steve
Steve

Reputation: 216243

You have created a new instance of the TripleDESCryptoServiceProvider but this new instance has not the same IV value of the first one

Also, it is not correct to compare the length of the encrypted array with the length of the decrypted one. You should try to get back the original string and check if the two are equal

private const string KEY = "Chiave";
static void Main(string[] args)
{
    string plainText = "Data to be encrypted";

    byte[] keyArray;
    MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
    keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(KEY));

    byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(plainText);

    TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
    tdes.Key = keyArray;
    tdes.Mode = CipherMode.CBC;
    tdes.Padding = PaddingMode.PKCS7;

    ICryptoTransform cTransform = tdes.CreateEncryptor();
    byte[] encArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);

    // REMOVE THESE LINES 
    // tdes = new TripleDESCryptoServiceProvider();
    // tdes.Key = keyArray;
    // tdes.Mode = CipherMode.CBC;
    // tdes.Padding = PaddingMode.PKCS7;

    cTransform = tdes.CreateDecryptor();
    byte[] decArray = cTransform.TransformFinalBlock(encArray, 0, encArray.Length);

    // if (encArray.Length == decArray.Length)
    // {
    //    for (int i = 0; i < encArray.Length; ++i)
    //        Console.Out.Write("{0,3}|{1,3}", encArray[i], decArray[i]);
    //} else
    //    Console.Out.Write("Length error!");

    string result = UTF8Encoding.UTF8.GetString(decArray);
    Console.WriteLine(result);

    Console.In.Read();
}

Upvotes: 1

Related Questions