AES256 JAVA encryption doesn't match C# encryption

Question

I have been requested to encrypt some data while talking to my partner's JAVA API, and he sent me the following details about encryption algorithm:

• Algorithm : AES256
• Key Size : 256 bits
• Encryption Mode: CBC (16 bits blocks, PKCS5Padding with 0)
• Output Type : Base-64
• Password: 0xA8703827AE586460105696504327B7BB0806FEAE96BD664F89E36868FBB48E3D
• IV: is a byte[16] with 0 values

I used the below code, but I didn't get a matched result with him:

public byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes)
{
    byte[] encryptedBytes = null;
    byte[] saltBytes = new byte[16] { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};

    using (MemoryStream ms = new MemoryStream())
    {
        using (RijndaelManaged aes = new RijndaelManaged())
        {
            aes.KeySize = 256;
            aes.BlockSize = 128;

            var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
            aes.Key = key.GetBytes(aes.KeySize / 8);
            aes.IV = key.GetBytes(aes.BlockSize / 8);
            aes.Padding = PaddingMode.PKCS7;

            aes.Mode = CipherMode.CBC;

            using (var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
                cs.Close();
            }
            encryptedBytes = ms.ToArray();
        }
    }

    return encryptedBytes;
}


public string EncryptText(string input, string password)
{
    byte[] bytesToBeEncrypted = Encoding.UTF8.GetBytes(input);
    byte[] passwordBytes = Encoding.UTF8.GetBytes(password);

    passwordBytes = SHA256.Create().ComputeHash(passwordBytes);

    byte[] bytesEncrypted = AES_Encrypt(bytesToBeEncrypted, passwordBytes);

    string result = Convert.ToBase64String(bytesEncrypted);

    return result;
}

So, when we tried to encrypt Hello, How are you?, I got a different result and I should get the same result he had as he will decrypt my sent data on his side and will process it. The given example should have this result: TJTojNoVgoqnhCj4uTv1jLBiZU7r+s/0Bm234bHU+S0=

Answer 1

I did some testing and now able to match your expected result.

2 changes to be done.

IV

IV is the easiest, as you said IV = 0, so set IV as follows:

aes.IV = new byte[16];

In AES, IV is 16 bytes. The above would create a byte array of 16 bytes with each value initialized to zero.

Key

The password you have given starts with "0x" - this essentially means that this is hexadecimal representation of the password string. I converted this password to byte array using this

string password = "A8703827AE586460105696504327B7BB0806FEAE96BD664F89E36868FBB48E3D";

Please note I removed the starting "0x" from the above

byte[] passwordBytes = StringToByteArray(password);

The above converts the hexadecimal password representation to a byte array.

In your AES_Encrypt method, directly assign this byte[] as the Key

aes.Key = passwordBytes;

Now, my result is TJTojNoVgoqnhCj4uTv1jLBiZU7r+s/0Bm234bHU+S0= which exactly matches with your expected output.