CODEWITHSUNDEEP
c#.netencryption
user228777
user228777

Reputation: 3094

TripleDes decryption with some invalid data at the beginning

I am trying to decrypt data using tripleDes. Everything looks fine but it has some invalid characters at the beginning? What am I doing wrong? For same data if call this function again and again these first few characters are always different but the rest of the data is same.

I am passing useHashing to false.

public static byte[] GetTripleDesDecryption(string dataToDecrypt, byte[] key, bool useHashing)
    {
        byte[] keyArray;
        byte[] plainbytes = null;
        byte[] cipherbytes;

        try
        {
            if (useHashing)
            {
                MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
                keyArray = hashmd5.ComputeHash(key);
                hashmd5.Clear();
            }
            else
                keyArray = key;

            using (TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider())
            {
                tdes.Key = keyArray;
                tdes.Mode = CipherMode.CBC;
                tdes.Padding = PaddingMode.None;

                using (ICryptoTransform cTransform = tdes.CreateDecryptor())
                {
                    cipherbytes = Convert.FromBase64String(dataToDecrypt);
                    plainbytes = cTransform.TransformFinalBlock(cipherbytes, 0, cipherbytes.Length);
                }
            }
        }
        catch (Exception e)
        {
            LogMessage(e.Message + " Attribute Parsing error. DataToDecrypt = " + dataToDecrypt);
            throw e;
        }
        return plainbytes;
    }

This is what I get:

"�{c��]�sertion xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"><saml:AttributeStatement><saml:Attribute Name=\"userID\"><saml:AttributeValue>456</saml:AttributeValue></saml:Attribute><saml:Attribute Name=\"financialInstitutionNumber\"><saml:AttributeValue>303986258</saml:AttributeValue></saml:Attribute><saml:Attribute Name=\"password\"><saml:AttributeValue>galaxy</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>   "

Upvotes: 3

Views: 1164

Answers (2)

Gregory A Beamer
Gregory A Beamer

Reputation: 17010

I was looking back over your post and saw you are trying to decrypt a SAML assertion. SAML 2 is included in WIF, so I would consider downloading and using it. The abstraction is much easier to use than trying to reinvent the wheel.

As for the first answer I gave and comments from others: @Henk Holterman is focusing on the fact that an encryption mechanism uses botha key (converted to bytes) and an Initialization Vector (IV). If an IV other than "standard" is used (ie, it was specified), you have to match it.

As this is SAML, focus on decrypting SAML so you can apply the assertion. You can do this with custom code, but your searching should focus on SAML.

Upvotes: 0

Maarten Bodewes
Maarten Bodewes

Reputation: 94088

I think that the C# classes use a random IV if it is not set. Try to set the IV to a byte array of 8 bytes valued 00h bytes and try to decrypt with that. If that does not work, you will have to retrieve the IV somehow.

PS the right way is of course to request the blocksize from the tdes instance instead of putting in the literal 8

Upvotes: 2

Related Questions