Rijndael Decrypt returning escape characters at end of string

Hi

I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

Any idea why? It is actually causing problems in some places, here are my
methods:

public static string Encrypt(string input, byte[] key, byte[] iv)

{

byte[] inputStringBytes = Encoding.ASCII.GetBytes(input);

byte[] outputBytes;

MemoryStream ms = new MemoryStream(inputStringBytes.Length);

RijndaelManaged rijndael = new RijndaelManaged();

ICryptoTransform rdTransform = rijndael.CreateEncryptor((byte[])key.Clone(),
(byte[])iv.Clone());

CryptoStream cs = new CryptoStream(ms, rdTransform, CryptoStreamMode.Write);

cs.Write(inputStringBytes, 0, inputStringBytes.Length);

cs.FlushFinalBlock();

outputBytes = ms.ToArray();

ms.Close();

cs.Close();

rdTransform.Dispose();

rijndael.Clear();

return Convert.ToBase64String(outputBytes);

}



public static string Decrypt(string input, byte[] key, byte[] iv)

{

byte[] inputStringBytes = Convert.FromBase64String(input);

byte[] outputTextBytes = new byte[inputStringBytes.Length];

RijndaelManaged rijndael = new RijndaelManaged();

MemoryStream ms = new MemoryStream(inputStringBytes);

ICryptoTransform rdTransform = rijndael.CreateDecryptor((byte[])key.Clone(),
(byte[])iv.Clone());

CryptoStream cs = new CryptoStream(ms, rdTransform, CryptoStreamMode.Read);

cs.Read(outputTextBytes, 0, outputTextBytes.Length);

ms.Close();

cs.Close();

rdTransform.Dispose();

rijndael.Clear();

return Encoding.ASCII.GetString(outputTextBytes);

}



Thanks

Kev

re: Rijndael Decrypt returning escape characters at end of string

Mantorok wrote:[color=blue]
> Hi[/color]

Hi,

There is *much* more to proper cryptography that most people think and
it is *easy* to get it wrong -- and in cryptography anything is only as
strong as it's weakest link.
[color=blue]
> I have a couple of encryption methods but when I call decrypt I get the
> string back but with a load \0 escape characters on the end?
>
> Any idea why? It is actually causing problems in some places, here are my
> methods:[/color]

Rinjdael is a block-cipher and the default padding used to obtain a
block-size mutiple of input from your byte inputStringBytes is
apparently: 0-padding, which is known as the worst choice possible :)

Try setting the padding to PaddingMode.PKCS7 which (besides crytographic
benefits) is a 1-1 paddingmode for all block-ciphers.

You are also missing randomization. Call GenerateIV and write the IV to
the start of the stream, and use it to initialize IV on the receiving
side. This will get you nondeterministic encryption, where the same
massage is encrypted differently each time it is transmitted.

Also note that encryption only guarantees confidentiality, not integrity
(you and the receiver agree on the content of the entire message, not
just a prefix). This is the property that prevents a man in the middle
from changing "Attack at dawn on friday" to "Attack at dawn"

Other properties you might wish to consider important to the "security"
of your protocol is:

* Authentication: who sent the message
* Non-repudiation: prevent the sender from later postulating that he
sent something else
* Anti-replay: prevent someone from using a recording of encrypted
traffic to initiate accepted communication

--
Helge Jensen
mailto:helge.jensen@slog.dk
sip:helge.jensen@slog.dk
-=> Sebastian cover-music: http://ungdomshus.nu <=-

re: Rijndael Decrypt returning escape characters at end of string

Mantorok wrote:[color=blue]
> Hi[/color]

Hi,

There is *much* more to proper cryptography that most people think and
it is *easy* to get it wrong -- and in cryptography anything is only as
strong as it's weakest link.
[color=blue]
> I have a couple of encryption methods but when I call decrypt I get the
> string back but with a load \0 escape characters on the end?
>
> Any idea why? It is actually causing problems in some places, here are my
> methods:[/color]

Rinjdael is a block-cipher and the default padding used to obtain a
block-size mutiple of input from your byte inputStringBytes is
apparently: 0-padding, which is known as the worst choice possible :)

Try setting the padding to PaddingMode.PKCS7 which (besides crytographic
benefits) is a 1-1 paddingmode for all block-ciphers.

You are also missing randomization. Call GenerateIV and write the IV to
the start of the stream, and use it to initialize IV on the receiving
side. This will get you nondeterministic encryption, where the same
massage is encrypted differently each time it is transmitted.

Also note that encryption only guarantees confidentiality, not integrity
(you and the receiver agree on the content of the entire message, not
just a prefix). This is the property that prevents a man in the middle
from changing "Attack at dawn on friday" to "Attack at dawn"

Other properties you might wish to consider important to the "security"
of your protocol is:

* Authentication: who sent the message
* Non-repudiation: prevent the sender from later postulating that he
sent something else
* Anti-replay: prevent someone from using a recording of encrypted
traffic to initiate accepted communication

--
Helge Jensen
mailto:helge.jensen@slog.dk
sip:helge.jensen@slog.dk
-=> Sebastian cover-music: http://ungdomshus.nu <=-

re: Rijndael Decrypt returning escape characters at end of string

Mantorok <none@tiscali.co.uk> wrote:[color=blue]
> I have a couple of encryption methods but when I call decrypt I get the
> string back but with a load \0 escape characters on the end?[/color]

You're not using the return value of Read, which tells you how many
bytes have *actually* been read.

You should also consider using Encoding.UTF8 instead of Encoding.ASCII,
unless you're absolutely *sure* that all the characters you need to
encode will be in ASCII.

You should also use using statements to make sure you always close your
streams even if an exception is thrown.

Finally, don't assume that a single call to Read will always read
everything you want it to. See
http://www.pobox.com/~skeet/csharp/readbinary.html

--
Jon Skeet - <skeet@pobox.com>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too

re: Rijndael Decrypt returning escape characters at end of string

Mantorok <none@tiscali.co.uk> wrote:[color=blue]
> I have a couple of encryption methods but when I call decrypt I get the
> string back but with a load \0 escape characters on the end?[/color]

You're not using the return value of Read, which tells you how many
bytes have *actually* been read.

You should also consider using Encoding.UTF8 instead of Encoding.ASCII,
unless you're absolutely *sure* that all the characters you need to
encode will be in ASCII.

You should also use using statements to make sure you always close your
streams even if an exception is thrown.

Finally, don't assume that a single call to Read will always read
everything you want it to. See
http://www.pobox.com/~skeet/csharp/readbinary.html

--
Jon Skeet - <skeet@pobox.com>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too