Rijndael Decrypt returning escape characters at end of string

Mantorok

Hi

I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

Any idea why? It is actually causing problems in some places, here are my
methods:

public static string Encrypt(string input, byte[] key, byte[] iv)

{

byte[] inputStringByte s = Encoding.ASCII. GetBytes(input) ;

byte[] outputBytes;

MemoryStream ms = new MemoryStream(in putStringBytes. Length);

RijndaelManaged rijndael = new RijndaelManaged ();

ICryptoTransfor m rdTransform = rijndael.Create Encryptor((byte[])key.Clone(),
(byte[])iv.Clone());

CryptoStream cs = new CryptoStream(ms , rdTransform, CryptoStreamMod e.Write);

cs.Write(inputS tringBytes, 0, inputStringByte s.Length);

cs.FlushFinalBl ock();

outputBytes = ms.ToArray();

ms.Close();

cs.Close();

rdTransform.Dis pose();

rijndael.Clear( );

return Convert.ToBase6 4String(outputB ytes);

}

public static string Decrypt(string input, byte[] key, byte[] iv)

{

byte[] inputStringByte s = Convert.FromBas e64String(input );

byte[] outputTextBytes = new byte[inputStringByte s.Length];

RijndaelManaged rijndael = new RijndaelManaged ();

MemoryStream ms = new MemoryStream(in putStringBytes) ;

ICryptoTransfor m rdTransform = rijndael.Create Decryptor((byte[])key.Clone(),
(byte[])iv.Clone());

CryptoStream cs = new CryptoStream(ms , rdTransform, CryptoStreamMod e.Read);

cs.Read(outputT extBytes, 0, outputTextBytes .Length);

ms.Close();

cs.Close();

rdTransform.Dis pose();

rijndael.Clear( );

return Encoding.ASCII. GetString(outpu tTextBytes);

}

Thanks

Kev

Nov 17 '05 #1

Subscribe Reply

5540

Helge Jensen

Mantorok wrote:

Hi
Hi,

There is *much* more to proper cryptography that most people think and
it is *easy* to get it wrong -- and in cryptography anything is only as
strong as it's weakest link.
I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

Any idea why? It is actually causing problems in some places, here are my
methods:

Rinjdael is a block-cipher and the default padding used to obtain a
block-size mutiple of input from your byte inputStringByte s is
apparently: 0-padding, which is known as the worst choice possible :)

Try setting the padding to PaddingMode.PKC S7 which (besides crytographic
benefits) is a 1-1 paddingmode for all block-ciphers.

You are also missing randomization. Call GenerateIV and write the IV to
the start of the stream, and use it to initialize IV on the receiving
side. This will get you nondeterministi c encryption, where the same
massage is encrypted differently each time it is transmitted.

Also note that encryption only guarantees confidentiality , not integrity
(you and the receiver agree on the content of the entire message, not
just a prefix). This is the property that prevents a man in the middle
from changing "Attack at dawn on friday" to "Attack at dawn"

Other properties you might wish to consider important to the "security"
of your protocol is:

* Authentication: who sent the message
* Non-repudiation: prevent the sender from later postulating that he
sent something else
* Anti-replay: prevent someone from using a recording of encrypted
traffic to initiate accepted communication

--
Helge Jensen
mailto:he****** ****@slog.dk
sip:he********* *@slog.dk
-=> Sebastian cover-music: http://ungdomshus.nu <=-

Nov 17 '05 #2

Helge Jensen

Mantorok wrote:

Hi
Hi,

There is *much* more to proper cryptography that most people think and
it is *easy* to get it wrong -- and in cryptography anything is only as
strong as it's weakest link.
I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

Any idea why? It is actually causing problems in some places, here are my
methods:

Nov 17 '05 #3

Jon Skeet [C# MVP]

Mantorok <no**@tiscali.c o.uk> wrote:

I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

You're not using the return value of Read, which tells you how many
bytes have *actually* been read.

You should also consider using Encoding.UTF8 instead of Encoding.ASCII,
unless you're absolutely *sure* that all the characters you need to
encode will be in ASCII.

You should also use using statements to make sure you always close your
streams even if an exception is thrown.

Finally, don't assume that a single call to Read will always read
everything you want it to. See
http://www.pobox.com/~skeet/csharp/readbinary.html

--
Jon Skeet - <sk***@pobox.co m>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too

Nov 17 '05 #4

Jon Skeet [C# MVP]

Mantorok <no**@tiscali.c o.uk> wrote:

I have a couple of encryption methods but when I call decrypt I get the
string back but with a load \0 escape characters on the end?

Nov 17 '05 #5

Similar topics

2424

Problems implementing Rijndael

by: Ignacio De Marco | last post by:

I'm not very familiar with C, so I would like to ask you how can use the algorithm Rijndael, suppousing that I want two simple functions (in C ANSI) implementing the CBC or ECB Modes (is the same for me, because I have both implementations in Delphi, but i need the same implementations in C for an AS400) with an interface similiar to this (in Object Pascal): function Encrypt(PlainText: string; Key: string): string function...

C / C++

7197

Unwanted Escape Codes In String...

by: Steve Litvack | last post by:

Hello, I have built an XMLDocument object instance and I get the following string when I examine the InnerXml property: <?xml version=\"1.0\"?><ROOT><UserData UserID=\"2282\"><Tag1 QID=\"55111\"><Tag2 AID=\"5511101\"></Tag2></Tag1><Tag1 QID=\"55112\"><Tag2 AID=\"5511217\"></Tag2></Tag1><Tag1 QID=\"5512282\"><Tag2 AID=\"551228206\"></Tag2></Tag1><Tag1 QID=\"55114\"><Tag2 AID=\"5511406\"></Tag2></Tag1><Tag1 QID=\"55115\"><Tag2

C# / C Sharp

6924

Rijndael crypto and TransformBlock?

by: William Stacey [MVP] | last post by:

The Decypt2() method below does not work. It completes, but does not do the right thing. The first transform request returns 0 bytes. The first Decypt() method works as we work on a stream instead of blocks. I would like to know how to get the block method working. TIA. using System; using System.IO; using System.Security.Cryptography; namespace SocketServers.Crypto

C# / C Sharp

368

Rijndael Decrypt returning escape characters at end of string

by: Mantorok | last post by:

C# / C Sharp

6611

Rijndael CryptoStream, NetworkStream, and Padding

by: Nicholas Holder | last post by:

A client creates a connection to the server using the TCPListener/Client classes and transfers data via a NetworkStream. When the client connects, the server creates a process and redirects its StandardOut to traverse back over the network to the client. I want to encrypt this data and the code I have is below. However, occasionally during processing, I receive an exception stating the PKCS7 padding is invalid and cannot be removed. I have...

Visual Basic .NET

4185

How comes this crypto method does not work (Rijndael)

by: ~~~ .NET Ed ~~~ | last post by:

Anybody has any idea why this simple thing is not working? I pass a text file as input to encrypt it, then pass the encrypted version to the same function and get some garbled data not at all resembling the input file. Rijndael rijndaelAlg = Rijndael.Create(); rijndaelAlg.BlockSize = 128; // 128 bits to comply with AES rijndaelAlg.Padding = PaddingMode.PKCS7;

C# / C Sharp

1396

Rijndael Encryption

by: Vayse | last post by:

I need to encrypt some strings in serveral programs I have. So I grabbed some code from the MS help. I wrote an app that would help me generate the encrypted strings. Its s form with 4 text boxes txtBefore - the original string txtIV, txtKey - the Rijndael IV and Key txtAfter - the encrypted string For testing, I enter text into txtBefore, then press btnEncryptText

Visual Basic .NET

4800

Rijndael Encryption - CAPS Result

by: Sylvie | last post by:

http://www.obviex.com/samples/Encryption.aspx According to this link, I am using Rijndael Encryption & Decryption Algorithms, But I want my encrypted strings just CAPS string and just alphanumeric values ABC...Z and 123...90, no other chars I want, what should I do ? or what other algos I must use, Thanks

C# / C Sharp

5705

C# Rijndael encryption. When decrypting I get junk data in the firstblock

by: Fritjolf | last post by:

Hi. I've got a strange problem... I've made a simple program to test encryption/decryption. I use Rijndael encryption and here are the most important properties. RijndaelManaged cipher = new RijndaelManaged(); cipher.KeySize = 256; cipher.BlockSize = 256;

C# / C Sharp

9592

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

10231

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

8887

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

7416

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6679

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5313

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

5452

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

3576

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2817

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General