0

I have received a SQL server database with passwords. This database is coming from a .NET website. I am rebuilding the website to PHP, so I would like to use my own encryption algorithm for the passwords. To do so, I tried to decrypt the passwords from the source database, but have not succeeeded so far.

According to the original developer it uses Rijndael encryption. The keys were as blob fields in the database. I exported them and tried to use PHP to decrypt the passwords. I have not succeeded but read somewhere on Stack overflow that there are difference in the way PHP and .NET implements it. This can only be fixed by changing the way of encrypting in .NET, but that's not an option.

So next thing I tried is to create a small .NET web form to decode the passwords. For a test I use this code:

var iv = Encoding.UTF8.GetBytes("5F38D2742EFC59486F6CBDDAB3E46EC5");
var key = Encoding.UTF8.GetBytes("F88640BE83A6911472BA4AF9B9C37E2C2B3E78BCFECF4BC6ADE1E928441F6AD7");

var rijndael = new RijndaelManaged
{
    BlockSize = 256,
    IV = iv,
    KeySize = 256,
    Key = key
};
rijndael.Padding = PaddingMode.None;
var buffer = Convert.FromBase64String("D1jo49HH6cL4kZVVeIDyDbJGtO4+f2N9YIonOqRg6hM=");
var transform = rijndael.CreateDecryptor();
string decrypted;
using (var ms = new MemoryStream())
{
    using (var cs = new CryptoStream(ms, transform, CryptoStreamMode.Write))
    {
        cs.Write(buffer, 0, buffer.Length);
        cs.FlushFinalBlock();
        decrypted = Encoding.UTF8.GetString(ms.ToArray());
        cs.Close();
    }
    ms.Close();
}
Label1.Text = decrypted;

I have altered the keys by the way, but the number of characters are still the same. Apperantly the key is 512bits in size instead of 256bits. But that is not supported by Rijndael. When I take away half of the key it doesn't generate any errors, but of course, doesn't give me the correct password.

Now I noticed the key is in hexadecimal characters. I tried to convert it using a web tool like http://www.string-functions.com/hex-string.aspx, but that does not give me a valid string (just some strange characters. So I'm not sure if this has anything to do with it, but if so, how to convert it?

Frank
  • 530
  • 5
  • 15
  • Why don't you just ask the original developer to give you the code that decrypts the passwords? That is, of course, assuming you have obtained this legitimately. – podiluska Aug 23 '12 at 09:32
  • Well, communication is going through the customer and it's difficult to get a response from the previous developer. That, plus I don't want to make a fool out of myself by missing a small detail ;-). – Frank Aug 23 '12 at 09:40
  • Using `Encoding.GetBytes` is definitely the wrong way to convert a hex string to an array of bytes. Maybe the answers to [How do you convert Byte Array to Hexadecimal String, and vice versa, in C#?](http://stackoverflow.com/questions/311165/how-do-you-convert-byte-array-to-hexadecimal-string-and-vice-versa-in-c) will help. – Damien_The_Unbeliever Aug 23 '12 at 09:59

1 Answers1

1

The error is in these two lines:

var iv = Encoding.UTF8.GetBytes("5F38D2742EFC59486F6CBDDAB3E46EC5");
var key = Encoding.UTF8.GetBytes("F88640BE83A6911472BA4AF9B9C37E2C2B3E78BCFECF4BC6ADE1E928441F6AD7");

What you have in your string literals appears to be hex strings. These should be decoded by taking each pair of characters in turn and converting those into a byte. Unfortunately, there's no built in function in the .NET framework to do this, but the question How do you convert Byte Array to Hexadecimal String, and vice versa, in C# should contain some useful hints to achieving this.

Your current code, instead, will take each character, in turn, and compute one or more (okay, in this case, always one) byte values that is the UTF8 value for that character.

These are two very different operations, but the difference in how the characters are/should be consumed is why you are getting double the number of bytes compared to what you were expecting to receive.

Community
  • 1
  • 1
Damien_The_Unbeliever
  • 234,701
  • 27
  • 340
  • 448