-2

Hi I'm just trying to encrypt a string but i want to reverse the decryption method to create exactly encrypted key

decryption was 

public string newSample(string s)
{
    byte[] buffer = Convert.FromBase64String(s);
    Encoding utF8 = Encoding.UTF8;
    byte[] bytes1 = utF8.GetBytes("key1");
    byte[] bytes2 = utF8.GetBytes("key2");
    RijndaelManaged rijndaelManaged1 = new RijndaelManaged();
    rijndaelManaged1.Mode = CipherMode.CBC;
    rijndaelManaged1.Padding = PaddingMode.Zeros;
    rijndaelManaged1.BlockSize = 128;
    rijndaelManaged1.KeySize = 128;
    RijndaelManaged rijndaelManaged2 = rijndaelManaged1;
    ICryptoTransform transform = (ICryptoTransform)null;

    transform = rijndaelManaged2.CreateDecryptor(bytes2, bytes1);
    byte[] bytes3 = (byte[])null;
    using (MemoryStream memoryStream = new MemoryStream())
    {
        using (CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, transform, CryptoStreamMode.Write))
        {
            cryptoStream.Write(buffer, 0, buffer.GetLength(0));
            cryptoStream.FlushFinalBlock();
        }
        rijndaelManaged2.Clear();
        bytes3 = memoryStream.ToArray();
    }
    return new string(Encoding.UTF8.GetChars(bytes3));
}

is it possible to reverse the code and create encryption key ? if so how could be the encryption should look lik for this decryption method ??

thanks

Gayan
  • 2,750
  • 5
  • 47
  • 88
  • I suggest throwing this code away and replacing it by [jbtule's answer](http://stackoverflow.com/a/10366194/445517) to a related question. Unlike your code it's actually secure. – CodesInChaos Sep 06 '14 at 19:42
  • CodesInChaos thanks for the link but i have to go with this code for some reason cheerz – Gayan Sep 06 '14 at 19:53
  • A couple of flaws: 1) No MAC => broken by active attacks 2) No IV, leaks common prefixes 3) Zero padding is not reversible 4) A key should be binary, not text 5) As jon noted, you can't use UTF8 for the ciphertext. – CodesInChaos Sep 06 '14 at 20:43
  • Why do you have to go with insecure code? Since this code didn't work, it can't be compatibility with existing data. – CodesInChaos Sep 06 '14 at 20:44
  • actually i'm not really using this code for my application. this was a existing code on some other application i'm just trying to get encryption key. – Gayan Sep 07 '14 at 03:04

1 Answers1

1

This is the problem - or at least the initial problem:

return new string(Encoding.UTF8.GetChars(bytes3));

The result of encryption is not a UTF-8-encoded byte array... it's arbitrary bytes. By assuming it's valid UTF-8-encoded text, you're losing information.

Instead, you should use a hex or base64 approach, both of which are designed to convert arbitrary binary data to text in a lossless fashion. For example:

return Convert.ToBase64String(bytes3);

Now, your decryption code should start with:

byte[] encryptedData = Convert.FromBase64String(base64EncryptedText);

(Where base64EncryptedText is the value returned from your encryption method.)

From there, it should be a matter of just reversing each step, and there are numerous examples around. You may well find that you've got a problem due to the padding mode, however - you may need to separately record the length of the original data.

As an aside, it's not clear why your method takes a string in the first place. It's odd for an encryption method to take a base64-encoded piece of data. It's more common for it to take either a normal plain text string which is converted into bytes using something like Encoding.UTF8, or for it to take a byte[] to start with.

Jon Skeet
  • 1,421,763
  • 867
  • 9,128
  • 9,194
  • Jon Skeet thanks you very simply that was the initial problem. now code working exactly the way i need thank you again – Gayan Sep 06 '14 at 19:44