6

I'm currently developing a little tool in C# that allows me to quickly crypt my files. So I used this script which looks to be perfect for me. But I still have a problem : the key is too short (8 character max). I read in RijndaelManaged() documentation that maximum size for the key is 256 bits, so I should be able to use a 64 character key... (like sha256 hash)

But every time I try to increase the key size, I get a nice "Encryption failed !", even for 9 characters. I've been looking for a solution on google for a while, but nothing useful.

The best thing I found is this. So I tried to change the padding like:

RMCrypto.Padding = PaddingMode.ISO10126;

// or
RMCrypto.Padding = PaddingMode.ANSIX923;

But it did not change anything...

Community
  • 1
  • 1
  • 1
    Rjindael key size is *not* free to choose. It must be 128-bit, 192-bit, or 256-bit. It cannot be, say 9 bytes or 18 bytes or 36 bytes. It must strictly be 16 bytes, 24 bytes, or 32 bytes. Besides, you should first specify your key size before you could use the class correctly. Though both 128-bit and 192-bit key size are allowed, you cannot, for instance, specify the key size to be 128-bit but using 192-bit key. The key size you specify must match the key size you use. Please check/post your code when you specify your key size and when you specify/use your key. – Ian Apr 24 '16 at 17:27
  • @ArtjomB. I suggest a necessary update such that the problem can be answered more fitly. – Ian Apr 24 '16 at 17:29
  • Ok I understund. I would like to use a 256 bits key but I don't know where to specify le key lengh. Would you just say me where I must write it ? –  Apr 24 '16 at 17:30
  • @ArtjomB. I am trying to suggest an edit to the question actually. – Ian Apr 24 '16 at 17:34

2 Answers2

3

Rjindael's key size is not free to choose. It must be 128-bit, 192-bit, or 256-bit. It cannot be, say, 9 bytes or 18 bytes or 36 bytes. It must strictly be 16 bytes, 24 bytes, or 32 bytes.

Besides, you should first specify your key size suitably before you could use the class correctly. Though both 128-bit and 192-bit key size are allowed, you cannot, for instance, specify the key size to be 128-bit but using 192-bit key. The key size you specify must match the key size you use.

This is an example how you do it:

You could specify your key size (not to be confused with BlockSize) in the RjindaelManaged.KeySize property:

RMCrypto.KeySize = 256;

And then the key size in byte[] should match with the size of the key above:

byte[] key = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; 
RMCrypto.Key = key;

Be sure to use a key that looks like random noise in order to get some security.

Currently your key is too short:

string password = @"myKey123";
byte[] key = UE.GetBytes(password);
Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Ian
  • 30,182
  • 19
  • 69
  • 107
  • 1
    Thank you so much ! I just replaced byte[] key = UE.GetBytes(password); by your code and it works ! –  Apr 24 '16 at 17:45
  • @NeedCoffee no problem. Once the problem can be located, the solution should naturally be easier to be suggested. You may take a look for other rjindael posts too... Your update is critical actually. – Ian Apr 24 '16 at 17:47
  • @ArtjomB. Updated. I mistakenly take BlockSize as KeySize while BlockSize is actually how many data bytes you want to process per one time. KeySize should be the one to use, not BlockSize, as you mention. – Ian Apr 24 '16 at 17:49
  • @ArtjomB. Agreed, the example is really simplified. – Ian Apr 24 '16 at 18:02
  • Still have a problem... byte[] key = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; This is a fixed key, and I need to change it... This is why byte[] key = UE.GetBytes(password); was used –  Apr 24 '16 at 18:09
  • @NeedCoffee to randomize the key, you probably want to look at Random class. – Ian Apr 24 '16 at 18:13
  • @lan Yes I know, I don't want to radomize this. I just need to make the code working. I thought it was but the part of the code I quoted before change my key. The encrypted document is always the same, even if I change the key. –  Apr 24 '16 at 18:17
  • Isn't that we can easily calculate the *KeySize* from *byte[] key*, instead of setting it explicitly? – s k Mar 22 '18 at 02:23
1

Padding is for padding the plaintext to the size of the block-length, it has nothing to do with the keysize.

In Rijndael, you are only allowed to use keys of length 128, 160, 192, 224 or 256 bit. (AES-128 --> 128 bit key, AES-256 --> 256 bit key. Block length is still 128 in both).

You cannot trivially change the keylength of a cipher. Usually you'd use key-derivation functions anyways (which in term use hash functions) to get a 128-bit (or whatever size you need) key out of a password-string.

In short, you're misunderstanding padding and the key-lengths of the cipher you're trying to use. If you want arbitrary-length password-strings, use key derivation function. The code in the first link you posted uses e.g. the Rfc2898DeriveBytes class.

To set the key length, FIRST change the property .KeySize, THEN set the key.

RijndaelManaged rijndaelCSP = new RijndaelManaged();
rijndaelCSP.KeySize = 256;
//derive key from password and set as .Key.

MSDN documentation

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Maximilian Gerhardt
  • 5,188
  • 3
  • 28
  • 61
  • Ok thanks for the answer. Is there any easy way to modify the code to make it working with 128 or 256 bits key ? –  Apr 24 '16 at 17:34
  • I added some Code edited, it's simply in the `.KeyLength` property of the Rijndael object. – Maximilian Gerhardt Apr 24 '16 at 17:35
  • @ArtjomB. I had a question where it changed the `Key` to a absolute random one after `KeyLength` has been set, effectively voiding the key-setting earlier, that's why I thought it must be this way. – Maximilian Gerhardt Apr 24 '16 at 17:41