a problem with encryption

[crawlerxp]

This is the problem: I do not get the output I need when encoding and
decoding data using rijndael alghoritm.
Look at the code and see what the problem is actually:

Please paste this code into your Visual Studio and compile it + run it; so
you can see what the actual problem is.

Thanks.

code:

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
namespace ConsoleApplication1
{
class MyMainClass
{
public static void Main()
{
string original = "Original string";
string roundtrip;
ASCIIEncoding textConverter = new ASCIIEncoding();
RijndaelManaged myRijndael = new RijndaelManaged();
byte[] fromEncrypt;
byte[] encrypted;
byte[] toEncrypt;
byte[] key;
byte[] IV;
//Create a new key and initialization vector.
myRijndael.GenerateKey();
myRijndael.GenerateIV();
//Get the key and IV.
key = myRijndael.Key;
IV = myRijndael.IV;
//Get an encryptor.
ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, IV);
//Encrypt the data.
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor,
CryptoStreamMode.Write);
//Convert the data to a byte array.
toEncrypt = textConverter.GetBytes(original);
//Write all data to the crypto stream and flush it.
csEncrypt.Write(toEncrypt, 0, toEncrypt.Length);
csEncrypt.FlushFinalBlock();
//Get encrypted array of bytes.
encrypted = msEncrypt.ToArray();

//Here I send data trough network stream
//create byte array to be sent trough tcp network
byte[] finalized = new byte[key.Length+IV.Length+encrypted.Length];
//merge all values into single byte array
key.CopyTo(finalized,0);
IV.CopyTo(finalized,32);
encrypted.CopyTo(finalized,48);
//here goes tcp code with sending the array trough network. it works fine,
and is no problem.
//For simplicitiy's sake, here i'll just simulate a new application that
uses values it got from the first application.
//SIMULATED NEW APPLICATION
//Create values that will be used in decryption process and that are passed
trough network
byte[] key1 = new byte[32];
byte[] IV1 = new byte[16];
byte[] encrypted1 = new byte[finalized.Length-48];
//read all values from the passed byte array and divid those correctly.
for (int i=0; i<32; i++)
{
key1=finalized;
}
for (int i=32; i<48; i++)
{
IV1[i-32]=finalized;
}
for (int i=48; i<finalized.Length; i++)
{
encrypted1[i-48]=finalized;
}
//now use values to get the result:
//Get a decryptor that uses the same key and IV as the encryptor.
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key1, IV1);
//Now decrypt the previously encrypted message using the decryptor
MemoryStream msDecrypt = new MemoryStream(encrypted1);
CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor,
CryptoStreamMode.Read);
fromEncrypt = new byte[encrypted1.Length];
//Read the data out of the crypto stream.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt);
//Display the original data and the decrypted data to see where the actual
problem is:
Console.WriteLine("Original string: {0}", original + "_");
Console.WriteLine("String I got to another application: {0}", roundtrip +
"_");
//Guess what! The result string has some dummy stuff at the end and it is
//just not the data I encoded. It is actually there, but I really don't want
//that sh*t at the end. I placed "_" sign just to see that there is a
problem with data I got.
}
}
}

 

[Jon Skeet [C# MVP]]

This is the problem: I do not get the output I need when encoding and
decoding data using rijndael alghoritm.
Look at the code and see what the problem is actually:

Please paste this code into your Visual Studio and compile it + run it; so
you can see what the actual problem is.

<snip>

The problem is that you're assuming the decrypted size will be the same
as the encrypted size - it's not. You're only actually reading 15 bytes
(and moreover, you're assuming they'll all be read in one go, which is
a bad idea) but passing the encoding a buffer 16 bytes long.

*Always* use the return value of Stream.Read.

 

[Tonci Jukic]

The problem is that you're assuming the decrypted size will be the same
as the encrypted size - it's not. You're only actually reading 15 bytes
(and moreover, you're assuming they'll all be read in one go, which is a
bad idea) but passing the encoding a buffer 16 bytes long.

*Always* use the return value of Stream.Read.

Well, the problem was not in network operations and data send. It was in
decrypted data.
The problem was I did always get n to 16 bytes filled with zeros.

So I've just swapped line:

roundtrip = textConverter.GetString(fromEncrypt);

with:

roundtrip =
textConverter.GetString(fromEncrypt).TrimEnd(Convert.ToChar(0));

That way I always get the original data I've encrypted.

Thanks btw.

I have another question:
When I'm sending this data trough network stream from client to server,
I always create byte type array big enough to accept possible data from
the client application.
Do I have to always create it big enough to support any possible data
size, or I can read everything in blocks and then merge it to a single
byte array for example.

This is how it is done by now:

client code:
(this is a connection thread code cut from the main code

try
{
this.hostName = this.textBox2.Text;
TcpClient client = new TcpClient(hostName, portNum);

NetworkStream ns = client.GetStream();

//size of response buffer
byte[] bytes = new byte[1024];

//using custom encryption class to encrypt given data
bit256_RijndaelEnCryptorC enkripted = new bit256_RijndaelEnCryptorC();

//encrypt string from the textbox
encrypted.EnCrypt(this.textBox1.Text);

//create data-to-be-sent buffer
byte[] byteTime = new byte[encrypted.ReleaseEnCrypted).Length];

//fill it
byteTime = encrypted.ReleaseEnCrypted();

//write it trough stream
ns.Write(byteTime, 0, byteTime.Length);

//receive a response
int bytesRead = ns.Read(bytes, 0, bytes.Length);

client.Close();

}

server code:

TcpClient client = listener.AcceptTcpClient();

NetworkStream ns = client.GetStream();

//buffer for incoming data
byte[] bytes = new byte[4096];

//read data from the ns
int bytesRead = ns.Read(bytes, 0, bytes.Length);

//input data in a work buffer
byte[] returned = new byte[bytesRead];

for (int u=0; u<bytesRead; u++)
{
returned=bytes;
}

//create data variables to be used in encryption process
byte[] key = new byte[32];
byte[] IV = new byte[16];
byte[] encrypted = new byte[returned.Length-48];

//strip usable data from the incoming stream
for (int i=0; i<32; i++)
{
key=returned;
}
for (int i=32; i<48; i++)
{
IV[i-32]=returned;
}
for (int i=48; i<returned.Length; i++)
{
encrypted[i-48]=returned;
}

//create a custom encryption (this time decryption) class
bit256_RijndaelEnCryptorC dekripted = new
bit256_RijndaelEnCryptorC(key,IV,encrypted);
encrypted.DeCrypt();

string result = encrypted.ReleaseDeCrypted();

byte[] byteTime = Encoding.ASCII.GetBytes("server performed
operations!");

try
{
ns.Write(byteTime, 0, byteTime.Length);
ns.Close();
}
client.Close();

 

[Jon Skeet [C# MVP]]

as the encrypted size - it's not. You're only actually reading 15 bytes
(and moreover, you're assuming they'll all be read in one go, which is a
bad idea) but passing the encoding a buffer 16 bytes long.

Well, the problem was not in network operations and data send. It was in
decrypted data.

I didn't say it *was* in the network operations.

The problem was I did always get n to 16 bytes filled with zeros.

That's because you ignored the fact that Read wasn't returning 16
bytes.

So I've just swapped line:

roundtrip = textConverter.GetString(fromEncrypt);

with:

roundtrip =
textConverter.GetString(fromEncrypt).TrimEnd(Convert.ToChar(0));

That way I always get the original data I've encrypted.

That's a bad way of doing things. Just use the return value of Read to
find out how much real data you've got, and use the form of GetString
that lets you specify how much to decode.

Thanks btw.

I have another question:
When I'm sending this data trough network stream from client to server,
I always create byte type array big enough to accept possible data from
the client application.
Do I have to always create it big enough to support any possible data
size, or I can read everything in blocks and then merge it to a single
byte array for example.

Yes. That's much more robust - relying on a single call to Read as you
are at the moment is a very bad idea.

See http://www.pobox.com/~skeet/csharp/readbinary.html

This is how it is done by now:

byte[] encrypted = new byte[returned.Length-48];

encrypted.DeCrypt();

That's not your actual code, is it? Byte arrays don't have a DeCrypt
method. Please always post your *actual* code.

 

[Tonci Jukic]

So I've just swapped line:

roundtrip = textConverter.GetString(fromEncrypt);

with:

roundtrip =
textConverter.GetString(fromEncrypt).TrimEnd(Convert.ToChar(0));

That way I always get the original data I've encrypted.

That's a bad way of doing things. Just use the return value of Read to

find out how much real data you've got, and use the form of GetString
that lets you specify how much to decode.

Well. I really don't know a way to know how long the string I send to
the server app can be. As you could see in the code, I send key, IV and
encrypted data in a byte array trough network stream. I really don't
know how to send the length of the string I encrypted to the server by
which the server would know how much to decrypt.
The only way I could think of was to trim encrypted byte array at the
very start before sending data trough network.

Yes. That's much more robust - relying on a single call to Read as you

are at the moment is a very bad idea.

How could I possible use multiple read calls? What would it give to me?

That's not your actual code, is it? Byte arrays don't have a DeCrypt

method. Please always post your *actual* code.

Well. We've got a slight problem here

I tried to cut\paste and edit my code here. I've translated variables
into english as I thought it would be easier for you to understand the
code.

Too bad attachments are not possible here, but here is almost the
complete code I've been using.

(I'm totally green in C# and .NET (although I've been using C++ till
now) so please don't laugh at my code. I woul appreciate any comments
and suggestions about it.)

http://www.dg.disorange.com/download/code.zip

 

[Jon Skeet [C# MVP]]

find out how much real data you've got, and use the form of GetString
that lets you specify how much to decode.

Well. I really don't know a way to know how long the string I send to
the server app can be. As you could see in the code, I send key, IV and
encrypted data in a byte array trough network stream. I really don't
know how to send the length of the string I encrypted to the server by
which the server would know how much to decrypt.
The only way I could think of was to trim encrypted byte array at the
very start before sending data trough network.

You don't need to trim anything. Just take note of how much decrypted
data you're actually receiving. From your original sample, all you've
got to change is:

csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt);

to

int bytesRead = csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt, 0, bytesRead);

(It doesn't deal with the situation where there's more data to read
than you expect, or a single call to Read doesn't return all the data.)

are at the moment is a very bad idea.

How could I possible use multiple read calls? What would it give to me?

It would mean that if you send more data than the decrypting code wants
to decrypt in one call, your code would still work.

method. Please always post your *actual* code.

Well. We've got a slight problem here

I tried to cut\paste and edit my code here. I've translated variables
into english as I thought it would be easier for you to understand the
code.

Too bad attachments are not possible here, but here is almost the
complete code I've been using.

(I'm totally green in C# and .NET (although I've been using C++ till
now) so please don't laugh at my code. I woul appreciate any comments
and suggestions about it.)

http://www.dg.disorange.com/download/code.zip

Ah. The problem is that you changed variable names half way through -
you wrote (in your previous message) encrypted.DeCrypt() instead of
dekripted.DeCrypt(). It's always worth trying to compile the code
you're about to post. It's also worth posting short and complete code -
see http://www.pobox.com/~skeet/csharp/complete.html