C# Rijndael encryption. When decrypting I get junk data in the firstblock

  • Thread starter Thread starter Fritjolf
  • Start date Start date
F

Fritjolf

Hi.

I've got a strange problem...

I've made a simple program to test encryption/decryption.
I use Rijndael encryption and here are the most important properties.

RijndaelManaged cipher = new RijndaelManaged();
cipher.KeySize = 256;
cipher.BlockSize = 256;
cipher.Padding = PaddingMode.ISO10126;
cipher.Mode = CipherMode.CBC;

I read the source from a file.

I have one constructor of my cipherwrapper class that takes no
parameters and generates a key with GenerateKey function of the
RijndaelManaged class. And one that takes a key as a parameter.

I create the class, and init the properties values. I choose a 32
bytes (256bits) key and run my application. If I encrypt and decrypt
in the same program execution all is good. (Reading input file,
decrypting it and writing it back. Then decrypting the decrypted file
and writing it to file again).

BUT if I first encrypt in one program execution and then run the
program again to decrypt the first block (32 bytes) is junk... I also
(sometimes) get the error message that the padding is invalid and
cannot be removed.

The second strange thing is that when I manage to decrypt it with the
first block corrupted it manages to decrypt the rest of the file...

Has anyone had problems with this?
I most certainly can't be dependent of encrypting and decrypting in
the same program execution. I must encrypt a file, send it to a
customer where the customer must decrypt it again with the same key...

Can anyone help PLEASE...

Thanx,
Fritjolf
 
Hi.

I've got a strange problem...

I've made a simple program to test encryption/decryption.
I use Rijndael encryption and here are the most important properties.

RijndaelManaged cipher = new RijndaelManaged();
cipher.KeySize = 256;
cipher.BlockSize = 256;
cipher.Padding = PaddingMode.ISO10126;
cipher.Mode = CipherMode.CBC;

I read the source from a file.

I have one constructor of my cipherwrapper class that takes no
parameters and generates a key with GenerateKey function of the
RijndaelManaged class. And one that takes a key as a parameter.

I create the class, and init the properties values. I choose a 32
bytes (256bits) key and run my application. If I encrypt and decrypt
in the same program execution all is good. (Reading input file,
decrypting it and writing it back. Then decrypting the decrypted file
and writing it to file again).

BUT if I first encrypt in one program execution and then run the
program again to decrypt the first block (32 bytes) is junk... I also
(sometimes) get the error message that the padding is invalid and
cannot be removed.

The second strange thing is that when I manage to decrypt it with the
first block corrupted it manages to decrypt the rest of the file...

Has anyone had problems with this?
I most certainly can't be dependent of encrypting and decrypting in
the same program execution. I must encrypt a file, send it to a
customer where the customer must decrypt it again with the same key...

Can anyone help PLEASE...

Thanx,
Fritjolf
You are using CBC mode
(http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation), which
requires an Initialisation Vector (IV). You do not appear to be
setting an IV in your code so I suspect that the system is setting up
a random IV for you. Hence the IV is the same when you use the same
run of the program and different if you use different runs.

CBC mode can recover from corrupted blocks, just losing the block
where the corruption occurs. By using a different IV for encryption
and decryption you are effectively corrupting the first block of the
message. This explains why the rest of your message decrypts
correctly after the garbled first block.

You need to either explicitly set the same IV for both encryption and
decryption, or you can use the default IV for encryption and copy it
to wherever you want decryption to run. There is no need to keep the
IV secret.

rossum
 
Hi and thank you very much for your quick response.

No, I didn't set the IV.
Why? I see that the IC must (can) be generated in the encryption
procedure and then that IV must be passed to the decryption procedure.
Then another problem is raised. In addition to sending the encryption
key to a customer, must I also send the IV ???

Another input is that if I have a file smaller than the blocksize
(lets say the file is 6 bytes), I get an error message trying to
decrypt the message telling me that "Padding is invalid and cannot be
removed". I can't understand why...

I will try and set the IV and see what happens...

Thanx,
Fritjolf
 
Marc and Rossum, thank you!

Now it all works like a charm. IV is configured and used - the IV is
made public in a bin file.
And I also tried with another Mode. It then worked without IV.
Also thanx for the explanation about the first corrupted block.

Thanx,
Fritjolf.
 
Back
Top