0

I've been researching an issue I'm having while attempting to decrypt using the Rijndael C# libraries. I've tried several solutions that have been posted on here but none seem to work or apply.

The issue: I'm attempting to decrypt a HTTP Request that is sent from a piece of hardware. However, I'm not getting the HTTP request converted into the correct number of bytes that match my decryption methods( I Think this is the issue?).

Here is my code:

System.Text.Encoding enc = System.Text.Encoding.ASCII;
System.Text.Encoding req = System.Text.Encoding.ASCII;

if (curContext != null)
{
    string decrypted = "";
    int totalBytes = curContext.Request.TotalBytes;
    StreamReader sr = new StreamReader(curContext.Request.InputStream);
    string request = sr.ReadToEnd();

    if (!String.IsNullOrEmpty(request)) 
    {
        using (RijndaelManaged myRijndael = new RijndaelManaged())
        {
            myRijndael.Mode = CipherMode.ECB;
            myRijndael.Padding = PaddingMode.None;
            byte[] key = enc.GetBytes(WebConfigurationManager.AppSettings["32B"].ToString());
            myRijndael.KeySize = 256;
            myRijndael.Key = key;

            decrypted = DecryptStringFromBytes(req.GetBytes(request), myRijndael.Key);
        }
    }
}

And Decrypt method:

static string DecryptStringFromBytes(byte[] cipherText, byte[] Key)
{
    using (RijndaelManaged rijAlg = new RijndaelManaged())
    {
        rijAlg.Key = Key;
        rijAlg.Mode = CipherMode.ECB;
        rijAlg.Padding = PaddingMode.None;

        // Create a decrytor to perform the stream transform.
        ICryptoTransform decryptor = rijAlg.CreateDecryptor();

        // Create the streams used for decryption.
        using (MemoryStream msDecrypt = new MemoryStream(cipherText))
        {
            using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
            {
                using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                {
                    // Read the decrypted bytes from the decrypting stream
                    // and place them in a string.
                    plaintext = srDecrypt.ReadToEnd();
                }
            }
        }
    }
}

On the srDecrypt.ReadToEnd() I get the error message stated in title.

I'm rather new to this so I'm not sure where I'm going wrong. Any advice would be appreciated. Thanks~!

John H
  • 14,422
  • 4
  • 41
  • 74
Encryption
  • 1,809
  • 9
  • 37
  • 52
  • Why are you using two different `RijndaelManaged` objects? The one in your upper code appears to do nothing. – SwDevMan81 Mar 30 '12 at 15:55
  • There is other code that is used to encrypt a response and send back. That object is used there, but that part is working correctly and not necessary to add here. – Encryption Mar 30 '12 at 15:59
  • Seeing hows its encrypted will help make sure your decryption matches. – SwDevMan81 Mar 30 '12 at 16:03
  • What I am trying to decrypt is encrypted on a piece of hardware, and is not done by my code. I do however, have to encrypt and send an HTTP reponse back. Not the same process. – Encryption Mar 30 '12 at 16:05
  • Is the ASCII encoding used when you encrypt it when seding the HTTP response back? – SwDevMan81 Mar 30 '12 at 16:06

3 Answers3

0

"Stream to string to bytes" conversion sequence feels very wrong. Make sure you really need to do it instead of simply reading bytes from response.

Alexei Levenkov
  • 98,904
  • 14
  • 127
  • 179
  • You are passing `byte[]` to your DecryptStringFromBytes methods. It is unclear if you need `stream->string->byte[]` conversion. Note that it could be perfectly fine - just look wrong thing to do. – Alexei Levenkov Mar 30 '12 at 16:15
  • Are you saying just use enc.GetBytes(curContext.Request.Inputstream.ToString())? That wouldn't work.. – Encryption Mar 30 '12 at 16:20
  • I would expect reading bytes directly from stream, but I have no idea what you need to do in **your** case. As I've said your code for reading the data could be perfectly fine as is. – Alexei Levenkov Mar 30 '12 at 16:26
  • @Encryption - Have you tried converting the steam to a byte[] and convert the byte[] to a string? Seems strange that a StreamReader.ReadToEnd() would give you the error you claim it does. – Security Hound Mar 30 '12 at 18:51
  • @ramhound The issue was the use of the StreamReader setting the InputStream to string. Converting directly to byte gave me the correct number of bytes which is what I needed and stopped the error. – Encryption Mar 30 '12 at 20:59
0

Try this instead at the bottom of your Decrypt method:

int plainByteCount = int.MinValue;

// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(cipherText))
{
  using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
  {
    plainBytes = new byte[cipherText.Length];
    plainByteCount = cryptoStream.Read(plainBytes, 0, plainBytes.Length);
  }
}

string plainText = Encoding.UTF8.GetString(plainBytes, 0, plainByteCount);

return plainText;
JohnB
  • 18,046
  • 16
  • 98
  • 110
0

I think I might have found your problem. According to the constructor for StreamReader, the default encoding is UTF8Encoding. Trying using the other constructor overload and pass in the ASCII encoding:

StreamReader sr = new StreamReader(
   curContext.Request.InputStream, Encoding.ASCII);
string request = sr.ReadToEnd();
SwDevMan81
  • 48,814
  • 22
  • 151
  • 184