All geek questions in one place

Change AES Decryption Exception

I have an AES cryptographic wrapper and unit tests that have been working for over a year now. Now, after installing VS 2012 (or, possibly, updating for .net Framework 4), unit tests fail. The streamreader block threw a CryptographicException when I passed an unsuccessful pass, but did not throw an ArgumentNullException.

Code up. https://github.com/jnaus/Cryptography


Here is the unit test, which now does not work. (BadSaltTest has the same problem)

[TestMethod] [ExpectedException(typeof(CryptographicException), "Bad password was inappropriately allowed")] public void BadPasswordTest() { var cipherText = EncryptString(); var decryptedText = AESCryptography.DecryptStringAES (cipherText,"A bad password", salt); }

Test result: Test method CryptographyTest.AESTest.BadPasswordTest throws a System.ArgumentNullException exception, but a System.Security.Cryptography.CryptographicException is expected. Exception message: System.ArgumentNullException: value cannot be null. Parameter Name: inputBuffer

Decrypt the code.

 public static string DecryptStringAES(string cipherText, string password, byte[] salt) { RijndaelManaged aesAlg = null; string plaintext = null; try { // generate the key from the shared secret and the salt Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(password, salt); // Create a RijndaelManaged object // with the specified key and IV. aesAlg = new RijndaelManaged(); aesAlg.Key = key.GetBytes(aesAlg.KeySize/8); aesAlg.IV = key.GetBytes(aesAlg.BlockSize/8); // Create a decrytor to perform the stream transform. ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV); // Create the streams used for decryption. byte[] bytes = Convert.FromBase64String(cipherText); using (MemoryStream msDecrypt = new MemoryStream(bytes)) { using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) { //StreamReader now gives ArgumentNullException using (StreamReader srDecrypt = new StreamReader(csDecrypt)) { // Read the decrypted bytes from the decrypting stream // and place them in a string. plaintext = srDecrypt.ReadToEnd(); } } } } finally { // Clear the RijndaelManaged object. if (aesAlg != null) { aesAlg.Clear(); } } return plaintext; }
+4
source share
2 answers

After searching a little more, it really looks like an error that is flagged by Microsoft (see Microsoft Connect ). Personally, not a big fan of the proposed workaround, as it really is not necessary, but it will do at that time, I suppose.

+2
source

The code that you posted above worked for me (I had to write code to create an encrypted string for transmission). Compiled and launched in VS2012 using .Net Framework 4.

The encryption code I used was:

  private static string EncryptStringAES(string plainText, string password, byte[] salt) { RijndaelManaged aesAlg = null; string cypherText = null; try { // generate the key from the shared secret and the salt Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(password, salt); // Create a RijndaelManaged object // with the specified key and IV. aesAlg = new RijndaelManaged(); aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8); aesAlg.IV = key.GetBytes(aesAlg.BlockSize / 8); // Create an encryptor to perform the stream transform. ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV); // Create the streams used for encryption. byte[] bytes = new UTF8Encoding().GetBytes(plainText); using (MemoryStream msEncrypt = new MemoryStream()) { using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) { csEncrypt.Write(bytes, 0, bytes.Length); csEncrypt.FlushFinalBlock(); cypherText = Convert.ToBase64String(msEncrypt.ToArray()); } } } finally { // Clear the RijndaelManaged object. if (aesAlg != null) { aesAlg.Clear(); } } return cypherText; }

To invoke method calls, do the following:

  byte[] salt = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 }; string test = DecryptStringAES(EncryptStringAES("This is a test", "Test", salt), "Test", salt);

The resulting string (Test) contains "This is a test."

+1
source

Source: https://habr.com/ru/post/1435567/

More articles:


All Articles