Rijndael decryption in C#

Assaf picture Assaf · Jul 22, 2010 · Viewed 12.5k times · Source

I need to decrypt a string using Rijndael and those values:

key size - 192

block size - 128

key - cmdAj45F37I5ud2134FDg2fF

When I'm using the code below I get an error : string size illigle, can anyone help me?

public static string DecryptRijndael(string value, string encryptionKey)
    {

            var key = Encoding.UTF8.GetBytes(encryptionKey); //must be 16 chars 
            var rijndael = new RijndaelManaged
            {
                BlockSize = 128,
                IV = key,
                KeySize = 192,
                Key = key
            };

            var buffer = Convert.FromBase64String(value);
            var transform = rijndael.CreateDecryptor();
            string decrypted;
            using (var ms = new MemoryStream())
            {
                using (var cs = new CryptoStream(ms, transform, CryptoStreamMode.Write))
                {
                    cs.Write(buffer, 0, buffer.Length);
                    cs.FlushFinalBlock();
                    decrypted = Encoding.UTF8.GetString(ms.ToArray());
                    cs.Close();
                }
                ms.Close();
            }

            return decrypted;

    }

Answer

Henk Holterman picture Henk Holterman · Jul 22, 2010

One (big) problem is in using UTF8.GetBytes() to get the byte[] from string. It is hard to control the number of bytes and it is not very safe.

Use Rfc2898DeriveBytes.GetBytes() instead. And then you can specify the desired length.

But of course you have to do that while encrypting as well.
And I agrre with Luke's remarks about the IV