How to use Rijndael algorithm with 256 long block size in dotnet core 2.1

c# encryption .net-core rijndael .net-core-2.1
thirdDeveloper picture thirdDeveloper · Oct 8, 2018 · Viewed 7.5k times · Source

I'm trying to encrypt a string with RijndaelManaged in order to send it to a third-party service. I've implemented the procedure in older versions of .Net framework (4.5, 4.6.x) like below:

RijndaelManaged rm= new RijndaelManaged();
rm.KeySize = 256;
rm.BlockSize = 256;//causes exception in dotnet core 2.1
rm.Padding = PaddingMode.PKCS7;
rm.Key = Convert.FromBase64String(this.Key);
rm.IV = Convert.FromBase64String(this.IV);

var encrypt = rm.CreateEncryptor(rm.Key, rm.IV);

According to documentation, RijndaelManaged class can be used with BlockSize = 256. But, when the code is running in dotenet core 2.1, an exception thrown:

System.PlatformNotSupportedException: BlockSize must be 128 in this implementation. at System.Security.Cryptography.RijndaelManaged.set_BlockSize(Int32 value)

UPDATE

Thanks to @Access-Denied's response, according to this, I've noticed that it may be a mistake in dotnet core documentation and I can't use a 256 long BlockSize with RijndaelManaged class. As I mentioned, encrypted data is going to be sent to a third-party service. I have to use Rijndael with a 32 long IV. How can I handle that?

Answer

Access Denied picture Access Denied · Oct 8, 2018

The best documentation is a source code. According to their source code only 128 is supported:

public override int BlockSize
{
    get { return _impl.BlockSize; }
    set
    {
        Debug.Assert(BlockSizeValue == 128);

        //Values which were legal in desktop RijndaelManaged but not here in this wrapper type
        if (value == 192 || value == 256)
            throw new PlatformNotSupportedException(SR.Cryptography_Rijndael_BlockSize);

        // Any other invalid block size will get the normal "invalid block size" exception.
        if (value != 128)
            throw new CryptographicException(SR.Cryptography_Rijndael_BlockSize);
    }
}

Use BouncyCastle.NetCore. There is a code snippet available at the following link:

var keyBytes = password.GetBytes(Keysize / 8);
var engine = new RijndaelEngine(256);
var blockCipher = new CbcBlockCipher(engine);
var cipher = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
var keyParam = new KeyParameter(keyBytes);
var keyParamWithIV = new ParametersWithIV(keyParam, ivStringBytes, 0, 32);

cipher.Init(true, keyParamWithIV);
var comparisonBytes = new byte[cipher.GetOutputSize(cipherTextBytes.Length)];
var length = cipher.ProcessBytes(cipherTextBytes, comparisonBytes, 0);
cipher.DoFinal(comparisonBytes, length);

Related questions

Encrypt and decrypt a string in C#?

How can I encrypt and decrypt a string in C#?

Read More
Encrypting & Decrypting a String in C#

What is the most modern (best) way of satisfying the following in C#? string encryptedString = SomeStaticClass.Encrypt(sourceString); string decryptedString = SomeStaticClass.Decrypt(encryptedString); BUT with a minimum of fuss involving salts, keys, mucking about with byte[], etc. Been Googling and …

Read More
What is the easiest way to encrypt a password when I save it to the registry?

Currently I'm writing it in clear text oops!, it's an in house program so it's not that bad but I'd like to do it right. How should I go about encrypting this when writing to the registry and how do …

Read More