tags:

views:

96

answers:

1
+2  Q: 

.NET AES/Rijndael — inconsistent decryption when reusing decryptor

I've created a class for encrypting and decrypting using AES.

public class AesEncryptionProvider {
    #region Fields

    // Encryption key
    private static readonly byte[] s_key = new byte[32] {
        // Omitted...
    };

    // Initialization vector
    private static readonly byte[] s_iv = new byte[16] {
        // Omitted...
    };

    private AesCryptoServiceProvider m_provider;
    private ICryptoTransform m_encryptor;
    private ICryptoTransform m_decryptor;

    #endregion

    #region Constructors

    private AesEncryptionProvider () {
        m_provider = new AesCryptoServiceProvider();
        m_encryptor = m_provider.CreateEncryptor(s_key, s_iv);
        m_decryptor = m_provider.CreateDecryptor(s_key, s_iv);
    }

    static AesEncryptionProvider () {
        Instance = new AesEncryptionProvider();
    }

    #endregion

    #region Properties

    public static AesEncryptionProvider Instance { get; private set; }

    #endregion

    #region Methods

    public string Encrypt (string value) {
        if (string.IsNullOrEmpty(value)) {
            throw new ArgumentException("Value required.");
        }

        return Convert.ToBase64String(
            Transform(
                Encoding.UTF8.GetBytes(value),
                m_encryptor));
    }

    public string Decrypt (string value) {
        if (string.IsNullOrEmpty(value)) {
            throw new ArgumentException("Value required.");
        }

        return Encoding.UTF8.GetString(
            Transform(
                Convert.FromBase64String(value),
                m_decryptor));
    }

    #endregion

    #region Private methods

    private byte[] Transform (byte[] input, ICryptoTransform transform) {
        byte[] output;
        using (MemoryStream memory = new MemoryStream()) {
            using (CryptoStream crypto = new CryptoStream(
                memory,
                transform,
                CryptoStreamMode.Write
            )) {
                crypto.Write(input, 0, input.Length);
                crypto.FlushFinalBlock();

                output = memory.ToArray();
            }
        }
        return output;
    }

    #endregion
}

As you can see, in both cases I'm writing to a MemoryStream via a CryptoStream. If I create a new decryptor via m_provider.CreateDecyptor(s_key, s_iv) on every call to Decrypt it works just fine.

What has gone wrong here? Why is the decryptor behaving as if its forgotten the IV? Is there something that the call to StreamReader.ReadToEnd() is doing that helps m_decryptor function correctly?

I would like to avoid either of the two "working" approaches I listed here as there is a performance hit on both and this is a very critical path. Thanks in advance.

+1  A: 

Ok, I admit I have no idea why this works, but change AesCryptoServiceProvider to AesManaged and voila.

I also recommend making your class implement IDisposable as it contains three member variables which implement it. See below for code changes:

public class AesEncryptionProvider : IDisposable
{
    #region Fields

    // Encryption key
    private static readonly byte[] s_key = new byte[32] {
        // Omitted...
    };

    // Initialization vector
    private static readonly byte[] s_iv = new byte[16] {
        // Omitted...
    };

    private readonly AesManaged m_provider;
    private readonly ICryptoTransform m_encryptor;
    private readonly ICryptoTransform m_decryptor;

    #endregion

    #region Constructors

    private AesEncryptionProvider()
    {
        m_provider = new AesManaged();
        m_encryptor = m_provider.CreateEncryptor(s_key, s_iv);
        m_decryptor = m_provider.CreateDecryptor(s_key, s_iv);
    }

    public void Dispose()
    {
        m_decryptor.Dispose();
        m_encryptor.Dispose();
        m_provider.Dispose();
        GC.SuppressFinalize(this);
    }

    static AesEncryptionProvider()
    {
        Instance = new AesEncryptionProvider();
    }

    #endregion

    #region Properties

    public static AesEncryptionProvider Instance { get; private set; }

    #endregion

    #region Methods

    public string Encrypt(string value)
    {
        if (string.IsNullOrEmpty(value))
        {
            throw new ArgumentException("Value required.");
        }

        return Convert.ToBase64String(
            Transform(
                Encoding.UTF8.GetBytes(value),
                m_encryptor));
    }

    public string Decrypt(string value)
    {
        if (string.IsNullOrEmpty(value))
        {
            throw new ArgumentException("Value required.");
        }

        return Encoding.UTF8.GetString(
            Transform(
                Convert.FromBase64String(value),
                m_decryptor));
    }

    #endregion

    #region Private methods

    private byte[] Transform(byte[] input, ICryptoTransform transform)
    {
        byte[] output;
        using (MemoryStream memory = new MemoryStream())
        {
            using (CryptoStream crypto = new CryptoStream(
                memory,
                transform,
                CryptoStreamMode.Write
            ))
            {
                crypto.Write(input, 0, input.Length);
                crypto.FlushFinalBlock();

                output = memory.ToArray();
            }
        }
        return output;
    }

    #endregion
}
Jesse C. Slicer  2010-07-29 22:31:09
I was just about to come post the same thing! It works with either RijndaelManaged, as you have said, or AesManaged. I found some info about the differences between the three (http://stackoverflow.com/questions/1228451/when-would-i-choose-aescryptoserviceprovider-over-aesmanaged-or-rijndaelmanaged), and am choosing AesManaged. Quite a mystery, but at least it's working! Thanks!
iamtyler  2010-07-29 22:58:10

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?