C#•3y ago

❔ Encoding Confusion and string variables

Hello! I am trying to encrypt a string, send it between two clients, and then decrypt the string. Which sounds simple enough but where I've hit a snag is in string encodings, or so I believe.
I am using the following code to encrypt and decrypt my string (userPassWord)

 public byte[] Encrypt(string userPassWord, string passphrase)
    {
        using Aes aes = Aes.Create();
        aes.Key = DeriveKeyFromPassword(passphrase);
        aes.IV = IV;
        using MemoryStream output = new();
        using CryptoStream cryptoStream = new(output, aes.CreateEncryptor(), CryptoStreamMode.Write);
        cryptoStream.Write(Encoding.Unicode.GetBytes(userPassWord));
        cryptoStream.FlushFinalBlock();
        return output.ToArray();
    }


    public string Decrypt(byte[] encrypted, string passphrase)
    {
        using Aes aes = Aes.Create();
        aes.Key = DeriveKeyFromPassword(passphrase);
        aes.IV = IV;
        using MemoryStream input = new(encrypted);
        using CryptoStream cryptoStream = new(input, aes.CreateDecryptor(), CryptoStreamMode.Read);
        using MemoryStream output = new();
        cryptoStream.CopyTo(output);
        return Encoding.Unicode.GetString(output.ToArray());
    }

 public byte[] Encrypt(string userPassWord, string passphrase)
    {
        using Aes aes = Aes.Create();
        aes.Key = DeriveKeyFromPassword(passphrase);
        aes.IV = IV;
        using MemoryStream output = new();
        using CryptoStream cryptoStream = new(output, aes.CreateEncryptor(), CryptoStreamMode.Write);
        cryptoStream.Write(Encoding.Unicode.GetBytes(userPassWord));
        cryptoStream.FlushFinalBlock();
        return output.ToArray();
    }


    public string Decrypt(byte[] encrypted, string passphrase)
    {
        using Aes aes = Aes.Create();
        aes.Key = DeriveKeyFromPassword(passphrase);
        aes.IV = IV;
        using MemoryStream input = new(encrypted);
        using CryptoStream cryptoStream = new(input, aes.CreateDecryptor(), CryptoStreamMode.Read);
        using MemoryStream output = new();
        cryptoStream.CopyTo(output);
        return Encoding.Unicode.GetString(output.ToArray());
    }

This works if I run it in isolation and just pass the result from one into the other. However! Where I am hitting a snag is that I cannot send the encrypted string as a byte[] but I need to send it as a string instead. However whenever I convert that byte array to a string and then back, it ends up either being an incorrect blocksize or decoding incorrectly. Do any of you know how to do this? Thanks a ton!

YsehporpOP•3/17/23, 12:45 PM

I solved this but I'll leave this here undeleted in case anyone else ever searches for something similar. Essentially the problem is that Encoding.GetString doesn't preserve the original bytes perfectly if they contain non-ascii characters. In my case they do. Convert.ToBase64String and Convert.FromBase64String do preserve the original bytes

ero•3/17/23, 12:45 PM

i hope these aren't security critical passwords

ero•3/17/23, 12:45 PM

because encryption is NEVER an option for passwords

YsehporpOP•3/17/23, 12:47 PM

They aren't. It's just something passed between two users to identify each other. Their actual account passwords are stored properly hashed and salted, but for reasons they need to be able to pass a string to eachother which is encrypted like this

Accord•3/18/23, 12:56 PM

Was this issue resolved? If so, run

/close

/close

otherwise I will mark this as stale and this post will be archived until there is new activity.