I'm looking at sending encrypted data between a Silverlight client and a native code (C++) server using WCF. I was looking at using the AesManaged class to encrypt data the client sends back to the server, but was wondering about the decryption. There is an assumption that if the AesManaged class is implemented against the AES specification it should be cross-compatible with any C++ AES library, but given experience with Microsoft's (and other vendors') "interpretations" of specifications previously I felt I should confirm it if possible.
I plan on building a prototype but I was hoping for an answer from someone who has experience in this area already. Using C++/CLI or C# for access to the AesManaged class isn't an option as I'm dealing with legacy code that I am adding functionality to.
All I can tell you is that it was good to ask; I cannot speak as to this specific interop, but I was trying to communicate with a piece of legacy software that used an older native implementation called AesLib, and I was trying to use AesCryptoServiceProvider. They wouldn't talk to each other, apparently because AesLib either uses a mode without an IV, or has a static or deterministic IV that I couldn't discover.
If you can get and reference the AES implementation that the native server is using, and implement an ICryptoServiceProvider-compatible wrapper around it, that would probably be the best guarantee that your message arrives intact (though this may cause its own problems). Otherwise, I would make sure I had all discoverable information about this implementation so I could configure AesManaged the same way. You'll need, at the very least, the key, IV, block size and mode.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With