Menu
Here is the example that I have run. It has the same Mode, Padding, BlockSize, KeySize. I am using the same init vector, key and data.
Using the RijndaelManaged produces an encrypted value of: 0x8d,0x81,0x27,0xc6,0x3c,0xe2,0x53,0x2f,0x35,0x78,0x90,0xc2,0x2e,0x3b,0x8a,0x61, 0x41,0x47,0xd6,0xd0,0xff,0x92,0x72,0x3d,0xc6,0x16,0x2b,0xd8,0xb5,0xd9,0x12,0x85
Using the AesCryptoServiceProvider produces an encrypted value of: 0x8d,0x9f,0x6e,0x99,0xe9,0x54,0x8b,0x12,0xa9,0x88,0x1a,0x3d,0x65,0x23,0x9c,0x4e, 0x18,0x5a,0x89,0x31,0xf5,0x75,0xc5,0x9e,0x0d,0x43,0xe9,0x86,0xd4,0xf3,0x64,0x3a
Here is the code I used to generate these results
public partial class AesTest { private SymmetricAlgorithm mEncryptionType; private byte[] mPrivateKey; private byte[] mInitializationVector; private byte[] mData; public AesTest() { mPrivateKey = new byte[32] { 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 }; mInitializationVector = new byte[16] { 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33 }; mData = new byte[16] { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 }; mEncryptionType = new RijndaelManaged(); mEncryptionType.Mode = CipherMode.CFB; mEncryptionType.Padding = PaddingMode.PKCS7; mEncryptionType.BlockSize = 128; mEncryptionType.KeySize = 256; byte[] rij_encrypted_data = Encrypt(mData); mEncryptionType = new AesCryptoServiceProvider(); mEncryptionType.Mode = CipherMode.CFB; mEncryptionType.Padding = PaddingMode.PKCS7; mEncryptionType.BlockSize = 128; mEncryptionType.KeySize = 256; byte[] aes_encrypted_data = Encrypt(mData); } public virtual byte[] Encrypt(byte[] unencryptedData) { return TransformData(unencryptedData, mEncryptionType.CreateEncryptor(mPrivateKey, mInitializationVector)); } private byte[] TransformData(byte[] dataToTransform, ICryptoTransform cryptoTransform) { byte[] result = new byte[0]; if (dataToTransform != null && cryptoTransform != null && dataToTransform.Length > 0) { // Create the memory stream to store the results MemoryStream mem_stream = new MemoryStream(); // Create the crypto stream to do the transformation CryptoStream crypto_stream = new CryptoStream(mem_stream, cryptoTransform, CryptoStreamMode.Write); // bytes are transformed on a write crypto_stream.Write(dataToTransform, 0, dataToTransform.Length); // Flush the final block crypto_stream.FlushFinalBlock(); // Convert the transformed memory stream back to a byte array result = mem_stream.ToArray(); // Close the streams mem_stream.Close(); crypto_stream.Close(); } return result; } } I guess I'm just wondering if I missed something.
Update: Turns out that AesManaged will throw a CryptographicException ("The specified cipher mode is not valid for this algorithm") if you try and set the CipherMode to CFB. I feel that the AesCryptoServiceProvider should do that same, but it doesnt. Seems funny that the FIPS Certified class allows invalid cipher modes.
998
The Advanced Encryption Standard (AES), also known by its original name Rijndael (Dutch pronunciation: [ˈrɛindaːl]), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
The Rijndael algorithm, in conjunction with safe configuration values (i.e. AES ), is very robust and secure. The only true measure of an encryption algorithm's security is its consistent and long-lived exposure to cryptanalysis and attempts to defeat it by many cryptographers.
Rijndael is a symmetric key encryption algorithm created by Joan Daemen and Vincent Rijmen. It is a block cipher, with variable block size, variable key length & variable round number. Block length and key length can be independently specified to any multiple of 32 bits from 128 bits to 256 bits.
Rijndael (pronounced rain-dahl) is an Advanced Encryption Standard (AES) algorithm. It replaced the older and weaker Data Encryption Standard (DES) when it was selected as the standard symmetric key encryption algorithm by the National Institute of Standards and Technology (NIST).
Response from Microsoft:
RijndaelManaged class and AesCryptoServiceProvider class are two different implementations. RijndaelManaged class is a kind of implementation of Rijndael algorithm in .net framework, which was not validated under NIST (National Institute of Standards and Technology) Cryptographic Module Validation Program (CMVP).
However, AesCryptoServiceProvider class calls the Windows Crypto API, which uses RSAENH.DLL, and has been validated by NIST in CMVP. Although Rijndael algorithm was the winner of the NIST competition to select the algorithm that would become AES, there are some differences between Rijndael and official AES. Therefore, RijndaelManaged class and AesCryptoServiceProvider class have subtle differences on implementation.
In addition, RijndaelManaged class cannot provide an equivalent implementation with AES. There is another class implemented in .net framework, AesManaged class. This class just wrapped RijndaelManaged class with a fixed block size and iteration count to achieve the AES standard. However, it does not support the feedback size, especially, when the mode is set as CFB or OFB, the CryptographicException will be thrown.
For more information, please refer to the following MSDN documents.
AesManaged Class and AesManaged.Mode Property
If you want to pick up standard AES as security algorithm in your application, we recommend using the AesCryptoServiceProvider class. If you want to mix the RijndaelManged class and AesCryptoServiceProvider class in your application, we suggest using CBC mode instead of CFB mode in your program, since the implementation of the CBC mode in both classes is the same.
107
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
