We were unable to load Disqus. If you are a moderator please see our troubleshooting guide.

Joe de Leon • 4 years ago

Got an error. do i forgot some references?

https://uploads.disquscdn.c...

Tyler Feldkamp • 3 years ago

For those not running .Net Core and still using .Net Framework this would replace the 8 .AsSpan lines (technically 4):
byte[] authKeySalt = new byte[PasswordSaltByteSize];
Array.Copy(encryptedData, 0, authKeySalt, 0, PasswordSaltByteSize);
byte[] keySalt = new byte[PasswordSaltByteSize];
Array.Copy(encryptedData, PasswordSaltByteSize, keySalt, 0, PasswordSaltByteSize);
byte[] iv = new byte[AesBlockByteSize];
Array.Copy(encryptedData, 2 * PasswordSaltByteSize, iv, 0, AesBlockByteSize);
byte[] signatureTag = new byte[SignatureByteSize];
Array.Copy(encryptedData, encryptedData.Length - SignatureByteSize, signatureTag, 0, SignatureByteSize);

I also made the following changes below so that I could store BASE64 in my database:
.........
public static string EncryptString(string toEncrypt, string password)
.........
signatureTag.CopyTo(result, payloadToSignLength);
}

return Convert.ToBase64String(result);
}

public static string DecryptToString(string encryptedString, string password)
{
byte[] encryptedData = Convert.FromBase64String(encryptedString);
 if (encryptedData is null
.........

Nikolai Orekhov • 12 months ago

Is there a reason you generate and save IV additionally while you can just derive it from the password? In your intermediate example it was clear why you needed IV - for extra randomness. But in the end you use PDBKF2 with a nonce anyway so why to save IV instead of generate? Overall why not to make IV just zero?

Nikolai Orekhov • 1 year ago

PasswordIterationCount is minimum 600000 now according to OWASP

Nikita Mokhnachev • 3 years ago

You also can use the static method RandomNumberGenerator.GetBytes(count) to generate a random byte array without .Create() an RNG instance.

32xolf • 4 years ago

Hi, I tried to decrypt this using an online tool but cannot decrypt it because it will ask for the key.
How can I used this and can be decrypt on the other platform like mobile app.

Deon • 5 years ago

Hey Tom, how could I change this to have a key length of 256 bits(256/8), when I try and change the values I get invalid key size errors?

hapid pradipta • 5 years ago

Hi tom, is it possible to customize the results of the encryption text using this aes algorithm.
I have an encryption case how to do a conversion from string to digit string as an example

plaintext: "KSJJ12BK1J2B4KJBSFDJB"
chipertext: "001238912389"

i want the ciphertext to be a string only digit string
please reply as soon as possible

Tom Rucki • 5 years ago

Hi Hapid, this depends on your context. You could just use the byte values, but that will be a long string. If security is not a priority, you could solve it by some mapping.