From ee87e94da0d2957f76e6eebb1958d0d0bc7fe5b7 Mon Sep 17 00:00:00 2001 From: h5p9sl Date: Thu, 29 Nov 2018 16:21:45 -0700 Subject: [PATCH] Use RijindaelManaged.GenerateIV method instead of manually generating random IV --- Crypto Notepad/AES.cs | 7 ++++--- Crypto Notepad/Form1.cs | 16 ++-------------- 2 files changed, 6 insertions(+), 17 deletions(-) diff --git a/Crypto Notepad/AES.cs b/Crypto Notepad/AES.cs index b9e191a..0e75dc2 100644 --- a/Crypto Notepad/AES.cs +++ b/Crypto Notepad/AES.cs @@ -87,7 +87,7 @@ public void GetMetadata(byte[] rawData) class AES { - public static string Encrypt(string plainText, string password, byte[] initialVectorBytes, + public static string Encrypt(string plainText, string password, string salt = "Kosher", string hashAlgorithm = "SHA1", int passwordIterations = 2, int keySize = 256) { @@ -103,19 +103,20 @@ public static string Encrypt(string plainText, string password, byte[] initialVe byte[] keyBytes = derivedPassword.GetBytes(keySize / 8); RijndaelManaged symmetricKey = new RijndaelManaged(); symmetricKey.Mode = CipherMode.CBC; + symmetricKey.GenerateIV(); byte[] cipherTextBytes = null; using (MemoryStream memStream = new MemoryStream()) { byte[] nullByte = { 0 }; - memStream.Write(initialVectorBytes, 0, initialVectorBytes.Length); + memStream.Write(symmetricKey.IV, 0, symmetricKey.IV.Length); memStream.Write(nullByte, 0, 1); memStream.Write(saltValueBytes, 0, saltValueBytes.Length); memStream.Write(nullByte, 0, 1); using (ICryptoTransform encryptor = symmetricKey.CreateEncryptor - (keyBytes, initialVectorBytes)) + (keyBytes, symmetricKey.IV)) { using (CryptoStream cryptoStream = new CryptoStream (memStream, encryptor, CryptoStreamMode.Write)) diff --git a/Crypto Notepad/Form1.cs b/Crypto Notepad/Form1.cs index 00cd740..d6eb868 100644 --- a/Crypto Notepad/Form1.cs +++ b/Crypto Notepad/Form1.cs @@ -234,14 +234,8 @@ private void saveAsToolStripMenuItem_Click(object sender, EventArgs e) filename = SaveFile.FileName; - // Generate random initialization vector - RandomNumberGenerator RandNumGen = RNGCryptoServiceProvider.Create(); - byte[] RandInitVector = new byte[16]; - RandNumGen.GetNonZeroBytes(RandInitVector); - string noenc = customRTB.Text; - string en = AES.Encrypt(customRTB.Text, publicVar.encryptionKey, RandInitVector, ps.TheSalt, ps.HashAlgorithm, ps.PasswordIterations, ps.KeySize); - RandNumGen.Dispose(); + string en = AES.Encrypt(customRTB.Text, publicVar.encryptionKey, ps.TheSalt, ps.HashAlgorithm, ps.PasswordIterations, ps.KeySize); customRTB.Text = en; StreamWriter sw = new StreamWriter(filename); @@ -381,14 +375,8 @@ private void saveToolStripMenuItem1_Click_1(object sender, EventArgs e) publicVar.okPressed = false; } - // Generate random initialization vector - RandomNumberGenerator RandNumGen = RNGCryptoServiceProvider.Create(); - byte[] RandInitVector = new byte[16]; - RandNumGen.GetNonZeroBytes(RandInitVector); - string noenc = customRTB.Text; - string en = AES.Encrypt(customRTB.Text, publicVar.encryptionKey, RandInitVector, ps.TheSalt, ps.HashAlgorithm, ps.PasswordIterations, ps.KeySize); - RandNumGen.Dispose(); + string en = AES.Encrypt(customRTB.Text, publicVar.encryptionKey, ps.TheSalt, ps.HashAlgorithm, ps.PasswordIterations, ps.KeySize); customRTB.Text = en; StreamWriter sw = new StreamWriter(filename);