Crypto Algorithm Question - Encrypt in .NET and Decrypt in Java - Gives Pad Block Corrupted error with AES Algori

I have to decrypt an image in java which is encrypted in .NET using Rijndael Algorithm. I am using AES algorithm to decrypt on java.

Encryption code in .NET:

public void EncryptFile(string inFile, string outFile, string password)
{
using (FileStream fin = File.OpenRead(inFile),
fout = File.OpenWrite(outFile))
{
long lSize = fin.Length;
int size = (int)lSize;
byte[] bytes = new byte[BUFFER_SIZE];
int read = -1;

byte[] IV = new byte[16];
byte[] salt = new byte[16];

// create the crypting object
SymmetricAlgorithm sma = CreateRijndael(password, salt);
sma.IV = IV;

// write the IV and salt to the beginning of the file
fout.Write(IV, 0, IV.Length);
fout.Write(salt, 0, salt.Length);

// create the hashing and crypto streams
HashAlgorithm hasher = SHA256.Create();
using (CryptoStream cout = new CryptoStream(fout, sma.CreateEncryptor(), CryptoStreamMode.Write),
chash = new CryptoStream(Stream.Null, hasher, CryptoStreamMode.Write))
{
// write the size of the file to the output file
BinaryWriter bw = new BinaryWriter(cout);
bw.Write(lSize);

// write the file cryptor tag to the file
bw.Write(FC_TAG);

// read and the write the bytes to the crypto stream in BUFFER_SIZEd chunks
while ((read = fin.Read(bytes, 0, bytes.Length)) != 0)
{
cout.Write(bytes, 0, read);
chash.Write(bytes, 0, read);
//value += read;
}
chash.Flush();
chash.Close();

// read the hash
byte[] hash = hasher.Hash;

// write the hash to the end of the file
cout.Write(hash, 0, hash.Length);

cout.Flush();
cout.Close();
}
}
}

// Creates a Rijndael SymmetricAlgorithm for use in EncryptFile and DecryptFile
private SymmetricAlgorithm CreateRijndael(string password, byte[] salt)
{
PasswordDeriveBytes pdb = new PasswordDeriveBytes(password, salt, "SHA256", 1000);

SymmetricAlgorithm sma = Rijndael.Create();
sma.KeySize = 128;
sma.Padding = PaddingMode.PKCS7;
return sma;
}


Decryption Code on JAVA:


public static void decryptImageUsingRijndaelAlgorithm(){
try{
byte[] iv = new byte[]
{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};

AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
//Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] salt = new byte[16];
PBEKeySpec password = new PBEKeySpec("Bbbbb1234".toCharArray(), salt, 1000, 128);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
PBEKey pkey = (PBEKey) factory.generateSecret(password);
SecretKey key = new SecretKeySpec(pkey.getEncoded(), "AES");

Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
//Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE");
System.out.println("Cipher provider: " + cipher.getProvider());

//AES Decryption
//File encryptedImage = new File("c:/EncryptDecrypt/EncryptDecrypt/encryptedImageNET.jpg");
File encryptedImage = new File("c:/EncryptDecrypt/encryptedImageNET.jpg");
byte[] encryptedImageBytes = new byte[(int)encryptedImage.length()];
DataInputStream dis = new DataInputStream(new FileInputStream(encryptedImage));
dis.readFully(encryptedImageBytes);
//cipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decrypted = cipher.doFinal(encryptedImageBytes);
//FileOutputStream desrOut = new FileOutputStream("c:/EncryptDecrypt/EncryptDecrypt/AESDecryptedJAVA.jpg");
FileOutputStream desrOut = new FileOutputStream("c:/EncryptDecrypt/decryptedImageJAVA.jpg");
desrOut.write(decrypted);
dis.close();
desrOut.close();
}
catch(Exception e){
e.printStackTrace();
}
}



When its decrypting, the cipher.doFinal(encryptedImageBytes) is giving the following exception

javax.crypto.BadPaddingException: pad block corrupted
at org.bouncycastle.jce.provider.JCEBlockCipher.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(DashoA12275)

I also tried with PKCS5 and PKCS7 padding. And also used BouncyCastleProvide and SunJCE provider.

Any help will be appreciated.

Thanks.

Does it properly decrypt on Winders with its built in .NET support?

Try to encipher a small block of known plaintext on Windows, verify that you can decipher it on Windows, then try with your Java code.

Also try enciphering the small block with your Java code, and make sure you get bit perfect answers when you decipher.

The encryption and decryption together works well on .NET and as well as Java. I mean I am able to decrypt the image in .NET which is encrypted in .NET and also decrypt the image in Java which is encrypted in Java. But the problem occurs when I am trying to decrypt the image on Java which is encrypted on .NET. The cross encryption and decryption are not working.

Check the Block size used for both.

Rijndael by default uses a 256-bit block.

AES standard specifies a 128-bit block.

Set Rijndael to use a 128-bit block, or use the AES managed crypto provider in .NET.

Ensure the padding scheme used is the same between both implementations, as well as the cipher mode (e.g. CFB or CBC). CBC is standard, but must be defined in the set up in .NET otherwise it defaults to ECB IIRC.

Best regards,
AstroTux.