I am rather new to how encryption works, however, I have been asked to encrypt and decrypt a value using Blowfish CBC encryption. Now I've spent quite some time on this and I thought I had it correct until they sent me the IV they wish me to use which left me very confused. I was under the impression that the IV had to be a hexadecimal value, however, they sent me an IV that looks along the lines of: cl5PxDOt.
The code I have managed to produce looks like this:
function Run()
{
var key = "enter your key";
var value = "Enter your test value";
var iv = StringToByteArray("enter your 16 char hex value");
var encryptedValue = CbcBlowfishEncrypt(value, key, iv);
var decryptedValue = CbcBlowfishDecrypt(encryptedValue, key, iv);
}
private string CbcBlowfishEncrypt(string strValue, string key, byte[] iv)
{
byte[] inputBytes = Encoding.UTF8.GetBytes(strValue);
BlowfishEngine engine = new BlowfishEngine();
CbcBlockCipher blockCipher = new CbcBlockCipher(engine);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher);
KeyParameter keyParam = new KeyParameter(Convert.FromBase64String(key));
ParametersWithIV keyParamWithIV = new ParametersWithIV(keyParam, iv, 0, 8);
cipher.Init(true, keyParamWithIV);
byte[] outputBytes = new byte[cipher.GetOutputSize(inputBytes.Length)];
int length = cipher.ProcessBytes(inputBytes, outputBytes, 0);
cipher.DoFinal(outputBytes, length); //Do the final block
var c = BitConverter.ToString(outputBytes);
string encryptedInput = Convert.ToBase64String(outputBytes);
var result = BitConverter.ToString(outputBytes).Replace("-", "");
return result;
}
private string CbcBlowfishDecrypt(string strValue, string key, byte[] iv)
{
BlowfishEngine engine = new BlowfishEngine();
CbcBlockCipher blockCipher = new CbcBlockCipher(engine);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher);
KeyParameter keyParam = new KeyParameter(Convert.FromBase64String(key));
ParametersWithIV keyParamWithIV = new ParametersWithIV(keyParam, iv, 0, 8);
cipher.Init(false, keyParamWithIV);
byte[] out1 = Hex.Decode(strValue);
byte[] out2 = new byte[cipher.GetOutputSize(out1.Length)];
int len2 = cipher.ProcessBytes(out1, 0, out1.Length, out2, 0);
cipher.DoFinal(out2, len2);
return Encoding.UTF8.GetString(out2);
}
public static byte[] StringToByteArray(string hex)
{
return Enumerable.Range(0, hex.Length)
.Where(x => x % 2 == 0)
.Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
.ToArray();
}
I am hoping somebody can tell me how to modify the code above to work with the sample iv of: cl5PxDOt.
Edit: Here is what I tried, but I get pad block corrupted every time:
var newIv = "cl5PxDOt";
var newByteIv = newIv.ToArray().Select(Convert.ToByte).ToArray();
var newDecryptedValue = CbcBlowfishDecrypt(ospToken, key, newByteIv);
//var newDecryptedValue = Encoding.UTF8.GetBytes(newIv) -- Also tried this, but same result.
at Org.BouncyCastle.Crypto.Paddings.Pkcs7Padding.PadCount(Byte[] input)
at Org.BouncyCastle.Crypto.Paddings.PaddedBufferedBlockCipher.DoFinal(Byte[] output, Int32 outOff)
The ciphertext can be decrypted if the key is not Base64 decoded but UTF-8 encoded, i.e. in CbcBlowfishDecrypt() (and in CbcBlowfishEncrypt()) the line
KeyParameter keyParam = new KeyParameter(Convert.FromBase64String(key));
is to be replaced by
KeyParameter keyParam = new KeyParameter(Encoding.UTF8.GetBytes(key));
The UTF-8 encoded key has a length of 448 bits, and is thus a valid key (Blowfish is defined for key lengths between 32 and 448 bits).
The IV can be UTF-8 encoded in an analog way instead of the current implementation.