Search code examples
c#.net-coreaes

AES decrypt in chunks adds random bytes at the end

I have a very big csv file which is encrypted using AES. The code that does the encryption

using var aes = new AesCryptoServiceProvider();

aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.None;
aes.Key = key;
aes.IV = initializationVector;

using var memoryStream = new MemoryStream();

var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write);

cryptoStream.Write(data, 0, data.Length);

cryptoStream.Flush();

This is later saved into a file. On the decryption end, I'm trying to decrypt it in chunks, e.g.

using var sourceStream = File.OpenRead(path_to_encrypted_file);

using var aes = new AesCryptoServiceProvider();

aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.None;
aes.Key = key;
aes.IV = iv;

using (var fs = File.Create(path_to_decrypted_file))
using (var cryptoStream = new CryptoStream(fs, aes.CreateDecryptor(), CryptoStreamMode.Write)
{
    var dataBuffer = new byte[81290];
    int read;

    while ((read = await sourceStream.ReadAsync(dataBuffer)) != 0)
    {
        ReadOnlyMemory<byte> buffer = dataBuffer.AsMemory().Slice(0, read);
        await cryptoStream.WriteAsync(buffer);
        await cryptoStream.FlushAsync();
    }
}

File is decrypted, however, I see some random bytes and empty lines at the end of the file

enter image description here

Is there anything wrong with how I decrypt ?

Solution

  • There's a couple potential issues I'd investigate first, at least in the existing provided code. There may be more depending on how you're generating the initial data byte array, how you're generating your key, how you're writing the encrypted stream to disk, etc.

    1. You're using ECB and you almost certainly shouldn't. It isn't doing anything with your IV, either. Consider CBC or GCM depending on the application. https://stackoverflow.com/a/22958889/13374279

    2. You're not using a padding mode. Unless your data is exactly contained within the block size, there's a chance you're losing some data, which might be contributing to the gibberish at the end.

    3. You don't show the original encrypting stream disposal, you just show the Flush(). Depending on its disposal, it is likely not calling the CryptoStream's FlushFinalBlock() method, which is important. Given the lack of the padding mode, if you add this in, you'll likely suddenly see yourself with an exception here to alert you that The input data is not a complete block. due to #2 until you swap that out.