AES Decryption

I have an application that I’m integrating with a 3rd party, and they need to send some encrypted data. They suggested using AES so I went down this route.

However, it’s taken me a couple of days to work out how to decrypt a message encrypted in Visual Studio (VS) using the standard AES classes. As you might have gathered, I’m not an encryption expert.

First of all, there are 2 steps:

  1. You need to generate a “Key” and an “Initial Vector” (IV) to encrypt/decrypt a message using AES.
    a. You require a Password, a Salt (effective another password), a number of iterations (default=1000) and a hashing method (default is SHA1 for AES)
    b. You need to agree the Key and IV sizes. These are typically 32 and 16 bytes respectively

  2. You then need to encrypt/decrypt using a Cipher
    a. The default Cipher is “CBC”

In VS, you use a “Rfc2898DeriveBytes” class to generate the Key and IV, and a “RijndaelManaged” class to do the encryption. These are the standard AES classes (I believe).

In Xojo, you use the Xojo.Crypto.PBKDF2 method to generate the Key and IV
When calling the PBKDF2 method, you need to specify enough bytes for both the Key and the IV and then extract the values from the result
E.g. if the Key is 32 bytes and the IV is 16 bytes, then use 48 as the hashlength parameter
Key = the first 32 bytes of the result
IV = the next 16 bytes of the result

I then used Monkeybread’s CipherMBS class to do the decryption. I used the “aes_256_cbc” variant to match the encryption settings:
Dim c As CipherMBS = CipherMBS.aes_256_cbc
Call c.DecryptInit CKey, CIV
Dim output As String = c.ProcessString(EncryptedText) + c.FinalizeAsString

If anyone is interested, I have an example application

Hope this helps others!


You can also take a look at my M_Crypt project that implements AES along with Blowfish, Bcrypt, Scrypt, and hash digests. The harness project comes with examples within the unit tests, and the project has both GUI and console-based apps to encrypt/decrypt with various settings.