未知 的大頭貼 HK KNVB 4:15 pm on October 31, 2019  

How to do data encryption and decryption using AES/CTR/NoPadding algorithm with C# and BouncyCastle crypto library?

It is because I need to write a C# program to communicate with the Java server, so I wrote the following program.

First, the Java Server program generates the AES key.

The Java Server Program source code as below:

public class MessageCoder 
{
   //private static int AES_KEY_SIZE = 256 ;
    private static int AES_KEY_SIZE = 128 ;
    private static int IV_SIZE = 16 ;
    
    public String ivText,key;
    private Cipher cipher,decipher;
    public MessageCoder()throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, UnsupportedEncodingException
    {
		KeyGenerator keygen = KeyGenerator.getInstance("AES") ; // Specifying algorithm key will be used for 
		keygen.init(AES_KEY_SIZE) ; // Specifying Key size to be used, Note: This would need JCE Unlimited Strength to be installed explicitly 
		SecretKey aesKey = keygen.generateKey();

		// Generating IV
		byte iv[] = new byte[IV_SIZE];
         
        SecureRandom secRandom = new SecureRandom() ;
        secRandom.nextBytes(iv);
      		
		cipher = Cipher.getInstance("AES/CTR/NoPadding");
		decipher = Cipher.getInstance("AES/CTR/NoPadding");
		  
		cipher.init(Cipher.ENCRYPT_MODE, aesKey,new IvParameterSpec(iv));
		decipher.init(Cipher.DECRYPT_MODE, aesKey,new IvParameterSpec(iv));
		ivText=Base64.getEncoder().encodeToString(iv);
		key=Base64.getEncoder().encodeToString(aesKey.getEncoded());		
    }
    public String encode(String message) throws IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException
    {
    	byte[] cipherTextInByteArr = cipher.doFinal(message.getBytes("UTF-8"));
    	return Base64.getEncoder().encodeToString(cipherTextInByteArr);
    }
    public String decode(String encodedText) throws IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException
    {
    	byte[] cipherTextInByteArr =Base64.getDecoder().decode(encodedText);
    	byte[] plainTextInByteArr = decipher.doFinal(cipherTextInByteArr);
    	return new String(plainTextInByteArr,"UTF-8");
    }
}

And then send the ivText and key to the C# program.
Finally, pass these parameters to initAESCodec method to initialize the Cipher.

The C# program source code as below:

using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using System;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;

namespace ObjectLibrary
{
    public class MessageCoder
    {
        IBufferedCipher aesCipher=null;
        ICipherParameters cipherParameters;
        UTF8Encoding Byte_Transform = new UTF8Encoding();
        public MessageCoder()
        {
            AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
           
        }
        public void initAESCodec(string messageKey, string ivText)
        {
            byte [] messageKeyArray = System.Convert.FromBase64String(messageKey);
            byte []ivTextArray = System.Convert.FromBase64String(ivText);
            aesCipher = CipherUtilities.GetCipher("AES/CTR/NoPadding");
            KeyParameter keyParameter = ParameterUtilities.CreateKeyParameter("AES", messageKeyArray);
            cipherParameters = new ParametersWithIV(keyParameter, ivTextArray,0,16);
            
        }
        public string aesEncode(string plainText)
        {
            byte[] plainBytes = Byte_Transform.GetBytes(plainText);
            byte[] outputBytes = new byte[aesCipher.GetOutputSize(plainBytes.Length)];
            aesCipher.Reset();
            aesCipher.Init(true, cipherParameters);
            int length = aesCipher.ProcessBytes(plainBytes, outputBytes, 0);
            aesCipher.DoFinal(outputBytes, length); //Do the final block
            return Convert.ToBase64String(outputBytes);
        }
        public string aesDecode(string cipherText)
        {
            byte[]encryptBytes = System.Convert.FromBase64String(cipherText);
            byte[] comparisonBytes = new byte[aesCipher.GetOutputSize(encryptBytes.Length)];
            
            aesCipher.Reset();
            aesCipher.Init(false, cipherParameters);
            int length = aesCipher.ProcessBytes(encryptBytes, comparisonBytes, 0);
            aesCipher.DoFinal(comparisonBytes,length); //Do the final block
            
            return Encoding.UTF8.GetString(comparisonBytes);
        }

    }
}

Note 1: Both ivText and Key are sent to C# via WebSocket,  so both of them are encrypted by the Base64 algorithm.

Note 2: The above C# program is developed in Visual Studio 2015 Community Edition environment.

Note 3:  The above C# program requires BouncyCastle crypto library version 1.8.4, this library can be installed to the Visual Studio via NuGet.