C# attempting to decrypt a file to only process memory

Question

I am attempting to decrypt a file to ONLY the process memory. I do not want the actual file to be sent to plain text as it will be storing sensitive data. I do not want the raw text sitting on the system at all.

I am currently testing with a eula file in C:\ BUT get the same issue no matter what file I use.

I am using AES with salting. Decrypting the file does work as right now I am dumping the decrypted data to the text document but when I am attempting to compile the decrpytedBytes into a string, it only outputs 3 characters that are non-existent in that order anywhere inside of the document.

https://i.sstatic.net/0531F.png

Those 2 characters show up while using System.Text.Encoding.UTF8.GetString(bytesDecrypted, 0, bytesDecrypted.Length) to compile the byte array to a string.

I have attempted just a basic .ToString() but that returned System.Byte[] and nothing more

https://i.sstatic.net/Q3Nrc.png

While using var str = System.Text.Encoding.Default.GetString(bytesDecrypted) it only outputs ÿþ*

https://i.sstatic.net/9H59L.png

Here is the code I am using for encryption and decryption

 public static byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes)
 {
     byte[] encryptedBytes = null;
     byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

     using (MemoryStream ms = new MemoryStream())
     {
          using (RijndaelManaged AES = new RijndaelManaged())
          {
              AES.KeySize = 256;
              AES.BlockSize = 128;

              var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
              AES.Key = key.GetBytes(AES.KeySize / 8);
              AES.IV = key.GetBytes(AES.BlockSize / 8);
              AES.Mode = CipherMode.CBC;

              using (var cs = new CryptoStream(ms, AES.CreateEncryptor(), CryptoStreamMode.Write))
              {
                   cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
                   cs.Close();
              }

              encryptedBytes = ms.ToArray();
          }
     }

     return encryptedBytes;
 }

 public static byte[] AES_Decrypt(byte[] bytesToBeDecrypted, byte[] passwordBytes)
 {
     byte[] decryptedBytes = null;
     byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

     using (MemoryStream ms = new MemoryStream())
     {
          using (RijndaelManaged AES = new RijndaelManaged())
          {
              AES.KeySize = 256;
              AES.BlockSize = 128;

              var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
              AES.Key = key.GetBytes(AES.KeySize / 8);
              AES.IV = key.GetBytes(AES.BlockSize / 8);
              AES.Mode = CipherMode.CBC;

              using (var cs = new CryptoStream(ms, AES.CreateDecryptor(), CryptoStreamMode.Write))
              {
                   cs.Write(bytesToBeDecrypted, 0, bytesToBeDecrypted.Length);
                   cs.Close();
              }

              decryptedBytes = ms.ToArray();
          }
     }

     return decryptedBytes;
 }

 public void EncryptFile(string file, string fileEncrypted, string password)
 {
     byte[] bytesToBeEncrypted = File.ReadAllBytes(file);
     byte[] passwordBytes = Encoding.UTF8.GetBytes(password);

     passwordBytes = SHA256.Create().ComputeHash(passwordBytes);

     byte[] bytesEncrypted = AES_Encrypt(bytesToBeEncrypted, passwordBytes);

     File.WriteAllBytes(fileEncrypted, bytesEncrypted);
     listBox1.Items.Add("Enrypted the file");
 }

 public void DecryptFile(string fileEncrypted, string file, string password)
 {
     byte[] bytesToBeDecrypted = File.ReadAllBytes(fileEncrypted);
     byte[] passwordBytes = Encoding.UTF8.GetBytes(password);

     passwordBytes = SHA256.Create().ComputeHash(passwordBytes);

     byte[] bytesDecrypted = AES_Decrypt(bytesToBeDecrypted, passwordBytes);

     listBox1.Items.Add("Attempting Decryption");
     File.WriteAllBytes(file, bytesDecrypted);

     var str = System.Text.Encoding.Default.GetString(bytesDecrypted);

     richTextBox1.Text = str;
 }

If you have any idea/clues on how I could manage to get this working I would greatly appreciate it!

Answer 1

You used the incorrect encoding to to decode your decrypted byte array. The encoding of the original text file is most likely Unicode/UTF-16. Thus, use the Encoding.Unicode encoding to decode the decrypted byte array back to text:

var str = System.Text.Encoding.Unicode.GetString(bytesDecrypted);

---

Some background information

So, what made me think that the encoding of the original text file is UTF-16/Unicode? This information from the question gives a crucial hint:

While using var str = System.Text.Encoding.Default.GetString(bytesDecrypted) it only outputs ÿþ*

Note the ÿþ. This is how an UTF-16 LE BOM (*) appears if text data having this BOM is decoded/shown using the ISO/IEC 8859-1 (or CP-1252) code page, which often is the default code page used in many (english/non-localized) Windows installations.

(*) The UTF-16 LE BOM (UTF-16 Little-Endian Byte Order Mark) are two bytes 0xFF,0xFE. To learn more about what BOMs are and what their purpose is, i suggest this Wikipedia article: https://en.wikipedia.org/wiki/Byte_order_mark