RijndaelManaged using 256 key on .NET Core

Question

I am migrating some code from .NET Framework to .NET Core and came across an issue.

I have a lot of strings that were encrypted on the old system and saved on the database on their encrypted version.

I've moved the code to .NET core, created a new class for Encrypt and Decrypt the strings, but when I try to use it I get the following error.

PlatformNotSupportedException: BlockSize must be 128 in this implementation.

My function is as follow

public static string DecryptString(string cipherText)
        {
            string passPhrase = EncryptingKey(EncKey);

            byte[] cipherTextBytesWithSaltAndIv = Convert.FromBase64String(cipherText);
            byte[] saltStringBytes = cipherTextBytesWithSaltAndIv.Take(Keysize / 8).ToArray();
            byte[] ivStringBytes = cipherTextBytesWithSaltAndIv.Skip(Keysize / 8).Take(Keysize / 8).ToArray();
            byte[] cipherTextBytes = cipherTextBytesWithSaltAndIv.Skip((Keysize / 8) * 2).Take(cipherTextBytesWithSaltAndIv.Length - ((Keysize / 8) * 2)).ToArray();

            using (Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltStringBytes, DerivationIterations))
            {
                byte[] keyBytes = password.GetBytes(Keysize / 8);
                using (RijndaelManaged symmetricKey = new RijndaelManaged())
                {
                    symmetricKey.BlockSize = 256;
                    symmetricKey.Mode = CipherMode.CBC;
                    symmetricKey.Padding = PaddingMode.PKCS7;
                    using (ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, ivStringBytes))
                    {
                        using (MemoryStream memoryStream = new MemoryStream(cipherTextBytes))
                        {
                            using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
                            {
                                byte[] plainTextBytes = new byte[cipherTextBytes.Length];
                                int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
                                memoryStream.Close();
                                cryptoStream.Close();
                                return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
                            }
                        }
                    }
                }
            }
        }

I understand RijndaelManaged doesn't seem to support a keysize other than 128 on .NET Core, do I have any workaround to use 256 instead and not have to decrypt thousands of records and re-encrypt them again?

https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rijndaelmanaged?view=net-5.0

Answer 1

I managed to decrypt with the BouncyCastle.NetCore Nuget package. Also, the same code works with the BouncyCastle.Cryptography package.:

string DecryptRijndael256WithBouncyCastle(byte[] encryptedPassword, byte[] key, byte[] iv)
{
    var engine = new RijndaelEngine(256);
    var blockCipher = new CbcBlockCipher(engine);
    var cipher = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
    var keyParam = new KeyParameter(key);
    var keyParamWithIv = new ParametersWithIV(keyParam, iv, 0, 32);

    cipher.Init(false, keyParamWithIv);

    var outputBytes = new byte[cipher.GetOutputSize(encryptedPassword.Length)];
    var outputLength = cipher.ProcessBytes(encryptedPassword, outputBytes, 0);
    var finalBytes = cipher.DoFinal(outputBytes, 0, outputLength);
    var final = Encoding.UTF8.GetString(finalBytes);
    return final;
}