maybe I can help.
I took your C# code and modified it slightly. The C# code I use, in its entirety, is:
using System;
using System.Security.Cryptography;
public class Bob
{
internal static string FormatByteArray(byte[] b)
{
System.Text.StringBuilder sb1 = new System.Text.StringBuilder();
int i = 0;
for (i = 0; i < b.Length; i++)
{
if (i != 0 && i % 16 == 0)
sb1.Append("
");
sb1.Append(System.String.Format("{0:X2} ", b[i]));
}
return sb1.ToString();
}
public static void Main()
{
try
{
string original = "watson?";
Console.WriteLine("Original: {0}", original);
byte[] IV = new byte[16]; // match slowaes IV
var ascii = new System.Text.ASCIIEncoding();
// match slowaes KEY
string passPhrase = "12345678901234567890123456789012";
byte[] key = ascii.GetBytes(passPhrase);
RijndaelManaged myRijndael = new RijndaelManaged();
myRijndael.BlockSize = 128;
myRijndael.KeySize = 256;
myRijndael.IV = IV;
myRijndael.Padding = PaddingMode.PKCS7;
myRijndael.Mode = CipherMode.CBC;
myRijndael.Key = key;
// Encrypt the string to an array of bytes.
byte[] plainText = new System.Text.ASCIIEncoding().GetBytes(original);
ICryptoTransform transform = myRijndael.CreateEncryptor();
byte[] cipherText = transform.TransformFinalBlock(plainText, 0, plainText.Length);
Console.WriteLine("cipherText: {0}", FormatByteArray(cipherText));
// Decrypt the bytes to a string.
transform = myRijndael.CreateDecryptor();
plainText = transform.TransformFinalBlock(cipherText, 0, cipherText.Length);
string roundtrip = ascii.GetString(plainText);
Console.WriteLine("Round Trip: {0}", roundtrip);
}
catch (Exception e)
{
Console.WriteLine("Error: {0}", e.Message);
}
}
}
compile the above with
csc.exe /target:exe /out:Bob.exe Bob.cs
I use the slowAES.wsc from the other post you referenced, with 2 changes: I do not call getPaddedBlock() for the key in the EncryptString or DecryptString() methods. This really needs a PBKDF but let's not worry about that now. Here's what the modified EncryptString looks like:
function EncryptString(plainText)
{
// this is really wrong - need a PBBKDF to get the key, instead
// of just using the passphrase
var key = cryptoHelpers.convertStringToByteArray(_passphrase);
// var nkey = slowAES.getPaddedBlock(key, 0, _keysize, _mode);
var bytesToEncrypt = cryptoHelpers.convertStringToByteArray(plainText);
var result = slowAES.encrypt(bytesToEncrypt,
_mode,
key,
_keysize,
_iv);
return result['cipher'];
}
This means you have to use a passPhrase that is exactly the length required by the keysize. If you use AES256, then pass a 32-char string (32 * 8 = 256 bits). Seems like you figured this out already.
The client of the WSC component is also Javascript (though it can be any COM language). Here's what I used.
function toHexString(a)
{
var ret = '';
for(var i = 0;i < a.length;i++)
ret += (a[i] < 16 ? '0' : '') + a[i].toString(16) + ' ';
return ret.toLowerCase();
}
//var plaintext = "Hello. This is a test. of the emergency broadcasting system.";
var plaintext = "watson?";
try
{
WScript.echo( "plaintext: " + plaintext);
WScript.echo( "plaintext.length: " + plaintext.length);
WScript.echo( "instantiate ");
var aes = new ActiveXObject("Ionic.Com.SlowAES");
WScript.echo( "keysize ");
aes.KeySize = 256;
WScript.echo( "passphrase ");
aes.PassPhrase= "12345678901234567890123456789012"; // 32 chars long
WScript.echo( "mode ");
aes.Mode = "CBC";
WScript.echo( "encrypting... ");
var result = aes.EncryptString(plaintext);
WScript.echo( "Cryptotext: " + toHexString(result));
WScript.echo( "decrypting... ");
var decrypted = aes.DecryptBytesToString(result);
WScript.echo( "decrypted: " + decrypted);
}
catch(e)
{
WScript.echo("Exception: " + e);
// WScript.echo(e.Number + ": " + e.Name);
WScript.echo(e.Message);
}
If I then run this code, the Javascript and C# produces the same cipher text for a plaintext of "watson?", using AES256, passphrase of 12345678901234567890123456789012, and an IV of 16 bytes of zero. The ciphertext generated is:
8B 68 A6 23 08 2A D8 A0 EB 99 17 8F 69 03 18 FF
It successfully decrypts in both cases.
EDIT: Though I packaged the slowAES encryption in a WSC, it will be interoperable running outside the COM environment as well. The WSC part is unnecessary for this question, but was necessary to demonstrate the answer for a prior question, which was, "how can I get VBScript and .NET AES to interoperate?"
EDIT2: The source code that demonstrates AES interop between Javascript or VBScript and .NET is available. I extended the basic example given here to produce test apps in 3 languages: C#, Javascript and VBScript. They all take the same set of arguments. They each use a RFC2898-compliant key derivation function. You can specify the password, salt, IV, and plaintext, as well as the number of RFC2898 iterations to use in the PBKDF2. You can easily verify that the ciphertext is the same for each of these test programs. Maybe the example will be useful for someone.
EDIT3
a good read: Javascript Cryptography considered harmful.