The short of it is:

Essentially, if you want to use RijndaelManaged as AES you need to make sure that:

1. The block size is set to 128 bits
2. You are not using CFB mode, or if you are the feedback size is also 128 bits
3. The key size is 128, 192 or 256 bits (Added by Andy)

I started getting an error though - “Key not valid for use in specified state”. Odd. I was importing the key from an XML file, using the FromXMLString() function. It all seemed to work just fine. So, WTF? It’s not like the code is complicated:

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(publickey);
byte[] encryptedData = rsa.Encrypt(data, false);

So what gives?

Well, eventually, I tracked it back to this - I was trying to send too much data. Not very much - less than a couple of hundred bytes - but this was too much.

The obvious thing to do was change the way this works to match the way it’s supposed to work - use RSA encryption to transfer the key to a block cipher, and then encrypt all your data with that block cipher. But I couldn’t be arsed - I just wanted to see the asymetric encryption work - so I reduced my data…

Comments from my old blog:

Sounds like you where in the 70-536 Self Study book from Microsoft. In chapter 12 doing some suggested practices.

Anyway.. that’s where I am and your message here on the blog helped.

I too will send a smaller file

By Micke at 17:13:02 Monday 24th September 2007

Yup, I think I was. It was a bit daft that they didn’t mention the limits on the size of the data.

But that book has a _lot_ of issues.

By Andy at 10:18:03 Thursday 27th September 2007

First off, I tried comparing the speed of populating and reading from generic and normal collections. I found that Generics are much faster to populate as well as read from. I’d expected the latter (no type conversion needed), but not a better speed at population. I guess this is because the types can be checked at compile time. I tried this with both a value type (so there might be boxing/unboxing), and a reference type - each time the result was the same, non-generics took ten times as long as generics.

Populating a generic list is twice as fast if it has its capacity assigned. E.g.

List<SomeObj> myList = new List<SomeObj> ( 10000 );

Populating a non-generic list is actually slower if it has its capacity assigned. I have absolutely no idea why.

FOR Loops are slightly faster than FOREACH loops. However, the difference is piddling, so I’d actually recommend not worrying. Out of preference, I’ll use FOREACH, ‘cos it’s easier to read.

Looking at converting types (well, an integer in most of my tests) I found that:

• AS is slightly faster than a cast
• (cast) is much faster than System.Convert

It’s worth noting that if a conversion fails, AS will just return NULL, whereas a cast returns an exception. Raising an exception is slower than testing for null. Therefore, AS has a definite speed advantage, and hence why you shouldn’t handle expected exceptions using, um, exceptions. Instead, test something and then deal with the exception case. For example, you something like TryParse. (Actually, I should give that a whirl, see how long it takes.)E.g.

int w = 12;
Object o = w;

//fastest conversion and error handling
int x = o as int;
if( x == null) { };

//Okay speed, very slow error handling
try {
int y = (int) o;
} catch ( InvalidCastExpection e ) {}

//Don’t do this
try {
int y = System.Convert.ToInt32(o);
} catch ( InvalidCastExpection e ) {}

I’ll get back to you all about the TryParse thing.

I went to Ben Lamb’s “How to write crap code in C#”. It was pretty simple, but showed just what you can do to compromise performance. Actually, the biggest message I got from it was that it’s worth testing some of the standard ‘performance tips’ - which was funny as I did that just last week.

The other notable talk was “Securing ASP .NET Websites” by Barry Doran. Apart from it being nice to listen to someone with a proper accent, it was a good high level view of the decisions that you have to make when building a website like that. Some of it was new, some of it was old hat, and it was nice to see the reasoning too. He’s a characterful speaker too.

Also, the talk “Securing Web Services using WS-*” by Chris Seary was a good ‘un - finally, I have an answer to the question “Why Bother? Why not SSL or IPSec”. Nice to have a bit of a higher level view explained

In addition, I went to one about “Using and Abusing Reflection” - which seemed a bit too specialised to be of use generally - and making fun of the Irish isn’t a great laugh. Our HR manager would have me warned if I ever did something like that - and quite right too.

Finally, there was the “Technet Highlights” talk, which was great fun, but pretty content free. It did say it wouldn’t be techy. I guess I’d just wanted to hear more of what the buzz was in Barcelona, what things are hot and what’s not (and what the stylish developer will be coding in this season). Still, they were generous with the swag - I’m not sure who they mugged to get all that.

The conclusion - I’ll be going to the next one (unless I’m promoted into management and never touch code again (Not likely))

Comments from my old blog:

Thanks for swelling my ego; I’m glad you enjoyed it and found it useful.

By Barry Dorrans at 21:09:42 Monday 4th December 2006