Can't reproduce ATL-based data decryption in .NET: wrong first 4 bytes

Question

This is C++ code:

CCryptMD5Hash md5;
CCryptProv cprov;
PCWSTR pszPassword = <password>;
BYTE* data = <array of bytes>;
ATL::CCryptDerivedKey m_CryptKey;

md5.Initialize( cprov );
md5.AddData(reinterpret_cast<const BYTE*>(pszPassword), wcslen(pszPassword) * sizeof(wchar_t));

m_CryptKey.Initialize( cprov, md5, CALG_DES);

std::vector<BYTE> buff(data, data + size);
DWORD cbBufSize = buff.size();
m_CryptKey.Decrypt(TRUE, &buff.front(), &cbBufSize));

It successfully decodes the array of bytes to a string like "ABC-DEF-2\ZXCVBNMHOHUH,2020100".

And this is the corresponding .NET code I'm trying to write:

byte[] salt = new byte[0];
byte[] input = <array of bytes>;
byte[] pwd = Encoding.Unicode.GetBytes(<password>);

DESCryptoServiceProvider des = new DESCryptoServiceProvider();
PasswordDeriveBytes pdb = new PasswordDeriveBytes(pwd,  salt);
des.Key = pdb.CryptDeriveKey("DES", "MD5", 0, des.IV);

MemoryStream ms = new MemoryStream(input);
CryptoStream ds = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Read);

StreamReader sr = new StreamReader(ds, Encoding.Unicode);
string s = sr.ReadToEnd();

Its output string is "몶뛛跬DEF-2\ZXCVBNMHOHUH,2020100". So, the first four characters are decoded incorrectly. Changing salt makes these characters different.

Since there is no salt in C++ code, I can't even think about it's possible value to try. But all the simple ones don't work too.

Can someone please help?

Answer 1

Does it work passing a zero value into the C# code for des.IV?

You can set the equivalent CBC IV in the C++ code using SetIV

m_CryptKey.SetIV(...);