So here's my problem: In an old ASP.NET 4.5 system, we have used MembershipProvider's EncrypytPassword and DecrypytPassword extensively. Not for actual passwords, they are hashed. It obviously uses DecryptionKey in Machinekey section of my web.config. It's working fine. Encrypted info are stored in DB and can be decrypted, no problems.
Now we need to read them from DB and decrypt them in a .NET core app. Obviously I do not have access to ASP.NET MembershipProvider for decryption. So I thought It should be very straight forward: I have the decryptionkey (a hex string stored in our web.config), I know the algorithm is AES (Again, from machinekey section) and I should be able to decrypt them myself.
But no matter what i do, it does not work. I played with padding, IV, cipher mode, key size. Nothing works.
I even decompiled System.Web.dll and read the code for EncryptOrDecryptData method which is responsible for this. Seems impossible to figure out what is going on.
How do you think I can replicate their decryption method? Knowing that the only thing that was mentioned in web.config was this:
machineKey decryption="AES" decryptionKey="D8E7396EEA4.........." (48 hex characters).
FYI, I can use only this in any .NET console app to decrypt the data, because I can add a reference to System.Web.dll and use DecryptPassword method. So it means I should be able to achieve this in .NET Core as well by just having the decryption key. But how?