c# - Is it safe to read massive "count" of bytes from Stream then copy them to a new array? -

c# - Is it safe to read massive "count" of bytes from Stream then copy them to a new array? -

i'm sorry confusing title, had no clue phone call it! tossing whether belong on 1 of security/crypto exchange sites predominantly programming question post here. sense free move it!

i have aes crypto stream, , aes pads original info blocks, resulting encrypted info different size original unencrypted data. when decrypting, need know how many bytes read crypto stream (how many unencrypted bytes there are). planning on sending original, unencrypted info length in packet thought of way. if read 4096 bytes crypto stream , store how many actual bytes read, can re-create right amount of bytes new array , utilize that.

is safe that? code following:

using (icryptotransform crypt = aes.createdecryptor()) { using (memorystream memstrm = new memorystream(data)) { using (cryptostream cryptstrm = new cryptostream(memstrm, crypt, cryptostreammode.read)) { byte[] bytes = new byte[size]; int read = cryptstrm.read(bytes, 0, 4096); byte[] temp = new byte[read]; array.copy(bytes, temp, read); homecoming temp; } } }

by safe mean, produce right decrypted data?

why jumping through many hoops? memorystream, cryptostream, temporary arrays...

return crypt.transformfinalblock(data, 0, data.length);

to create crypto secure, should utilize random iv each encryption, stored alongside ciphertext. , adding mac (such hmac-sha-256) in encrypt-then-mac construction prevents number of active attacks, including padding oracles.

c# encryption stream