Padding is invalid and cannot be removed.

Discussion in 'ASP .Net Security' started by Bishoy George, Apr 3, 2006.

  1. // I have the following class:

    using System;
    using System.Data;
    using System.Configuration;
    using System.Web;
    using System.Web.Security;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Web.UI.WebControls.WebParts;
    using System.Web.UI.HtmlControls;
    using System.IO;
    using System.Text;
    using System.Security.Cryptography;

    public class MyEncryption : System.Web.UI.Page
    {
    public MyEncryption()
    {
    }

    public static string Encrypt(string original)
    {
    byte[] encrypted;
    byte[] toEncrypt;
    byte[] key;
    byte[] IV;

    ASCIIEncoding textConverter = new ASCIIEncoding();
    toEncrypt = textConverter.GetBytes(original);

    RijndaelManaged myRijndael = new RijndaelManaged();
    myRijndael.GenerateKey();
    myRijndael.GenerateIV();

    key = myRijndael.Key;
    IV = myRijndael.IV;

    MyEncryption me = new MyEncryption();
    me.SetVariables(key, IV);

    MemoryStream ms = new MemoryStream();
    ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, IV);
    CryptoStream cs = new CryptoStream(ms, encryptor,
    CryptoStreamMode.Write);

    cs.Write(toEncrypt, 0, toEncrypt.Length);
    cs.FlushFinalBlock();

    encrypted = ms.ToArray();

    string final = textConverter.GetString(encrypted);

    return final;
    }

    public static string Decrypt(string encryptedString)
    {
    byte[] key;
    byte[] IV;
    byte[] encrypted;
    byte[] fromEncrypted;

    MyEncryption me = new MyEncryption();
    me.GetVariables(out key, out IV);

    ASCIIEncoding textConverter = new ASCIIEncoding();
    encrypted = textConverter.GetBytes(encryptedString);
    fromEncrypted = new byte[encrypted.Length];

    MemoryStream ms = new MemoryStream(encrypted);

    RijndaelManaged myRijndael = new RijndaelManaged();
    ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);

    CryptoStream cs = new CryptoStream(ms, decryptor,
    CryptoStreamMode.Read);

    cs.Read(fromEncrypted, 0, fromEncrypted.Length);

    string decryptedString = textConverter.GetString(fromEncrypted);

    return decryptedString;
    }

    private void SetVariables(byte[] key, byte[] IV)
    {
    Session["key"] = key;
    Session["IV"] = IV;
    }

    private void GetVariables(out byte[] key, out byte[] IV)
    {
    key = (byte[])Session["key"];
    IV = (byte[])Session["IV"];
    }
    }

    // the problem is: when I execute the Decrypt Method, I receive the
    following error:
    // Padding is invalid and cannot be removed.
    ------------------------------------------------------------------

    Bishoy George


    0102550399
    Bishoy George, Apr 3, 2006
    #1
    1. Advertising

  2. what is textConverter.GetString doing -

    you have to use a lossless conversion to a string using Convert.ToBase64String

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > // I have the following class:
    >
    > using System;
    > using System.Data;
    > using System.Configuration;
    > using System.Web;
    > using System.Web.Security;
    > using System.Web.UI;
    > using System.Web.UI.WebControls;
    > using System.Web.UI.WebControls.WebParts;
    > using System.Web.UI.HtmlControls;
    > using System.IO;
    > using System.Text;
    > using System.Security.Cryptography;
    > public class MyEncryption : System.Web.UI.Page
    > {
    > public MyEncryption()
    > {
    > }
    > public static string Encrypt(string original)
    > {
    > byte[] encrypted;
    > byte[] toEncrypt;
    > byte[] key;
    > byte[] IV;
    > ASCIIEncoding textConverter = new ASCIIEncoding();
    > toEncrypt = textConverter.GetBytes(original);
    > RijndaelManaged myRijndael = new RijndaelManaged();
    > myRijndael.GenerateKey();
    > myRijndael.GenerateIV();
    > key = myRijndael.Key;
    > IV = myRijndael.IV;
    > MyEncryption me = new MyEncryption();
    > me.SetVariables(key, IV);
    > MemoryStream ms = new MemoryStream();
    > ICryptoTransform encryptor = myRijndael.CreateEncryptor(key,
    > IV);
    > CryptoStream cs = new CryptoStream(ms, encryptor,
    > CryptoStreamMode.Write);
    > cs.Write(toEncrypt, 0, toEncrypt.Length);
    > cs.FlushFinalBlock();
    > encrypted = ms.ToArray();
    >
    > string final = textConverter.GetString(encrypted);
    >
    > return final;
    > }
    > public static string Decrypt(string encryptedString)
    > {
    > byte[] key;
    > byte[] IV;
    > byte[] encrypted;
    > byte[] fromEncrypted;
    > MyEncryption me = new MyEncryption();
    > me.GetVariables(out key, out IV);
    > ASCIIEncoding textConverter = new ASCIIEncoding();
    > encrypted = textConverter.GetBytes(encryptedString);
    > fromEncrypted = new byte[encrypted.Length];
    > MemoryStream ms = new MemoryStream(encrypted);
    >
    > RijndaelManaged myRijndael = new RijndaelManaged();
    > ICryptoTransform decryptor = myRijndael.CreateDecryptor(key,
    > IV);
    > CryptoStream cs = new CryptoStream(ms, decryptor,
    > CryptoStreamMode.Read);
    >
    > cs.Read(fromEncrypted, 0, fromEncrypted.Length);
    >
    > string decryptedString =
    > textConverter.GetString(fromEncrypted);
    >
    > return decryptedString;
    > }
    > private void SetVariables(byte[] key, byte[] IV)
    > {
    > Session["key"] = key;
    > Session["IV"] = IV;
    > }
    > private void GetVariables(out byte[] key, out byte[] IV)
    > {
    > key = (byte[])Session["key"];
    > IV = (byte[])Session["IV"];
    > }
    > }
    > // the problem is: when I execute the Decrypt Method, I receive the
    > following error:
    > // Padding is invalid and cannot be removed.
    > ------------------------------------------------------------------
    > Bishoy George
    >
    >
    > 010255039
    Dominick Baier [DevelopMentor], Apr 3, 2006
    #2
    1. Advertising

  3. I fixed the error you said.

    Now when I use the Decrypt Method, I encountered:
    Length of the data to decrypt is invalid
    Line 70: cs.Read(fromEncrypted, 0, fromEncrypted.Length);

    The new code:
    using System;

    using System.Data;

    using System.Configuration;

    using System.Web;

    using System.Web.Security;

    using System.Web.UI;

    using System.Web.UI.WebControls;

    using System.Web.UI.WebControls.WebParts;

    using System.Web.UI.HtmlControls;

    using System.IO;

    using System.Text;

    using System.Security.Cryptography;

    public class MyEncryption : System.Web.UI.Page

    {

    public MyEncryption()

    {

    }

    public static string Encrypt(string original)

    {

    byte[] encrypted;

    byte[] toEncrypt;

    byte[] key;

    byte[] IV;

    ASCIIEncoding textConverter = new ASCIIEncoding();

    toEncrypt = textConverter.GetBytes(original);

    RijndaelManaged myRijndael = new RijndaelManaged();

    myRijndael.GenerateKey();

    myRijndael.GenerateIV();

    key = myRijndael.Key;

    IV = myRijndael.IV;

    MyEncryption me = new MyEncryption();

    me.SetVariables(key, IV);

    MemoryStream ms = new MemoryStream();

    ICryptoTransform encryptor = myRijndael.CreateEncryptor(key,IV);

    CryptoStream cs = new CryptoStream(ms, encryptor,CryptoStreamMode.Write);

    cs.Write(toEncrypt, 0, toEncrypt.Length);

    cs.FlushFinalBlock();

    encrypted = ms.ToArray();

    string final = Convert.ToBase64String(encrypted);

    return final;

    }

    public static string Decrypt(string encryptedString)

    {

    byte[] key;

    byte[] IV;

    byte[] encrypted;

    byte[] fromEncrypted;

    MyEncryption me = new MyEncryption();

    me.GetVariables(out key, out IV);

    ASCIIEncoding textConverter = new ASCIIEncoding();

    encrypted = textConverter.GetBytes(encryptedString);

    fromEncrypted = new byte[encrypted.Length];

    MemoryStream ms = new MemoryStream(encrypted);

    RijndaelManaged myRijndael = new RijndaelManaged();

    ICryptoTransform decryptor = myRijndael.CreateDecryptor(key,IV);

    CryptoStream cs = new CryptoStream(ms, decryptor,CryptoStreamMode.Read);

    cs.Read(fromEncrypted, 0, fromEncrypted.Length);

    string decryptedString = Convert.ToBase64String(fromEncrypted);

    return decryptedString;

    }

    private void SetVariables(byte[] key, byte[] IV)

    {

    Session["key"] = key;

    Session["IV"] = IV;

    }

    private void GetVariables(out byte[] key, out byte[] IV)

    {

    key = (byte[])Session["key"];

    IV = (byte[])Session["IV"];

    }

    }
    Bishoy George, Apr 3, 2006
    #3
  4. Bishoy George

    Kaustav Guest

    Hi Bishoy,

    try the snippet below -

    using System;
    using System.IO;
    using System.Text;
    using System.Security.Cryptography;

    namespace Sec
    {
    public class Secure

    {
    public Secure()
    {
    m_passPhrase = "Pass Phrase";
    m_saltValue = "Salt Value";
    m_initVector = "@1B2c3D4e5F6g7H8";
    m_hashAlgorithm = "MD5";
    m_passwordIterations = 5;
    m_keySize = 128;


    }

    private string m_plaintext ;
    private string m_ciphertext ;
    private byte[] m_plaintextbytes ;
    private byte[] m_ciphertextbytes ;
    private string m_passPhrase ;
    private string m_saltValue ;
    private string m_hashAlgorithm ;
    private Int32 m_passwordIterations ;
    private string m_initVector ;
    private Int32 m_keySize ;

    public string plaintext
    {
    get{return m_plaintext;}
    set{m_plaintext= value;}
    }

    public string ciphertext
    {
    get{return m_ciphertext;}
    set{m_ciphertext= value;}
    }

    public byte[] plaintextbytes
    {
    get{return m_plaintextbytes;}
    set{m_plaintextbytes= value;}
    }

    public byte[] ciphertextbytes
    {
    get{return m_ciphertextbytes;}
    set{m_ciphertextbytes= value;}
    }

    public string passPhrase
    {
    get{return m_passPhrase;}
    set{m_passPhrase= value;}
    }

    public string saltValue
    {
    get{return m_saltValue;}
    set{m_saltValue= value;}
    }

    public string hashAlgorithm
    {
    get{return m_hashAlgorithm;}
    set{m_hashAlgorithm= value;}
    }


    public Int32 passwordIterations
    {
    get{return m_passwordIterations;}
    set{m_passwordIterations= value;}
    }

    public string initVector
    {
    get{return m_initVector;}
    set{m_initVector = value;}
    }

    public Int32 keySize
    {
    get{return m_keySize;}
    set{m_keySize= value;}
    }


    public string ASCIIEncrypt(string plaintext)
    {

    try
    {
    byte[] initVectorBytes = Encoding.ASCII.GetBytes(m_initVector);
    byte[] saltValueBytes = Encoding.ASCII.GetBytes(m_saltValue);
    byte[] plainTextBytes = Encoding.ASCII.GetBytes(plaintext);
    PasswordDeriveBytes password = new
    PasswordDeriveBytes(m_passPhrase,saltValueBytes, m_hashAlgorithm,
    m_passwordIterations);
    byte[] keyBytes = password.GetBytes(m_keySize / 8);
    RijndaelManaged symmetricKey = new RijndaelManaged();
    symmetricKey.Mode = CipherMode.CBC;
    ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes ,
    initVectorBytes);
    MemoryStream memoryStream = new MemoryStream();
    CryptoStream cryptoStream = new CryptoStream(memoryStream,
    encryptor,CryptoStreamMode.Write);
    cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
    cryptoStream.FlushFinalBlock();
    byte[] cipherTextBytes = memoryStream.ToArray();
    memoryStream.Close();
    cryptoStream.Close();
    m_ciphertext = Convert.ToBase64String(cipherTextBytes );
    return "SUCCESS";
    }
    catch (Exception ex)
    {
    return ex.Message.ToString();
    }

    }


    public string ASCIIDecrypt(string ciphertext)
    {

    try
    {
    byte[] initVectorBytes = Encoding.ASCII.GetBytes(m_initVector);
    byte[] saltValueBytes = Encoding.ASCII.GetBytes(m_saltValue);
    byte[] cipherTextBytes = Convert.FromBase64String(ciphertext );
    PasswordDeriveBytes password = new
    PasswordDeriveBytes( m_passPhrase,saltValueBytes, m_hashAlgorithm,
    m_passwordIterations);
    byte[] keyBytes = password.GetBytes(keySize / 8);
    RijndaelManaged symmetricKey = new RijndaelManaged();
    symmetricKey.Mode = CipherMode.CBC;
    ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes ,
    initVectorBytes);
    MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
    CryptoStream cryptoStream = new CryptoStream(memoryStream,
    decryptor,CryptoStreamMode.Read);
    byte[] plainTextBytes = new byte[cipherTextBytes.Length];
    int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0,
    plainTextBytes.Length);
    memoryStream.Close();
    cryptoStream.Close();
    m_plaintext = Encoding.ASCII.GetString(plainTextBytes );
    return "SUCCESS";

    }
    catch(Exception ex)
    {
    return ex.Message.ToString();
    }


    }


    }
    }


    Kaustav.

    "Bishoy George" wrote:

    > // I have the following class:
    >
    > using System;
    > using System.Data;
    > using System.Configuration;
    > using System.Web;
    > using System.Web.Security;
    > using System.Web.UI;
    > using System.Web.UI.WebControls;
    > using System.Web.UI.WebControls.WebParts;
    > using System.Web.UI.HtmlControls;
    > using System.IO;
    > using System.Text;
    > using System.Security.Cryptography;
    >
    > public class MyEncryption : System.Web.UI.Page
    > {
    > public MyEncryption()
    > {
    > }
    >
    > public static string Encrypt(string original)
    > {
    > byte[] encrypted;
    > byte[] toEncrypt;
    > byte[] key;
    > byte[] IV;
    >
    > ASCIIEncoding textConverter = new ASCIIEncoding();
    > toEncrypt = textConverter.GetBytes(original);
    >
    > RijndaelManaged myRijndael = new RijndaelManaged();
    > myRijndael.GenerateKey();
    > myRijndael.GenerateIV();
    >
    > key = myRijndael.Key;
    > IV = myRijndael.IV;
    >
    > MyEncryption me = new MyEncryption();
    > me.SetVariables(key, IV);
    >
    > MemoryStream ms = new MemoryStream();
    > ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, IV);
    > CryptoStream cs = new CryptoStream(ms, encryptor,
    > CryptoStreamMode.Write);
    >
    > cs.Write(toEncrypt, 0, toEncrypt.Length);
    > cs.FlushFinalBlock();
    >
    > encrypted = ms.ToArray();
    >
    > string final = textConverter.GetString(encrypted);
    >
    > return final;
    > }
    >
    > public static string Decrypt(string encryptedString)
    > {
    > byte[] key;
    > byte[] IV;
    > byte[] encrypted;
    > byte[] fromEncrypted;
    >
    > MyEncryption me = new MyEncryption();
    > me.GetVariables(out key, out IV);
    >
    > ASCIIEncoding textConverter = new ASCIIEncoding();
    > encrypted = textConverter.GetBytes(encryptedString);
    > fromEncrypted = new byte[encrypted.Length];
    >
    > MemoryStream ms = new MemoryStream(encrypted);
    >
    > RijndaelManaged myRijndael = new RijndaelManaged();
    > ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);
    >
    > CryptoStream cs = new CryptoStream(ms, decryptor,
    > CryptoStreamMode.Read);
    >
    > cs.Read(fromEncrypted, 0, fromEncrypted.Length);
    >
    > string decryptedString = textConverter.GetString(fromEncrypted);
    >
    > return decryptedString;
    > }
    >
    > private void SetVariables(byte[] key, byte[] IV)
    > {
    > Session["key"] = key;
    > Session["IV"] = IV;
    > }
    >
    > private void GetVariables(out byte[] key, out byte[] IV)
    > {
    > key = (byte[])Session["key"];
    > IV = (byte[])Session["IV"];
    > }
    > }
    >
    > // the problem is: when I execute the Decrypt Method, I receive the
    > following error:
    > // Padding is invalid and cannot be removed.
    > ------------------------------------------------------------------
    >
    > Bishoy George
    >
    >
    > 0102550399
    >
    >
    >
    Kaustav, Apr 11, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robert Smith
    Replies:
    0
    Views:
    4,933
    Robert Smith
    Dec 8, 2005
  2. Brent K
    Replies:
    2
    Views:
    643
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Jul 12, 2007
  3. rdlauer
    Replies:
    1
    Views:
    370
    bruce barker
    Jul 16, 2007
  4. Amelyan
    Replies:
    0
    Views:
    575
    Amelyan
    Aug 12, 2007
  5. Amelyan
    Replies:
    2
    Views:
    454
    Amelyan
    Aug 13, 2007
Loading...

Share This Page