Length of data to decrypt is invalid Rijndael

H

hivie

I am using the sample code from the book Building Secure Microsoft Asp.Net
applications for the Encryption Library and I get the error "Length of data
to decrypt is invalid. Here is the two methods that I apply:
private void btnGetNextNumber_Click(object sender, System.EventArgs e)
{
GetNextNumber(ddlClientList.Items[ddlClientList.SelectedIndex].ToString());
}
protected string Encrypt(string sEncrypt)
{
byte[] IV = null;
byte[] cipherText = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Encryptor enc = new Encryptor(EncryptionAlgorithm.Rijndael);
byte[] plainText = Encoding.ASCII.GetBytes(sEncrypt);

if ((EncryptionAlgorithm.TripleDes == algorithm) ||
(EncryptionAlgorithm.Rijndael == algorithm))
{ //3Des only work with a 16 or 24 byte key.
key = Encoding.ASCII.GetBytes("password12345678");
if (EncryptionAlgorithm.Rijndael == algorithm)
{ // Must be 16 bytes for Rijndael.
IV = Encoding.ASCII.GetBytes("init vec is big.");
}
else
{
IV = Encoding.ASCII.GetBytes("init vec");
}
}
else
{ //Des only works with an 8 byte key. The others uses variable length
keys.
//Set the key to null to have a new one generated.
key = Encoding.ASCII.GetBytes("password");
IV = Encoding.ASCII.GetBytes("init vec");
}
// Uncomment the next lines to have the key or IV generated for you.
// key = null;
// IV = null;

enc.IV = IV;

// Perform the encryption.
cipherText = enc.Encrypt(plainText, key);
// Retrieve the intialization vector and key. You will need it
// for decryption.
IV = enc.IV;
key = enc.Key;

// Look at your cipher text and initialization vector.



return Convert.ToBase64String(cipherText);
}
protected string Decrypt(string cipherText)
{
byte[] IV = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Decryptor dec = new Decryptor(algorithm);
dec.IV = Encoding.ASCII.GetBytes("init vec is big.");
key = Encoding.ASCII.GetBytes("password12345678");
// Go ahead and decrypt.
byte[] plainText = dec.Decrypt(Encoding.ASCII.GetBytes(cipherText), key);
// Look at your plain text.
return Encoding.ASCII.GetString(plainText);
}

This is nothing more than a adaptation off of the books Console app that is
used to test it. I cannot figure out what is happening. The encryption
appears to come through OK. Does anyone have any ideas?
Thanks
Heath
 
H

hivie

Something that I noticed is that when (for debug) if I call Decrypt in the
encrypt method before returning everything is as expected. It is only after
the encrypted data is sent in the querystring that it fails. Is the
querystring doing something to my data?

hivie said:
I am using the sample code from the book Building Secure Microsoft Asp.Net
applications for the Encryption Library and I get the error "Length of data
to decrypt is invalid. Here is the two methods that I apply:
private void btnGetNextNumber_Click(object sender, System.EventArgs e)
{
GetNextNumber(ddlClientList.Items[ddlClientList.SelectedIndex].ToString());
}
protected string Encrypt(string sEncrypt)
{
byte[] IV = null;
byte[] cipherText = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Encryptor enc = new Encryptor(EncryptionAlgorithm.Rijndael);
byte[] plainText = Encoding.ASCII.GetBytes(sEncrypt);

if ((EncryptionAlgorithm.TripleDes == algorithm) ||
(EncryptionAlgorithm.Rijndael == algorithm))
{ //3Des only work with a 16 or 24 byte key.
key = Encoding.ASCII.GetBytes("password12345678");
if (EncryptionAlgorithm.Rijndael == algorithm)
{ // Must be 16 bytes for Rijndael.
IV = Encoding.ASCII.GetBytes("init vec is big.");
}
else
{
IV = Encoding.ASCII.GetBytes("init vec");
}
}
else
{ //Des only works with an 8 byte key. The others uses variable length
keys.
//Set the key to null to have a new one generated.
key = Encoding.ASCII.GetBytes("password");
IV = Encoding.ASCII.GetBytes("init vec");
}
// Uncomment the next lines to have the key or IV generated for you.
// key = null;
// IV = null;

enc.IV = IV;

// Perform the encryption.
cipherText = enc.Encrypt(plainText, key);
// Retrieve the intialization vector and key. You will need it
// for decryption.
IV = enc.IV;
key = enc.Key;

// Look at your cipher text and initialization vector.



return Convert.ToBase64String(cipherText);
}
protected string Decrypt(string cipherText)
{
byte[] IV = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Decryptor dec = new Decryptor(algorithm);
dec.IV = Encoding.ASCII.GetBytes("init vec is big.");
key = Encoding.ASCII.GetBytes("password12345678");
// Go ahead and decrypt.
byte[] plainText = dec.Decrypt(Encoding.ASCII.GetBytes(cipherText), key);
// Look at your plain text.
return Encoding.ASCII.GetString(plainText);
}

This is nothing more than a adaptation off of the books Console app that is
used to test it. I cannot figure out what is happening. The encryption
appears to come through OK. Does anyone have any ideas?
Thanks
Heath
 
D

Duane Laflotte

Heath,
I've run into this a few times before. If I had to guess I would say
that when you put the encrypted data into the URL it is getting (by default)
urlencoded. Then when you take that encoded data back out of the query
string and try to decrypt it before decoding it you get errors. I would
force the url encode of the encrypted data BEFORE you put it in the query
string and then force the url decode before you try to decrypt the data
again.
That should do it. If not let me know and we can try something else.
Good Luck,
Duane


--
Duane Laflotte
MCSE, MCSD, MCDBA, MCSA, MCT, MCP+I
(e-mail address removed)
http://www.criticalsites.com/dlaflotte

hivie said:
I am using the sample code from the book Building Secure Microsoft Asp.Net
applications for the Encryption Library and I get the error "Length of data
to decrypt is invalid. Here is the two methods that I apply:
private void btnGetNextNumber_Click(object sender, System.EventArgs e)
{
GetNextNumber(ddlClientList.Items[ddlClientList.SelectedIndex].ToString());
}
protected string Encrypt(string sEncrypt)
{
byte[] IV = null;
byte[] cipherText = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Encryptor enc = new Encryptor(EncryptionAlgorithm.Rijndael);
byte[] plainText = Encoding.ASCII.GetBytes(sEncrypt);

if ((EncryptionAlgorithm.TripleDes == algorithm) ||
(EncryptionAlgorithm.Rijndael == algorithm))
{ //3Des only work with a 16 or 24 byte key.
key = Encoding.ASCII.GetBytes("password12345678");
if (EncryptionAlgorithm.Rijndael == algorithm)
{ // Must be 16 bytes for Rijndael.
IV = Encoding.ASCII.GetBytes("init vec is big.");
}
else
{
IV = Encoding.ASCII.GetBytes("init vec");
}
}
else
{ //Des only works with an 8 byte key. The others uses variable length
keys.
//Set the key to null to have a new one generated.
key = Encoding.ASCII.GetBytes("password");
IV = Encoding.ASCII.GetBytes("init vec");
}
// Uncomment the next lines to have the key or IV generated for you.
// key = null;
// IV = null;

enc.IV = IV;

// Perform the encryption.
cipherText = enc.Encrypt(plainText, key);
// Retrieve the intialization vector and key. You will need it
// for decryption.
IV = enc.IV;
key = enc.Key;

// Look at your cipher text and initialization vector.



return Convert.ToBase64String(cipherText);
}
protected string Decrypt(string cipherText)
{
byte[] IV = null;
byte[] key = null;
EncryptionAlgorithm algorithm = EncryptionAlgorithm.Rijndael;
Decryptor dec = new Decryptor(algorithm);
dec.IV = Encoding.ASCII.GetBytes("init vec is big.");
key = Encoding.ASCII.GetBytes("password12345678");
// Go ahead and decrypt.
byte[] plainText = dec.Decrypt(Encoding.ASCII.GetBytes(cipherText), key);
// Look at your plain text.
return Encoding.ASCII.GetString(plainText);
}

This is nothing more than a adaptation off of the books Console app that is
used to test it. I cannot figure out what is happening. The encryption
appears to come through OK. Does anyone have any ideas?
Thanks
Heath
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
474,044
Messages
2,570,388
Members
47,052
Latest member
ketan

Latest Threads

Top