Solved

cryptographicexception was unhandled length of the data to decrypt is invalid

Posted on 2011-02-16
7
1,359 Views
Last Modified: 2012-06-27
I have an app to Encrypt and Decrypt a string. I am new using the functions and I don't really know why I get a cryptographicexception telling me that length of the data to decrypt is invalid with some strings but the app works great with other stirngs. Attached is the code that I use for the Encrypt, Decrypt and I call the funtion on Windows with the following code:

private void button2_Click(object sender, EventArgs e)
        {
            Crypto cr = new Crypto(Crypto.SymmProvEnum.DES);
            txt2.Text = cr.Encrypting(txt1.Text.Trim());
        }

        private void button3_Click(object sender, EventArgs e)
        {
            Crypto cr = new Crypto(Crypto.SymmProvEnum.DES);
            txt3.Text = cr.Decrypting(txt2.Text.Trim());

        }
Everything works fine until I put gonzo as the input string the I get the exception. Like I said I am new using System.Cryptography and don't know where to start. Any help will be appreciated.
namespace WindowsFormsApplication1
{
    public class Crypto
    {
        string Key = "12345678";

        public Crypto()
        {
            //
            // TODO: Add constructor logic here
            //
        }



        /// <remarks>
        /// Supported .Net intrinsic SymmetricAlgorithm classes.
        /// </remarks>
        public enum SymmProvEnum : int
        {
            DES, RC2, RC4, Rijndael
        }

        private SymmetricAlgorithm mobjCryptoService;

        /// <remarks>
        /// Constructor for using an intrinsic .Net SymmetricAlgorithm class.
        /// </remarks>
        public Crypto(SymmProvEnum NetSelected)
        {
            switch (NetSelected)
            {
                case SymmProvEnum.DES:
                    mobjCryptoService = new DESCryptoServiceProvider();
                    break;
                case SymmProvEnum.RC2:
                    mobjCryptoService = new RC2CryptoServiceProvider();
                    break;
                case SymmProvEnum.Rijndael:
                    mobjCryptoService = new RijndaelManaged();
                    break;
                case SymmProvEnum.RC4:
                    mobjCryptoService = new RijndaelManaged();
                    break;
            }
        }

        /// <remarks>
        /// Constructor for using a customized SymmetricAlgorithm class.
        /// </remarks>
        public Crypto(SymmetricAlgorithm ServiceProvider)
        {
            mobjCryptoService = ServiceProvider;
        }

        /// <remarks>
        /// Depending on the legal key size limitations of a specific CryptoService provider
        /// and length of the private key provided, padding the secret key with space character
        /// to meet the legal size of the algorithm.
        /// </remarks>
        private byte[] GetLegalKey(string Key)
        {
            string sTemp = Key;
            if (mobjCryptoService.LegalKeySizes.Length > 0)
            {
                int moreSize = mobjCryptoService.LegalKeySizes[0].MinSize;
                // key sizes are in bits
                if (sTemp.Length * 8 > mobjCryptoService.LegalKeySizes[0].MaxSize)
                    // get the left of the key up to the max size allowed
                    sTemp = sTemp.Substring(0, mobjCryptoService.LegalKeySizes[0].MaxSize / 8);
                else if (sTemp.Length * 8 < moreSize)
                    if (mobjCryptoService.LegalKeySizes[0].SkipSize == 0)
                        // simply pad the key with spaces up to the min size allowed
                        sTemp = sTemp.PadRight(moreSize / 8, ' ');
                    else
                    {
                        while (sTemp.Length * 8 > moreSize)
                            moreSize += mobjCryptoService.LegalKeySizes[0].SkipSize;

                        sTemp = sTemp.PadRight(moreSize / 8, ' ');
                    }
            }

            // convert the secret key to byte array
            return ASCIIEncoding.ASCII.GetBytes(sTemp);
        }

        public string Encrypting(string Source)
        {
            byte[] bytIn = System.Text.ASCIIEncoding.ASCII.GetBytes(System.Web.HttpUtility.UrlEncode(Source));

            // create a MemoryStream so that the process can be done without I/O files
            System.IO.MemoryStream ms = new System.IO.MemoryStream();

            byte[] bytKey = GetLegalKey(Key);

            // set the private key
            mobjCryptoService.Key = bytKey;
            mobjCryptoService.IV = bytKey;

            // create an Encryptor from the Provider Service instance
            ICryptoTransform encrypto = mobjCryptoService.CreateEncryptor();

            // create Crypto Stream that transforms a stream using the encryption
            CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Write);

            // write out encrypted content into MemoryStream
            cs.Write(bytIn, 0, bytIn.Length);
            cs.FlushFinalBlock();

            // get the output and trim the '\0' bytes
            byte[] bytOut = ms.GetBuffer();
            int i = 0;
            for (i = 0; i < bytOut.Length; i++)
                if (bytOut[i] == 0)
                    break;

            // convert into Base64 so that the result can be used in xml
            return System.Convert.ToBase64String(bytOut, 0, i);
        }

        public string Decrypting(string Source)
        {
            // convert from Base64 to binary
            byte[] bytIn = System.Convert.FromBase64String(Source);
            // create a MemoryStream with the input
            System.IO.MemoryStream ms = new System.IO.MemoryStream(bytIn, 0, bytIn.Length);

            byte[] bytKey = GetLegalKey(Key);

            // set the private key
            mobjCryptoService.Key = bytKey;
            mobjCryptoService.IV = bytKey;

            // create a Decryptor from the Provider Service instance
            ICryptoTransform encrypto = mobjCryptoService.CreateDecryptor();

            // create Crypto Stream that transforms a stream using the decryption
            CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Read);

            // read out the result from the Crypto Stream
            System.IO.StreamReader sr = new System.IO.StreamReader(cs);
            string sEncoded = sr.ReadToEnd();
            return System.Web.HttpUtility.UrlDecode(sEncoded);
        }


    }
}

Open in new window

0
Comment
Question by:ocortes
  • 4
  • 3
7 Comments
 
LVL 37

Expert Comment

by:TommySzalapski
ID: 34918173
Why are you trimming the encrypted string? The Trim function removes all whitespace characters from the string. If the encryption process adds a space, tab, or newline character at the beginning or end of the string, then the decrypt will fail since data is missing.
It says it pads with spaces if the key isn't long enough, so trimming is likely to cause problems.

Take out the Trim on this line
            txt3.Text = cr.Decrypting(txt2.Text.Trim());
The other one is okay.
0
 

Author Comment

by:ocortes
ID: 34919395
Hello,
Thanks for the comment but that is not the problem. The problem is that some strings when they are Encrypted they return a short string that cannot be Decrypted. I changed the encryption from DES to Rijndael and the srting that didn't work on the first place worked fine but another string gave me an error. I don't know what I can change on the Encrypt part so that I get a valid string all the time.
Thank you,
0
 
LVL 37

Expert Comment

by:TommySzalapski
ID: 34919507
Pad it with spaces (like it suggests) something like this (Note: I don't use .NET much so syntax may be off, I'm sure you can fix it)
        public string Encrypting(string Source)
        {
            if(Source.Length() < 10) //Or whatever the limit is
                Source = Source + "          " //Add 10 spaces
            //rest of code
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:ocortes
ID: 34921462
I will try it but I am not sure if it will work work because the Length() that I get it's always 256 so I will have big strings with spaces. I will let you know.
Thanks
0
 
LVL 37

Expert Comment

by:TommySzalapski
ID: 34921524
You will get extra spaces at the end, but since you are using Trim anyway you can trim them back off.
If you don't want to use spaces you could add some non-printing character that no one would ever use and trim them by default in the decrypt code.
0
 

Accepted Solution

by:
ocortes earned 0 total points
ID: 34927114
That didn't work in the old code the bytOut is a array of bytes with numeric values and I was just stopping when the values was 0 assuming it was the end of the string the problem was that some strings when Encrypted where returning 0 as the encrypted byte so I changed the code to the new code where I check for two consecutive 0 and then I assume it is the end of the string. It will work until we get a string that encrypted has the two zeros.
Anyway, thank you for your help.

Old Code
if (bytOut[i] == 0)

New Code
if (bytOut[i] == 0 && bytOut[i+1] == 0)

Open in new window

0
 

Author Closing Comment

by:ocortes
ID: 34959140
It work fine for most strings but it could be a string that ecrypts to two 0 on the array and it will fail to decrypt
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now