none
Getting error padding is invalid and cannot be removed while decryption RRS feed

  • Question

  • I am using following code to encrypt and decrypt the password,

    public static string EncryptStringPassword(string plainSourceStringToEncrypt)
                {
                    //Set up the encryption objects
                    using (AesCryptoServiceProvider acsp = GetProvider(Encoding.Default.GetBytes(Key)))
                    {
                        byte[] sourceBytes = Encoding.ASCII.GetBytes(plainSourceStringToEncrypt);
                        ICryptoTransform ictE = acsp.CreateEncryptor();
    
                        //Set up stream to contain the encryption
                        MemoryStream msS = new MemoryStream();
    
                        //Perform the encrpytion, storing output into the stream
                        CryptoStream csS = new CryptoStream(msS, ictE, CryptoStreamMode.Write);
                        csS.Write(sourceBytes, 0, sourceBytes.Length);
                        csS.FlushFinalBlock();
    
                        //sourceBytes are now encrypted as an array of secure bytes
                        byte[] encryptedBytes = msS.ToArray(); //.ToArray() is important, don't mess with the buffer
    
                        //return the encrypted bytes as a BASE64 encoded string
                        return Convert.ToBase64String(encryptedBytes);
                    }
                }
    
                //AES
                public static string DecryptStringPassword(string base64StringToDecrypt)
                {
                    //Set up the encryption objects
                    using (AesCryptoServiceProvider acsp = GetProvider(Encoding.Default.GetBytes(Key)))
                    {
                        byte[] RawBytes = Convert.FromBase64String(base64StringToDecrypt);
                        ICryptoTransform ictD = acsp.CreateDecryptor();
    
                        //RawBytes now contains original byte array, still in Encrypted state
    
                        //Decrypt into stream
                        MemoryStream msD = new MemoryStream(RawBytes, 0, RawBytes.Length);
                        CryptoStream csD = new CryptoStream(msD, ictD, CryptoStreamMode.Read);
                        //csD now contains original byte array, fully decrypted
    
                        //return the content of msD as a regular string
                        return (new StreamReader(csD)).ReadToEnd();
                    }
                }
    
                private static AesCryptoServiceProvider GetProvider(byte[] key)
                {
                    AesCryptoServiceProvider result = new AesCryptoServiceProvider();
                    result.BlockSize = 128;
                    result.KeySize = 128;
                    result.Mode = CipherMode.CBC;
                    result.Padding = PaddingMode.PKCS7;
    
                    result.GenerateIV();
                    result.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
    
                    byte[] RealKey = GetKey(key, result);
                    result.Key = RealKey;
                    // result.IV = RealKey;
                    return result;
                }

    Suddenly while verifying one of the users password, I am getting error "padding is invalid and can not be removed".

    for other users it working fine. Only for one user its giving problem. 

    Will it be possible if password has been changed recently and whether it contains any particular character? or will length of the password can produce this error? Will it be because of password itself (as i said may be length or something)

    (before same user has no problem signing in the app)

    otherwise what can be reason for getting above error?


    h2007

    Monday, January 21, 2019 8:25 AM

All replies

  • Hello,

    The best thing to do is attempt to simulate what the user entered, set "Common Language Runtime Exceptions", run the project, upon an exception you will be stopped on the offending line. If you can't determine how to fix then come back here and indicate which line caused the problem along with the exact error message. 


    Please remember to mark the replies as answers if they help and unmark them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.
    VB Forums - moderator
    profile for Karen Payne on Stack Exchange, a network of free, community-driven Q&A sites

    Monday, January 21, 2019 1:10 PM
    Moderator
  • Hi h2007,

    Thank you for posting here.

    Based on your description, you want to solve the error that padding is invalid and can not be removed while verifying one of the users password.

    You could set the break point to check if the parameter is right.

    If it still does not work, please share the information about the following bold code.

    using (AesCryptoServiceProvider acsp = GetProvider(Encoding.Default.GetBytes(Key)))
    byte[] RealKey = GetKey(key, result);

    It is best for you to provide the information about the distinguish between the error user and other users.

    We are waiting for your update.

    Best regards,

    Jack



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.



    Tuesday, January 22, 2019 3:25 AM
    Moderator
  • Hi h2007,

    Thank you for posting here.

    Based on your description, you want to solve the error that padding is invalid and can not be removed while verifying one of the users password.

    You could set the break point to check if the parameter is right.

    If it still does not work, please share the information about the following bold code.

    using (AesCryptoServiceProvider acsp = GetProvider(Encoding.Default.GetBytes(Key)))
    byte[] RealKey = GetKey(key, result);

    It is best for you to provide the information about the distinguish between the error user and other users.

    We are waiting for your update.

    Best regards,

    Jack



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.



    Thank you. Will update soon. App works only in the user's organization intranet. so whenever will go there to check this, then only I can debug this.


    h2007

    Wednesday, January 23, 2019 2:36 AM
  • Actually encoding is done using base64 encoding. And for decoding code is above stated.

    So for the problematic password base64 encoding gives encrypted string as "xwYgqg8+xnynU7MpceOoJw==" which gives above exception while decoding.

    In the above decoding code, in 

    DecryptStringPassword() function, last line gives the exception.

     return (new StreamReader(csD)).ReadToEnd();

    If same password I encrypted using AES encryption (as above) it gives me , "xwYgqg8+xnynU7MpceOoJ70HuRIIw+OkcDPBVa18mLw=" such a big encrypted string compared to base64 encoding which does not give any exception while decoding.

    paswword is "wassup_MAN193728". So I didn't see any special character (_ is very common). So I  suspect only the length.

    For rest of the users no problem while encoding with base64 and decoding with above code. I don't know their passwords so not sure about the lengths of their passwords.


    h2007

    Thursday, January 24, 2019 8:55 AM
  • Hi h2007,

    Thanks for your feedback.

    According to your question, It is best for you to read the following link to use AesCryptoServiceProvider.

    https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.aescryptoserviceprovider?view=netframework-4.7.2

    Best Regards,

    Jack.


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, January 30, 2019 9:11 AM
    Moderator