AES/CBC/PKCS5Padding in windows store apps.

Question

Hi All,

I am developing an app in windows 8.1 ,which I want to decrypt an image which was encrypt in "AES/CBC/PKCS5Padding" .

I used "SymmetricAlgorithmNames.AesCbcPkcs7" foe decryption but I am getting an error "The supplied user buffer is not valid for the requested operation. (Exception from HRESULT: 0x800706F8)"

please help me how can I get rid of this error.

If I checked with one sample by taking normal image, I encrypted and decrypted with my methods using "SymmetricAlgorithmNames.AesCbcPkcs7" it was working fine, but the image which was encrypted in server using "AES/CBC/PKCS5Padding" was not decrypting properly.

My code :

 Uri dataUri = new Uri("ms-appx:///Assets/EncryptedImage.jpg");

                StorageFile file = await StorageFile.GetFileFromApplicationUriAsync(dataUri);

                string key = "123456";

                IBuffer toDecryptBuffer = await FileIO.ReadBufferAsync(file)


                SymmetricKeyAlgorithmProvider aesCbcPkcs7 =
   SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);

                var keyHash = GetMD5Hash(key);

                var symetricKey = aesCbcPkcs7.CreateSymmetricKey(keyHash);

                IBuffer iv = CryptographicBuffer.GenerateRandom(aesCbcPkcs7.BlockLength);

                IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, toDecryptBuffer , iv);

                StorageFolder local = Windows.Storage.ApplicationData.Current.LocalFolder;

                var Newfile = await local.CreateFileAsync("Decrypted.jpg", CreationCollisionOption.ReplaceExisting);

                await Windows.Storage.FileIO.WriteBufferAsync(Newfile, buffDecrypted);

Thanks

---

sarvesh

Answer 1

Hi SARVESH.RVN,

You mentioned have tested with a sample, could you share me which sample it is, from here: https://code.msdn.microsoft.com/windowsapps/Cryptography-and-3305467b ?

I tried to repro your code snippet but I found something like this:

var keyHash = GetMD5Hash(key);

I don't know if GetMD5Hash returns something strange, I would suggest you share the repro project with us for a better analysis.

--James

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Answer 2

 Hi Jamles,

Thank you for reply , I tried with sample Image encrypted and decrypted(I used "SymmetricAlgorithmNames.AesCbcPkcs7") with my code, But I am unable to decrypt the server image.(which was encrypted in "AES/CBC/PKCS5Padding" )

Here GetMD5Hash is method code given below

 private static IBuffer GetMD5Hash(string key)
        {
            // Convert the message string to binary data.
            IBuffer buffUtf8Msg = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);

            // Create a HashAlgorithmProvider object.
            HashAlgorithmProvider objAlgProv = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);

            // Hash the message.
            IBuffer buffHash = objAlgProv.HashData(buffUtf8Msg);

            // Verify that the hash length equals the length specified for the algorithm.
            if (buffHash.Length != objAlgProv.HashLength)
            {
                throw new Exception("There was an error creating the hash");
            }

            return buffHash;
        }

I also tried using https://code.msdn.microsoft.com/windowsapps/Cryptography-and-3305467b  with this code but it raised same exception "The supplied user buffer is not valid for the requested operation. (Exception from HRESULT: 0x800706F8)".

Can I decryprt using "SymmetricAlgorithmNames.AesCbcPkcs7" which was encrypt in "AES/CBC/PKCS5Padding" ? or how can i decrypt using "AES/CBC/PKCS5Padding" which is not available in windows8.1 development.

Thanks

---

sarvesh

Answer 3

Hi sarvesh,

Just tried your code, looks like the error thrown on this line:

  IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, toDecryptBuffer , iv);

Read carefully through your code I did not see you encrypt the image, but you directly decrypt the original image buffer, which cause the error.

Here I modified a bit for your code, works fine now:

            Uri dataUri = new Uri("ms-appx:///Assets/0.jpg");

                StorageFile file = await StorageFile.GetFileFromApplicationUriAsync(dataUri);

                string key = "123456";

                IBuffer toDecryptBuffer = await FileIO.ReadBufferAsync(file);

                SymmetricKeyAlgorithmProvider aesCbcPkcs7 =
   SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);

                var keyHash = GetMD5Hash(key);

                var symetricKey = aesCbcPkcs7.CreateSymmetricKey(keyHash);

                IBuffer iv = CryptographicBuffer.GenerateRandom(aesCbcPkcs7.BlockLength);

                IBuffer buffEncrypted = CryptographicEngine.Encrypt(symetricKey, toDecryptBuffer, iv);

                IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, buffEncrypted, iv);

                StorageFolder local = Windows.Storage.ApplicationData.Current.LocalFolder;

                var Newfile = await local.CreateFileAsync("Decrypted.jpg", CreationCollisionOption.ReplaceExisting);

                await Windows.Storage.FileIO.WriteBufferAsync(Newfile, buffDecrypted);

--James

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Answer 4

Hi Jamles,

It was already encrypted so we need to decrypt only, I already tried encrypt the image and decrypt it was working fine, but the image was decrypted in server.

I have to decrypt  it, In android they are able to decrypt , In windows I am getting that exception.

Thanks

---

sarvesh

Answer 5

Hi All,

Any solution please.................

Thank you

---

sarvesh

Answer 6

Hi sarvesh,

Do you know how your server encrypt the image and how it transfer to your client side?

--James

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Answer 7

Hi James,

Image  was encrypt in "AES/CBC/PKCS5Padding" in server and I am getting as Image from server , but in encrypted form so that I unable to open the file and also unable to attach to this forms.

image url : https://social.msdn.microsoft.com/Forums/getfile/647674  as it was encrypted we are unable to open file

Thank you

            

---

sarvesh

Answer 8

Hi sarvesh,

Sorry, I did not recognize the reason until now, looks like the different encrypt method cause the different result, see this: http://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding

As I can find from the MSDN documentation, there is no way to decrypt the pkcs5 padding. All the algorithms are list here: SymmetricAlgorithmNames class

If you still need help on this topic, I would recommend you to open a support ticket, perhaps write a algorithm to decrypt it follow the instruction: https://www.ietf.org/rfc/rfc2898.txt  or you can simply feedback to our product team as a feature request: https://wpdev.uservoice.com/forums/110705-dev-platform

Thanks for your understanding,

--James

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Answer 9

Hi Jamles Hez,

Thank you for support, I will check your links

Thanks

---

sarvesh