The following forum(s) have migrated to Microsoft Q&A (Preview): Developing Universal Windows apps!
Visit Microsoft Q&A (Preview) to post new questions.

Learn More

 locked
AES/CBC/PKCS5Padding in windows store apps. RRS feed

  • Question

  • Hi All,

    I am developing an app in windows 8.1 ,which I want to decrypt an image which was encrypt in "AES/CBC/PKCS5Padding" .

    I used "SymmetricAlgorithmNames.AesCbcPkcs7" foe decryption but I am getting an error "The supplied user buffer is not valid for the requested operation. (Exception from HRESULT: 0x800706F8)"

    please help me how can I get rid of this error.

    If I checked with one sample by taking normal image, I encrypted and decrypted with my methods using "SymmetricAlgorithmNames.AesCbcPkcs7" it was working fine, but the image which was encrypted in server using "AES/CBC/PKCS5Padding" was not decrypting properly.

    My code :

     Uri dataUri = new Uri("ms-appx:///Assets/EncryptedImage.jpg");
    
                    StorageFile file = await StorageFile.GetFileFromApplicationUriAsync(dataUri);
    
                    string key = "123456";
    
                    IBuffer toDecryptBuffer = await FileIO.ReadBufferAsync(file)
    
    
                    SymmetricKeyAlgorithmProvider aesCbcPkcs7 =
       SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
    
                    var keyHash = GetMD5Hash(key);
    
                    var symetricKey = aesCbcPkcs7.CreateSymmetricKey(keyHash);
    
                    IBuffer iv = CryptographicBuffer.GenerateRandom(aesCbcPkcs7.BlockLength);
    
                    IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, toDecryptBuffer , iv);
    
                    StorageFolder local = Windows.Storage.ApplicationData.Current.LocalFolder;
    
                    var Newfile = await local.CreateFileAsync("Decrypted.jpg", CreationCollisionOption.ReplaceExisting);
    
                    await Windows.Storage.FileIO.WriteBufferAsync(Newfile, buffDecrypted);

    Thanks


    sarvesh


    • Edited by SARVESH.RVN Wednesday, April 15, 2015 11:19 AM
    Wednesday, April 15, 2015 11:15 AM

Answers

All replies

  • Hi SARVESH.RVN,

    You mentioned have tested with a sample, could you share me which sample it is, from here: https://code.msdn.microsoft.com/windowsapps/Cryptography-and-3305467b ?

    I tried to repro your code snippet but I found something like this:

    var keyHash = GetMD5Hash(key);

    I don't know if GetMD5Hash returns something strange, I would suggest you share the repro project with us for a better analysis.

    --James


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, April 16, 2015 9:24 AM

  •  Hi Jamles,

    Thank you for reply , I tried with sample Image encrypted and decrypted(I used "SymmetricAlgorithmNames.AesCbcPkcs7") with my code, But I am unable to decrypt the server image.(which was encrypted in "AES/CBC/PKCS5Padding" )

    Here GetMD5Hash is method code given below


     private static IBuffer GetMD5Hash(string key)
            {
                // Convert the message string to binary data.
                IBuffer buffUtf8Msg = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
    
                // Create a HashAlgorithmProvider object.
                HashAlgorithmProvider objAlgProv = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
    
                // Hash the message.
                IBuffer buffHash = objAlgProv.HashData(buffUtf8Msg);
    
                // Verify that the hash length equals the length specified for the algorithm.
                if (buffHash.Length != objAlgProv.HashLength)
                {
                    throw new Exception("There was an error creating the hash");
                }
    
                return buffHash;
            }

    I also tried using https://code.msdn.microsoft.com/windowsapps/Cryptography-and-3305467b  with this code but it raised same exception "The supplied user buffer is not valid for the requested operation. (Exception from HRESULT: 0x800706F8)".

    Can I decryprt using "SymmetricAlgorithmNames.AesCbcPkcs7" which was encrypt in "AES/CBC/PKCS5Padding" ? or how can i decrypt using "AES/CBC/PKCS5Padding" which is not available in windows8.1 development.

    Thanks




    sarvesh


    Friday, April 17, 2015 4:54 AM
  • Hi sarvesh,

    Just tried your code, looks like the error thrown on this line:

      IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, toDecryptBuffer , iv);
    
    

    Read carefully through your code I did not see you encrypt the image, but you directly decrypt the original image buffer, which cause the error.

    Here I modified a bit for your code, works fine now:

                Uri dataUri = new Uri("ms-appx:///Assets/0.jpg");
    
                    StorageFile file = await StorageFile.GetFileFromApplicationUriAsync(dataUri);
    
                    string key = "123456";
    
                    IBuffer toDecryptBuffer = await FileIO.ReadBufferAsync(file);
    
                    SymmetricKeyAlgorithmProvider aesCbcPkcs7 =
       SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
    
                    var keyHash = GetMD5Hash(key);
    
                    var symetricKey = aesCbcPkcs7.CreateSymmetricKey(keyHash);
    
                    IBuffer iv = CryptographicBuffer.GenerateRandom(aesCbcPkcs7.BlockLength);
    
                    IBuffer buffEncrypted = CryptographicEngine.Encrypt(symetricKey, toDecryptBuffer, iv);
    
                    IBuffer buffDecrypted = CryptographicEngine.Decrypt(symetricKey, buffEncrypted, iv);
    
                    StorageFolder local = Windows.Storage.ApplicationData.Current.LocalFolder;
    
                    var Newfile = await local.CreateFileAsync("Decrypted.jpg", CreationCollisionOption.ReplaceExisting);
    
                    await Windows.Storage.FileIO.WriteBufferAsync(Newfile, buffDecrypted);
    --James


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, April 17, 2015 7:32 AM
  • Hi Jamles,

    It was already encrypted so we need to decrypt only, I already tried encrypt the image and decrypt it was working fine, but the image was decrypted in server.

    I have to decrypt  it, In android they are able to decrypt , In windows I am getting that exception.

    Thanks


    sarvesh

    Friday, April 17, 2015 10:26 AM
  • Hi All,

    Any solution please.................

    Thank you


    sarvesh

    Monday, April 20, 2015 8:32 AM
  • Hi sarvesh,

    Do you know how your server encrypt the image and how it transfer to your client side?

    --James


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, April 20, 2015 10:12 AM
  • Hi James,

    Image  was encrypt in "AES/CBC/PKCS5Padding" in server and I am getting as Image from server , but in encrypted form so that I unable to open the file and also unable to attach to this forms.

    image url : https://social.msdn.microsoft.com/Forums/getfile/647674  as it was encrypted we are unable to open file


    Thank you

                


    sarvesh

    Tuesday, April 21, 2015 4:28 AM
  • Hi sarvesh,

    Sorry, I did not recognize the reason until now, looks like the different encrypt method cause the different result, see this: http://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding

    As I can find from the MSDN documentation, there is no way to decrypt the pkcs5 padding. All the algorithms are list here: SymmetricAlgorithmNames class

    If you still need help on this topic, I would recommend you to open a support ticket, perhaps write a algorithm to decrypt it follow the instruction: https://www.ietf.org/rfc/rfc2898.txt  or you can simply feedback to our product team as a feature request: https://wpdev.uservoice.com/forums/110705-dev-platform

    Thanks for your understanding,

    --James


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    • Edited by Jamles Hez Tuesday, April 21, 2015 5:55 AM
    • Marked as answer by Jamles Hez Wednesday, April 29, 2015 2:29 PM
    Tuesday, April 21, 2015 5:44 AM
  • Hi Jamles Hez,

    Thank you for support, I will check your links

    Thanks


    sarvesh

    Wednesday, April 22, 2015 5:09 AM