473,320 Members | 2,133 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

TripleDES encryption problem

I am attempting to encrypt some text and be able to decrypt it at a later
time. I have two methods to do this:

public static Byte[] EncryptText(string textToEncrypt, string
encryptionHash)
{
Byte[] bytearrayinput =
StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt);
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new
TripleDESCryptoServiceProvider();
// use the default SHA-1 hash algorithm
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in MS
documentation.
System.IO.MemoryStream ms = new System.IO.MemoryStream();
//Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write);
cryptostream.Write(bytearrayinput,0,bytearrayinput .Length);

System.IO.StreamWriter sw = new System.IO.StreamWriter(cryptostream);
sw.Write(bytearrayinput);
Byte[] mBytes = new Byte[ms.Length-1];
ms.Position = 0;
ms.Read(mBytes,0,mBytes.Length);
cryptostream.Close();
ms.Close();
return mBytes;
}

public static string DeCryptText(Byte[] textToDecrypt, string
encryptionHash)
{
Byte[] bytearrayinput = textToDecrypt;
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new
TripleDESCryptoServiceProvider();
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
System.IO.MemoryStream ms = new System.IO.MemoryStream(bytearrayinput);
//Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read);
System.IO.StreamReader SR = new
System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII);
return SR.ReadToEnd();
}

I have tried this about half a hundred ways with the same results :
It chokes on
SR.ReadToEnd(); when atttepting to Decrypt the data that was encrypted by
EncryptText(..)

Length of the data to decrypt is invalid.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicExceptio n:
Length of the data to decrypt is invalid.
Can someone explain what is going on and what I am doing wrong. In looking
for insight into this I have seen allot of newsgroup posts where people had
the same problem but no answers.

Thanks,
CMD
Jul 19 '05 #1
5 2813
Found something interesting that narrows the scope of the problem somewhat.

Here are a set of methods (one set of many I have tried):

public static byte[] DesEncrypt(byte[] data, string hashString)
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(4096);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateEncryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Write);
encStream.Write(data,0,data.Length);
encStream.FlushFinalBlock();
//calculate the length of the encrypted data
byte[] bResult = new byte[ms.Position];
ms.Position = 0;
ms.Read(bResult, 0, bResult.Length) ;
encStream.Close();
return bResult;
}
public static byte[] DesDecrypt ( byte[] data, string hashString )
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToDeCrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(data.Length);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateDecryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Read);
ms.Write(data,0,data.Length);
ms.Position = 0;
string strResult = new StreamReader(encStream).ReadToEnd();
encStream.Close();
return ASCIIEncoding.ASCII.GetBytes(strResult);
}

Doing the following works:
byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password");
byte[] decrypted =
NFS.Architecture.Security.TextEncryption.DesDecryp t(encrypted,"password");

Response.Write(encrypted);
Response.Write("<BR>");
Response.Write(decrypted);

But the following Does not work:

byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password");
string encryptedStr = System.Text.ASCIIEncoding.ASCII.GetString(encrypte d);
byte[] reencrypted = System.Text.ASCIIEncoding.ASCII.GetBytes(encrypted Str);
byte[] decrypted =
NFS.Architecture.Security.TextEncryption.DesDecryp t(reencrypted,"password");
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
Response.Write(enc.GetString(encrypted));
Response.Write("<BR>");
Response.Write(enc.GetString(decrypted));

Somehow converting the output of DesEncrypt to a string and then converting
that string back to a byte array caused the decryption method to bomb with a
"Bad Data" error.

Anyone have any ideas?
"c duden" <cd****@hotmail.com> wrote in message
news:uQ**************@TK2MSFTNGP10.phx.gbl...
I am attempting to encrypt some text and be able to decrypt it at a later
time. I have two methods to do this:

public static Byte[] EncryptText(string textToEncrypt, string
encryptionHash)
{
Byte[] bytearrayinput =
StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt);
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new
TripleDESCryptoServiceProvider();
// use the default SHA-1 hash algorithm
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in MS
documentation.
System.IO.MemoryStream ms = new System.IO.MemoryStream();
//Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write);
cryptostream.Write(bytearrayinput,0,bytearrayinput .Length);

System.IO.StreamWriter sw = new System.IO.StreamWriter(cryptostream);
sw.Write(bytearrayinput);
Byte[] mBytes = new Byte[ms.Length-1];
ms.Position = 0;
ms.Read(mBytes,0,mBytes.Length);
cryptostream.Close();
ms.Close();
return mBytes;
}

public static string DeCryptText(Byte[] textToDecrypt, string
encryptionHash)
{
Byte[] bytearrayinput = textToDecrypt;
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new
TripleDESCryptoServiceProvider();
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
System.IO.MemoryStream ms = new System.IO.MemoryStream(bytearrayinput); //Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read);
System.IO.StreamReader SR = new
System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII);
return SR.ReadToEnd();
}

I have tried this about half a hundred ways with the same results :
It chokes on
SR.ReadToEnd(); when atttepting to Decrypt the data that was encrypted by
EncryptText(..)

Length of the data to decrypt is invalid.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicExceptio n:
Length of the data to decrypt is invalid.
Can someone explain what is going on and what I am doing wrong. In looking for insight into this I have seen allot of newsgroup posts where people had the same problem but no answers.

Thanks,
CMD

Jul 19 '05 #2
Ok, I figured out a workaround -- changed everything to use UnicodeEncoding
instead of ASCIIEncoding and it now works. BUT does anyone have any insight
into why this will fail when you use ASCII encoding? I know that in C# all
strings are Unicode Byte Arrays but why would the conversion not work
correctly using the Crypto providers?

Thanks
"c duden" <cd****@hotmail.com> wrote in message
news:uJ**************@TK2MSFTNGP10.phx.gbl...
Found something interesting that narrows the scope of the problem somewhat.
Here are a set of methods (one set of many I have tried):

public static byte[] DesEncrypt(byte[] data, string hashString)
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(4096);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateEncryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Write);
encStream.Write(data,0,data.Length);
encStream.FlushFinalBlock();
//calculate the length of the encrypted data
byte[] bResult = new byte[ms.Position];
ms.Position = 0;
ms.Read(bResult, 0, bResult.Length) ;
encStream.Close();
return bResult;
}
public static byte[] DesDecrypt ( byte[] data, string hashString )
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToDeCrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(data.Length);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateDecryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Read);
ms.Write(data,0,data.Length);
ms.Position = 0;
string strResult = new StreamReader(encStream).ReadToEnd();
encStream.Close();
return ASCIIEncoding.ASCII.GetBytes(strResult);
}

Doing the following works:
byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password");
byte[] decrypted =
NFS.Architecture.Security.TextEncryption.DesDecryp t(encrypted,"password");

Response.Write(encrypted);
Response.Write("<BR>");
Response.Write(decrypted);

But the following Does not work:

byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password");
string encryptedStr = System.Text.ASCIIEncoding.ASCII.GetString(encrypte d); byte[] reencrypted = System.Text.ASCIIEncoding.ASCII.GetBytes(encrypted Str); byte[] decrypted =
NFS.Architecture.Security.TextEncryption.DesDecryp t(reencrypted,"password"); System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
Response.Write(enc.GetString(encrypted));
Response.Write("<BR>");
Response.Write(enc.GetString(decrypted));

Somehow converting the output of DesEncrypt to a string and then converting that string back to a byte array caused the decryption method to bomb with a "Bad Data" error.

Anyone have any ideas?
"c duden" <cd****@hotmail.com> wrote in message
news:uQ**************@TK2MSFTNGP10.phx.gbl...
I am attempting to encrypt some text and be able to decrypt it at a later time. I have two methods to do this:

public static Byte[] EncryptText(string textToEncrypt, string
encryptionHash)
{
Byte[] bytearrayinput =
StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt);
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new TripleDESCryptoServiceProvider();
// use the default SHA-1 hash algorithm
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,

0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in MS
documentation.
System.IO.MemoryStream ms = new System.IO.MemoryStream();
//Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write);
cryptostream.Write(bytearrayinput,0,bytearrayinput .Length);

System.IO.StreamWriter sw = new System.IO.StreamWriter(cryptostream); sw.Write(bytearrayinput);
Byte[] mBytes = new Byte[ms.Length-1];
ms.Position = 0;
ms.Read(mBytes,0,mBytes.Length);
cryptostream.Close();
ms.Close();
return mBytes;
}

public static string DeCryptText(Byte[] textToDecrypt, string
encryptionHash)
{
Byte[] bytearrayinput = textToDecrypt;
//DES instance
System.Security.Cryptography.TripleDESCryptoServic eProvider des = new TripleDESCryptoServiceProvider();
string pws = encryptionHash;
System.Security.Cryptography.PasswordDeriveBytes db = new
System.Security.Cryptography.PasswordDeriveBytes(p ws,new byte[0]);
byte[] prndKey= db.GetBytes(16);
byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,

0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
System.IO.MemoryStream ms = new

System.IO.MemoryStream(bytearrayinput);
//Create Crypto Stream that transforms text stream using Triple DES
encryption
CryptoStream cryptostream = new
CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read);
System.IO.StreamReader SR = new
System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII);
return SR.ReadToEnd();
}

I have tried this about half a hundred ways with the same results :
It chokes on
SR.ReadToEnd(); when atttepting to Decrypt the data that was encrypted by EncryptText(..)

Length of the data to decrypt is invalid.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicExceptio n:
Length of the data to decrypt is invalid.
Can someone explain what is going on and what I am doing wrong. In

looking
for insight into this I have seen allot of newsgroup posts where people

had
the same problem but no answers.

Thanks,
CMD


Jul 19 '05 #3
Ok, Michael that makes perfect sense when you put it that way. Follow up
question then -- with the Unicode working verison I insert that encrypted
data into a field in SQL2k -- (nvarchar -- supposed to be able to handle
Unicode values) but when I pull it out it can't unencode it -- fails with
"bad data" error. Is SQL doing something in the translation?
"Michael Giagnocavo [MVP]" <mg*******@Atrevido.net> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
ASCII is only a 7-bit encoding, and your key uses the full 8-bit space
of each byte. Thus, writing your key to ASCII results in some data
being messed up.

-mike
MVP

"c duden" <cd****@hotmail.com> wrote in message
news:u2**************@TK2MSFTNGP10.phx.gbl...
Ok, I figured out a workaround -- changed everything to use

UnicodeEncoding
instead of ASCIIEncoding and it now works. BUT does anyone have any

insight
into why this will fail when you use ASCII encoding? I know that in

C# all
strings are Unicode Byte Arrays but why would the conversion not

work
correctly using the Crypto providers?

Thanks
"c duden" <cd****@hotmail.com> wrote in message
news:uJ**************@TK2MSFTNGP10.phx.gbl...
Found something interesting that narrows the scope of the problem

somewhat.

Here are a set of methods (one set of many I have tried):

public static byte[] DesEncrypt(byte[] data, string hashString)
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(4096);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateEncryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Write);
encStream.Write(data,0,data.Length);
encStream.FlushFinalBlock();
//calculate the length of the encrypted data
byte[] bResult = new byte[ms.Position];
ms.Position = 0;
ms.Read(bResult, 0, bResult.Length) ;
encStream.Close();
return bResult;
}
public static byte[] DesDecrypt ( byte[] data, string hashString )
{
//byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToDeCrypt);
byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
MemoryStream ms = new MemoryStream(data.Length);
DES des = new DESCryptoServiceProvider() ;
CryptoStream encStream = new CryptoStream(ms,
des.CreateDecryptor(m_bDESKey, m_bDESIV),
CryptoStreamMode.Read);
ms.Write(data,0,data.Length);
ms.Position = 0;
string strResult = new StreamReader(encStream).ReadToEnd();
encStream.Close();
return ASCIIEncoding.ASCII.GetBytes(strResult);
}

Doing the following works:
byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend"); byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); byte[] decrypted =
NFS.Architecture.Security.TextEncryption.DesDecryp t(encrypted,"passwor
d");
Response.Write(encrypted);
Response.Write("<BR>");
Response.Write(decrypted);

But the following Does not work:

byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend"); byte[] encrypted =
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); string encryptedStr =

System.Text.ASCIIEncoding.ASCII.GetString(encrypte d);
byte[] reencrypted =

System.Text.ASCIIEncoding.ASCII.GetBytes(encrypted Str);
byte[] decrypted =

NFS.Architecture.Security.TextEncryption.DesDecryp t(reencrypted,"passw
ord");
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
Response.Write(enc.GetString(encrypted));
Response.Write("<BR>");
Response.Write(enc.GetString(decrypted));

Somehow converting the output of DesEncrypt to a string and then

converting
that string back to a byte array caused the decryption method to bomb with
a
"Bad Data" error.

Anyone have any ideas?
"c duden" <cd****@hotmail.com> wrote in message
news:uQ**************@TK2MSFTNGP10.phx.gbl...
> I am attempting to encrypt some text and be able to decrypt it

at a
later
> time. I have two methods to do this:
>
> public static Byte[] EncryptText(string textToEncrypt, string
> encryptionHash)
> {
> Byte[] bytearrayinput =
>

StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt); > //DES instance
> System.Security.Cryptography.TripleDESCryptoServic eProvider des =
new
> TripleDESCryptoServiceProvider();
> // use the default SHA-1 hash algorithm
> string pws = encryptionHash;
> System.Security.Cryptography.PasswordDeriveBytes db = new
> System.Security.Cryptography.PasswordDeriveBytes(p ws,new

byte[0]); > byte[] prndKey= db.GetBytes(16);
> byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
> 0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in MS
> documentation.
> System.IO.MemoryStream ms = new System.IO.MemoryStream();
> //Create Crypto Stream that transforms text stream using Triple DES > encryption
> CryptoStream cryptostream = new
> CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write
); > cryptostream.Write(bytearrayinput,0,bytearrayinput .Length);
>
> System.IO.StreamWriter sw = new

System.IO.StreamWriter(cryptostream);
> sw.Write(bytearrayinput);
> Byte[] mBytes = new Byte[ms.Length-1];
> ms.Position = 0;
> ms.Read(mBytes,0,mBytes.Length);
> cryptostream.Close();
> ms.Close();
> return mBytes;
> }
>
> public static string DeCryptText(Byte[] textToDecrypt, string
> encryptionHash)
> {
> Byte[] bytearrayinput = textToDecrypt;
> //DES instance
> System.Security.Cryptography.TripleDESCryptoServic eProvider des =
new
> TripleDESCryptoServiceProvider();
> string pws = encryptionHash;
> System.Security.Cryptography.PasswordDeriveBytes db = new
> System.Security.Cryptography.PasswordDeriveBytes(p ws,new

byte[0]); > byte[] prndKey= db.GetBytes(16);
> byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
> 0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
> System.IO.MemoryStream ms = new
System.IO.MemoryStream(bytearrayinput);
> //Create Crypto Stream that transforms text stream using Triple DES > encryption
> CryptoStream cryptostream = new
> CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read)
; > System.IO.StreamReader SR = new
> System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII);
> return SR.ReadToEnd();
> }
>
> I have tried this about half a hundred ways with the same results : > It chokes on
> SR.ReadToEnd(); when atttepting to Decrypt the data that was encrypted
by
> EncryptText(..)
>
> Length of the data to decrypt is invalid.
> Description: An unhandled exception occurred during the

execution of the > current web request. Please review the stack trace for more information > about the error and where it originated in the code.
>
> Exception Details: System.Security.Cryptography.CryptographicExceptio n: > Length of the data to decrypt is invalid.
>
>
> Can someone explain what is going on and what I am doing wrong. In looking
> for insight into this I have seen allot of newsgroup posts where people had
> the same problem but no answers.
>
> Thanks,
> CMD
>
>



Jul 19 '05 #4
Store as a varchar or char, and use Base64 (Convert.ToBase64String) to
get your byte[] to an easily managed string.
-mike
MVP

"c duden" <cd****@hotmail.com> wrote in message
news:ei**************@TK2MSFTNGP12.phx.gbl...
Ok, Michael that makes perfect sense when you put it that way. Follow up question then -- with the Unicode working verison I insert that encrypted data into a field in SQL2k -- (nvarchar -- supposed to be able to handle Unicode values) but when I pull it out it can't unencode it -- fails with "bad data" error. Is SQL doing something in the translation?
"Michael Giagnocavo [MVP]" <mg*******@Atrevido.net> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
ASCII is only a 7-bit encoding, and your key uses the full 8-bit space of each byte. Thus, writing your key to ASCII results in some data being messed up.

-mike
MVP

"c duden" <cd****@hotmail.com> wrote in message
news:u2**************@TK2MSFTNGP10.phx.gbl...
Ok, I figured out a workaround -- changed everything to use

UnicodeEncoding
instead of ASCIIEncoding and it now works. BUT does anyone have any
insight
into why this will fail when you use ASCII encoding? I know
that in C# all
strings are Unicode Byte Arrays but why would the conversion not

work
correctly using the Crypto providers?

Thanks
"c duden" <cd****@hotmail.com> wrote in message
news:uJ**************@TK2MSFTNGP10.phx.gbl...
> Found something interesting that narrows the scope of the
problem somewhat.
>
> Here are a set of methods (one set of many I have tried):
>
> public static byte[] DesEncrypt(byte[] data, string hashString) > {
> //byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
> byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
> byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
> MemoryStream ms = new MemoryStream(4096);
> DES des = new DESCryptoServiceProvider() ;
> CryptoStream encStream = new CryptoStream(ms,
> des.CreateEncryptor(m_bDESKey, m_bDESIV),
> CryptoStreamMode.Write);
> encStream.Write(data,0,data.Length);
> encStream.FlushFinalBlock();
> //calculate the length of the encrypted data
> byte[] bResult = new byte[ms.Position];
> ms.Position = 0;
> ms.Read(bResult, 0, bResult.Length) ;
> encStream.Close();
> return bResult;
> }
> public static byte[] DesDecrypt ( byte[] data, string hashString ) > {
> //byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToDeCrypt);
> byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
> byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
> MemoryStream ms = new MemoryStream(data.Length);
> DES des = new DESCryptoServiceProvider() ;
> CryptoStream encStream = new CryptoStream(ms,
> des.CreateDecryptor(m_bDESKey, m_bDESIV),
> CryptoStreamMode.Read);
> ms.Write(data,0,data.Length);
> ms.Position = 0;
> string strResult = new StreamReader(encStream).ReadToEnd();
> encStream.Close();
> return ASCIIEncoding.ASCII.GetBytes(strResult);
> }
>
> Doing the following works:
> byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
> byte[] encrypted =
>

NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); > byte[] decrypted =
>

NFS.Architecture.Security.TextEncryption.DesDecryp t(encrypted,"passwor d");
>
> Response.Write(encrypted);
> Response.Write("<BR>");
> Response.Write(decrypted);
>
> But the following Does not work:
>
> byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my
friend");
> byte[] encrypted =
>

NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); > string encryptedStr =
System.Text.ASCIIEncoding.ASCII.GetString(encrypte d);
> byte[] reencrypted =
System.Text.ASCIIEncoding.ASCII.GetBytes(encrypted Str);
> byte[] decrypted =
>

NFS.Architecture.Security.TextEncryption.DesDecryp t(reencrypted,"passw ord");
> System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding(); > Response.Write(enc.GetString(encrypted));
> Response.Write("<BR>");
> Response.Write(enc.GetString(decrypted));
>
> Somehow converting the output of DesEncrypt to a string and then converting
> that string back to a byte array caused the decryption method to
bomb with
a
> "Bad Data" error.
>
> Anyone have any ideas?
>
>
> "c duden" <cd****@hotmail.com> wrote in message
> news:uQ**************@TK2MSFTNGP10.phx.gbl...
> > I am attempting to encrypt some text and be able to decrypt
it at a
later
> > time. I have two methods to do this:
> >
> > public static Byte[] EncryptText(string textToEncrypt,
string > > encryptionHash)
> > {
> > Byte[] bytearrayinput =
> >

StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt);
> > //DES instance
> > System.Security.Cryptography.TripleDESCryptoServic eProvider des =
new
> > TripleDESCryptoServiceProvider();
> > // use the default SHA-1 hash algorithm
> > string pws = encryptionHash;
> > System.Security.Cryptography.PasswordDeriveBytes db =
new > > System.Security.Cryptography.PasswordDeriveBytes(p ws,new

byte[0]);
> > byte[] prndKey= db.GetBytes(16);
> > byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
> 0x10,
> > 0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in
MS > > documentation.
> > System.IO.MemoryStream ms = new System.IO.MemoryStream(); > > //Create Crypto Stream that transforms text stream using

Triple DES
> > encryption
> > CryptoStream cryptostream = new
> >

CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write );
> > cryptostream.Write(bytearrayinput,0,bytearrayinput .Length); > >
> > System.IO.StreamWriter sw = new
System.IO.StreamWriter(cryptostream);
> > sw.Write(bytearrayinput);
> > Byte[] mBytes = new Byte[ms.Length-1];
> > ms.Position = 0;
> > ms.Read(mBytes,0,mBytes.Length);
> > cryptostream.Close();
> > ms.Close();
> > return mBytes;
> > }
> >
> > public static string DeCryptText(Byte[] textToDecrypt, string > > encryptionHash)
> > {
> > Byte[] bytearrayinput = textToDecrypt;
> > //DES instance
> > System.Security.Cryptography.TripleDESCryptoServic eProvider
des =
new
> > TripleDESCryptoServiceProvider();
> > string pws = encryptionHash;
> > System.Security.Cryptography.PasswordDeriveBytes db =
new > > System.Security.Cryptography.PasswordDeriveBytes(p ws,new

byte[0]);
> > byte[] prndKey= db.GetBytes(16);
> > byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
> 0x10,
> > 0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
> > System.IO.MemoryStream ms = new
> System.IO.MemoryStream(bytearrayinput);
> > //Create Crypto Stream that transforms text stream using

Triple DES
> > encryption
> > CryptoStream cryptostream = new
> >

CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read) ;
> > System.IO.StreamReader SR = new
> >
System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII); > > return SR.ReadToEnd();
> > }
> >
> > I have tried this about half a hundred ways with the same

results :
> > It chokes on
> > SR.ReadToEnd(); when atttepting to Decrypt the data that was

encrypted
by
> > EncryptText(..)
> >
> > Length of the data to decrypt is invalid.
> > Description: An unhandled exception occurred during the

execution of the
> > current web request. Please review the stack trace for more

information
> > about the error and where it originated in the code.
> >
> > Exception Details:

System.Security.Cryptography.CryptographicExceptio n:
> > Length of the data to decrypt is invalid.
> >
> >
> > Can someone explain what is going on and what I am doing

wrong. In
> looking
> > for insight into this I have seen allot of newsgroup posts
where people
> had
> > the same problem but no answers.
> >
> > Thanks,
> > CMD
> >
> >
>
>



Jul 19 '05 #5
Converting to and from Base64String was the ticket. Thanks much, appreciate
the help.

"Michael Giagnocavo [MVP]" <mg*******@Atrevido.net> wrote in message
news:ek**************@TK2MSFTNGP10.phx.gbl...
Store as a varchar or char, and use Base64 (Convert.ToBase64String) to
get your byte[] to an easily managed string.
-mike
MVP

"c duden" <cd****@hotmail.com> wrote in message
news:ei**************@TK2MSFTNGP12.phx.gbl...
Ok, Michael that makes perfect sense when you put it that way.

Follow up
question then -- with the Unicode working verison I insert that

encrypted
data into a field in SQL2k -- (nvarchar -- supposed to be able to

handle
Unicode values) but when I pull it out it can't unencode it -- fails

with
"bad data" error. Is SQL doing something in the translation?
"Michael Giagnocavo [MVP]" <mg*******@Atrevido.net> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
ASCII is only a 7-bit encoding, and your key uses the full 8-bit space of each byte. Thus, writing your key to ASCII results in some data being messed up.

-mike
MVP

"c duden" <cd****@hotmail.com> wrote in message
news:u2**************@TK2MSFTNGP10.phx.gbl...
> Ok, I figured out a workaround -- changed everything to use
UnicodeEncoding
> instead of ASCIIEncoding and it now works. BUT does anyone have any insight
> into why this will fail when you use ASCII encoding? I know that in C# all
> strings are Unicode Byte Arrays but why would the conversion not
work
> correctly using the Crypto providers?
>
> Thanks
>
>
> "c duden" <cd****@hotmail.com> wrote in message
> news:uJ**************@TK2MSFTNGP10.phx.gbl...
> > Found something interesting that narrows the scope of the problem > somewhat.
> >
> > Here are a set of methods (one set of many I have tried):
> >
> > public static byte[] DesEncrypt(byte[] data, string hashString) > > {
> > //byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
> > byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
> > byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
> > MemoryStream ms = new MemoryStream(4096);
> > DES des = new DESCryptoServiceProvider() ;
> > CryptoStream encStream = new CryptoStream(ms,
> > des.CreateEncryptor(m_bDESKey, m_bDESIV),
> > CryptoStreamMode.Write);
> > encStream.Write(data,0,data.Length);
> > encStream.FlushFinalBlock();
> > //calculate the length of the encrypted data
> > byte[] bResult = new byte[ms.Position];
> > ms.Position = 0;
> > ms.Read(bResult, 0, bResult.Length) ;
> > encStream.Close();
> > return bResult;
> > }
> > public static byte[] DesDecrypt ( byte[] data, string hashString ) > > {
> > //byte[] data = ASCIIEncoding.ASCII.GetBytes(stringToDeCrypt);
> > byte[] m_bDESKey = ASCIIEncoding.ASCII.GetBytes(hashString);
> > byte[] m_bDESIV = ASCIIEncoding.ASCII.GetBytes(hashString);
> > MemoryStream ms = new MemoryStream(data.Length);
> > DES des = new DESCryptoServiceProvider() ;
> > CryptoStream encStream = new CryptoStream(ms,
> > des.CreateDecryptor(m_bDESKey, m_bDESIV),
> > CryptoStreamMode.Read);
> > ms.Write(data,0,data.Length);
> > ms.Position = 0;
> > string strResult = new StreamReader(encStream).ReadToEnd();
> > encStream.Close();
> > return ASCIIEncoding.ASCII.GetBytes(strResult);
> > }
> >
> > Doing the following works:
> > byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
> > byte[] encrypted =
> >
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); > > byte[] decrypted =
> >
NFS.Architecture.Security.TextEncryption.DesDecryp t(encrypted,"passwor d");
> >
> > Response.Write(encrypted);
> > Response.Write("<BR>");
> > Response.Write(decrypted);
> >
> > But the following Does not work:
> >
> > byte[] data = System.Text.ASCIIEncoding.ASCII.GetBytes("Hello my friend");
> > byte[] encrypted =
> >
NFS.Architecture.Security.TextEncryption.DesEncryp t(data,"password"); > > string encryptedStr =
> System.Text.ASCIIEncoding.ASCII.GetString(encrypte d);
> > byte[] reencrypted =
> System.Text.ASCIIEncoding.ASCII.GetBytes(encrypted Str);
> > byte[] decrypted =
> >
>
NFS.Architecture.Security.TextEncryption.DesDecryp t(reencrypted,"passw ord");
> > System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding(); > > Response.Write(enc.GetString(encrypted));
> > Response.Write("<BR>");
> > Response.Write(enc.GetString(decrypted));
> >
> > Somehow converting the output of DesEncrypt to a string and then > converting
> > that string back to a byte array caused the decryption method to bomb with
> a
> > "Bad Data" error.
> >
> > Anyone have any ideas?
> >
> >
> > "c duden" <cd****@hotmail.com> wrote in message
> > news:uQ**************@TK2MSFTNGP10.phx.gbl...
> > > I am attempting to encrypt some text and be able to decrypt it at a
> later
> > > time. I have two methods to do this:
> > >
> > > public static Byte[] EncryptText(string textToEncrypt, string > > > encryptionHash)
> > > {
> > > Byte[] bytearrayinput =
> > >
StringAndByteManipulation.ConvertStringToByteArray (textToEncrypt);
> > > //DES instance
> > > System.Security.Cryptography.TripleDESCryptoServic eProvider des =
> new
> > > TripleDESCryptoServiceProvider();
> > > // use the default SHA-1 hash algorithm
> > > string pws = encryptionHash;
> > > System.Security.Cryptography.PasswordDeriveBytes db = new > > > System.Security.Cryptography.PasswordDeriveBytes(p ws,new
byte[0]);
> > > byte[] prndKey= db.GetBytes(16);
> > > byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
> > 0x10,
> > > 0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; // from the example in MS > > > documentation.
> > > System.IO.MemoryStream ms = new System.IO.MemoryStream(); > > > //Create Crypto Stream that transforms text stream using
Triple DES
> > > encryption
> > > CryptoStream cryptostream = new
> > >
CryptoStream(ms,des.CreateEncryptor(prndKey,IV),Cr yptoStreamMode.Write );
> > > cryptostream.Write(bytearrayinput,0,bytearrayinput .Length); > > >
> > > System.IO.StreamWriter sw = new
> System.IO.StreamWriter(cryptostream);
> > > sw.Write(bytearrayinput);
> > > Byte[] mBytes = new Byte[ms.Length-1];
> > > ms.Position = 0;
> > > ms.Read(mBytes,0,mBytes.Length);
> > > cryptostream.Close();
> > > ms.Close();
> > > return mBytes;
> > > }
> > >
> > > public static string DeCryptText(Byte[] textToDecrypt, string > > > encryptionHash)
> > > {
> > > Byte[] bytearrayinput = textToDecrypt;
> > > //DES instance
> > > System.Security.Cryptography.TripleDESCryptoServic eProvider des =
> new
> > > TripleDESCryptoServiceProvider();
> > > string pws = encryptionHash;
> > > System.Security.Cryptography.PasswordDeriveBytes db = new > > > System.Security.Cryptography.PasswordDeriveBytes(p ws,new
byte[0]);
> > > byte[] prndKey= db.GetBytes(16);
> > > byte[] IV = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
> > 0x10,
> > > 0x11, 0x12, 0x13, 0x14, 0x15, 0x16};
> > > System.IO.MemoryStream ms = new
> > System.IO.MemoryStream(bytearrayinput);
> > > //Create Crypto Stream that transforms text stream using
Triple DES
> > > encryption
> > > CryptoStream cryptostream = new
> > >
CryptoStream(ms,des.CreateDecryptor(prndKey,IV),Cr yptoStreamMode.Read) ;
> > > System.IO.StreamReader SR = new
> > > System.IO.StreamReader(cryptostream,System.Text.En coding.ASCII); > > > return SR.ReadToEnd();
> > > }
> > >
> > > I have tried this about half a hundred ways with the same
results :
> > > It chokes on
> > > SR.ReadToEnd(); when atttepting to Decrypt the data that was
encrypted
> by
> > > EncryptText(..)
> > >
> > > Length of the data to decrypt is invalid.
> > > Description: An unhandled exception occurred during the
execution of the
> > > current web request. Please review the stack trace for more
information
> > > about the error and where it originated in the code.
> > >
> > > Exception Details:
System.Security.Cryptography.CryptographicExceptio n:
> > > Length of the data to decrypt is invalid.
> > >
> > >
> > > Can someone explain what is going on and what I am doing wrong. In
> > looking
> > > for insight into this I have seen allot of newsgroup posts where people
> > had
> > > the same problem but no answers.
> > >
> > > Thanks,
> > > CMD
> > >
> > >
> >
> >
>
>



Jul 19 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Jonas | last post by:
I have the following perl program witch i use to encrypt a password file with. In perl 5.6 this program works like a charm but when trying it on the RED HAT EL 3 platform (taroon) is doesnt...
7
by: c duden | last post by:
I am attempting to encrypt some text and be able to decrypt it at a later time. I have two methods to do this: public static Byte EncryptText(string textToEncrypt, string encryptionHash) {...
7
by: Dica | last post by:
i've used the sample code from msdn to create an encyption/decryption assembly as found here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT10.asp i'm...
5
by: jdn | last post by:
I'm new to using this part of the framework, so I'm hoping I've done something obviously stupid, which someone will be able to point out in an obvious manner. Most of the samples I've seen...
4
by: Celia | last post by:
I am working with a web service which requires enryption of some XML fields. It will be symmetric encryption - TripleDES. The vendor has given me the Key that we will share. With the exception...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.