|
That was surely a big WTF moment. Did you find the reason?
|
|
|
|
|
see the Invalid length thread, the encrypting code has a flaw(s) in it, the suggested fix is in the thread.
|
|
|
|
|
while decrypting the encrypted text with same key sometimes "Invalid Length" exception occoured. It is observed it only appear whenever the "byteIn" lenth is become odd number in Decrypt Method. Can you fix it?
|
|
|
|
|
compared to http://blogs.msdn.com/shawnfa/archive/2005/11/10/491431.aspx[^], found that following corrupts encrypted text sometimes and invalid length occurs when decrypt,
byte[] bytOut = ms.GetBuffer();
int i = 0;
for (i = 0; i < bytOut.Length; i++)
if (bytOut[i] == 0) break;
return System.Convert.ToBase64String(bytOut, 0, i);
this can be fixed by replacing with followings,
byte[] bytOut = ms.ToArray();
return System.Convert.ToBase64String(bytOut);
so far only tested with Rijndael.
|
|
|
|
|
I can confirm this with AES as well.
Use ms.ToArray() -- do NOT scan for the first zero byte!!
The ms buffer is zero padded, yes, which means the unused portion of the buffer will be filled with zeros. However, there is a reasonable probability that a zero will appear within the used portion as well! So, if you just iterate the buffer and cut it at the first zero you are running the risk of throwing out relevant data (unlikely for small streams (but it happens), more likely for larger streams).
This can explain why a source like "I LOVE COFFEE!" might fail but "I LOVE COFFEE?" and other variants might not. Any given particular key and source text combination has a (usually small, for small sources) chance of producing this failure.
If, as in my case, your stream contains dynamic data (I was encrypting a timestamp, which, of course, changed ever time it was encrypted) then the failure will seem intermittent and will really drive you crazy!
While digging around for a solution to this (having first stupidly missed the one on this site) I discovered that there are a lot of people making this mistake -- if there is any way (except comments) to more visibly mark or correct the error in the code above that would be worthwhile, I think (it's easy to see this working well and only later, with bigger/more dynamic sources notice the flaw). (Overall this is a very good article and a lot of people have (apparently) been using it as reference.)
Also, I found that you can see the same behavior (with Aes, at least) in web apps on a web farm. This is not related to the buffer truncation, but can produce the same errors. It is caused by different machineKey values among servers in the same web farm.
If you are getting "Invalid Length" or "Padding is Invalid" errors, be sure first you aren't truncating the buffer (use ToArray() as above). If they are still appearing, they may be web-farm related; if so, I think you can cure this somewhere in the IIS config, by setting all the farm's machineKey attributes to the same value.
|
|
|
|
|
|
Hi.. I'm Lyn Scott from Venezuela..
I need to encrypt some data and save it to simple txt files or Windows registry... but after use encrypt I get base 64 string... How do you save encrypted data in simple ascii string and decrypt that again...???
May be.. you can help me... thanks..
note: XML is not a option for now!
|
|
|
|
|
You use Convert.ToBase64String to get a nice ASCII version of the password:
byte [] bCode = new Byte[encryptedmemoryStream.Length];
encryptedmemoryStream.Position =0;
encryptedmemoryStream.Read(bCode, 0, (int)encryptedmemoryStream.Length));
string textCode = Convert.ToBase64String( bCode );
Cheers,
Daniel
@ Daniel Williams, PhD, MCSD
@ Sr Integration Engineer
@ AniWorld, Inc.
@ www.aniworld.com
|
|
|
|
|
I'm also getting this error message.
Invalid length for Base-64 char array.
|
|
|
|
|
i think you are trying to Decrypt data that not Encrypted or Encrypted with same key
thanks code
|
|
|
|
|
Hi all,
I've worked with the original code from the project and the posted code from the forum.
By decoding of an Rijndael encoded string I get a few times an "Invalid length for a Base-64 char array" exception from the decrypting method.
This exception occured in both versions.
Is there a fix for this problem?
Thanks
Kristian
|
|
|
|
|
Hi,
I faced the same but i found the problme
just reduce the lenght of key to < 7 and u ll get it done correctly
|
|
|
|
|
I don't know if I am ever going to get an answer now.
Anyway, I am using DESCryptoServiceProvider and I also get "Invalid Length Exception". If I reduce the Key-lenght to 7, then I get an error that key-size is not valid for this algorithm.
Any solutions????
|
|
|
|
|
Yeah, use UTF8Encoding instead of ASCIIEncoding. ASCIIEncoding 7, UTF8Encoding 8.
Earth.USA.Indiana.People["Storer"]["John"][2].PrintHello("Hi!");
|
|
|
|
|
Hi John,
Thanks for the suggestion . I am also facing the same problem .
In the Encrypting Function as given in RC2 Crypo i am using :
System.Text.ASCIIEncoding.ASCII.GetBytes(Source);
Even after using as suggested by you the same error persists :
System.Text.UTF8Encoding .ASCII.GetBytes(Source);
Please tell what should i use instead of this ..
TIA
shuchi.
|
|
|
|
|
I try to use this class with the key: ~!@#$%^& and discover that encryption bug exists. The following code is wrong:
int i= 0;
for (i= 0; i< byteOut.Length; i++)
if (byteOut[i] == 0)
break;
return System.Convert.ToBase64String(byteOut, 0, i);
The encrypted byte array can contain a zero code character (my case). You should use other construction:
byte[] byteOut = streamMemory.GetBuffer();
return System.Convert.ToBase64String(byteOut, 0, (int) streamMemory.Length);
Nikolai Serdiuk
|
|
|
|
|
Nikolai,
When I was testing my function and I specified your string, I got error message
"Specified key is a known weak key for TripleDES and cannot be used"
Does this mean, its too easy for users to guess your key and we need to change it?
Manmohan
|
|
|
|
|
Hi, the problem is principle, the buffer length calculation is wrong, because the encrypted byte array can contain '0' character. I tested it with DESCryptoServiceProvider.
Now I testing the class with TripleDESCryptoServiceProvider, it seams to have some problems with the key length calculation (method GetLegalKey)... When I found the problem I will let you know.
|
|
|
|
|
Hi everyone,
I think I found problem with Initialization Vector (IV), the IV size should be one block length, but the GetLegalKey method calculates the encryption key size, which, in case using TripleDESCryptoServiceProvider, is 128 bits, but the block size of TripleDES algorithm is 64 bits. In this case the System.Security.Cryptography.CryptographicException thrown...
I think we should use some other algorithm for IV generation or use overriden version of SymmetricAlgorithm.GenerateIV method. One of possibilities is to use part of the encryption key with one block length...
Nikolai
|
|
|
|
|
Hi again,
in the Internet I found following explanation of your problem:
Q) I keep getting the message "Specified key is a known weak key for TripleDES and cannot be used". What does this mean?
A) This means that the phrase or key that you entered would be very easy to for someone to guess or "hack" if they were to ever login to your account. Please use a different key.
URL: http://www.finalpartings.com/faq.aspx#q17
I hope this will help you...
Nikolai
|
|
|
|
|
Is anyone familiar with "Polar Crypto Light"? I was trying to Decrypt some data encrypted by that Component but was unsuccessful even though I know the "Password" to un-encrypt the data. Apparently it uses the "Rijndael / AES" algorithm with a 256-bit Key, CBC Mode, and a NULL "Initialization Vector".
Does anyone know of an implementation of Decrypting data from Polar Crypto Light? It seems like it should be able to be done, however, I've tried 5 examples of Source Code and none of them will Decrypt it. Any help is appreciated!
|
|
|
|
|
What's the preferred crypto to use in these instances? Anyone have an oppinion of what's best?
|
|
|
|
|
I added the suggested code fixes (VB.Net version). DES and Rijndael work fine, but RC2 gets the following error:
'' read out the result from the Crypto Stream
Dim sr As System.IO.StreamReader = New ystem.IO.StreamReader(cs)
Return sr.ReadToEnd() ***This line has the error***
End Function
[CryptographicException: Bad Data.]
System.Security.Cryptography.CryptoAPITransform._DecryptData(IntPtr hKey,
Byte[] rgb, Int32 ib, Int32 cb, Boolean fDone) +0
System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(
Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) +1007
System.Security.Cryptography.CryptoStream.Read(Byte[] buffer, Int32 offset,
Int32 count) +802
System.IO.StreamReader.ReadBuffer(Char[] userBuffer, Int32 userOffset,
Int32 desiredChars, Boolean& readToUserBuffer) +68
System.IO.StreamReader.Read(Char[] buffer, Int32 index, Int32 count) +125
System.IO.StreamReader.ReadToEnd() +93
SecurIt.Crypto.SymmCrypto.Decrypting(String Source, String Key) in
C:\ATEC System.root\ATEC System\SecurityLayer\UserSecurity.vb:141
Here's what I used to test it (ASP.Net):
Private Sub btnRunTest_Click(ByVal sender As System.Object,
ByVal e As System.EventArgs) Handles btnRunTest.Click
Dim objCrypto As SymmCrypto = New SymmCrypto
Dim countBad As Integer = 0
Dim countGood As Integer = 0
Dim sPswd As String 'ASCII char
Dim pswdLength As Integer
Dim tmpString1, tmpString2 As String
Dim i, j As Integer
Dim rand As New Random(CInt(Date.Now.Ticks And Integer.MaxValue))
txtRunTest.Text = ""
For i = 1 To txtHowMany.Text
sPswd = ""
'get password length between 1 and 30
pswdLength = rand.Next(1, 30)
'build password string by selecting random Ascii
'characters between "0" and "z"
For j = 1 To pswdLength
sPswd &= Chr(rand.Next(48, 122))
Next
'Get a random key between 1 and 1M
Key = rand.Next(1, 1000000).ToString
objCrypto.SymmCrypto(SymmCrypto.SymmProvEnum.RC2)
tmpString1 = objCrypto.Encrypting(sPswd, Key)
tmpString2 = objCrypto.Decrypting(tmpString1, Key)
If tmpString2.Equals(sPswd) Then
countGood += 1
Else
countBad += 1
End If
Next
txtRunTest.Text = "Test Complete. Good=" & countGood.ToString & _
" Bad=" & countBad.ToString
End Sub
Note: If I set the key to "12345" it still fails.
It passes for 100,000 items using DES or Rijndael.
Thanks, Gord.
|
|
|
|
|
Hey,
i always get an error by decrypting the data with Rijndael algorythm. Not only with your samples but generally. It means that the to decrypt is has the wrong lenth. Here i have Windows 2000 Professional. I dont understand it. Is there anyone out that knows what can be the problem here!?
|
|
|
|
|
You have to set your key to the correct length. Rijndael requires a key of 16.
|
|
|
|