TripleDESCryptoService - "Wrong data"

Question

when I try do decrypt my encrypted key I receive an error saying that it's wrong data / inaccurate data. Tried to search around for a while without any result. This is both the encryption code and decryption code. The indata is a MAC-Address for encryption, and indata for decryption is read from textfile.

public string encryptMAC(string indata)
    {
        byte[] resultCrypt;
        UTF8Encoding utf8 = new UTF8Encoding();

        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        tdes.Mode = CipherMode.ECB;
        tdes.Padding = PaddingMode.PKCS7;

        byte[] encrypt = utf8.GetBytes(indata);

        try
        {
            ICryptoTransform encryptor = tdes.CreateEncryptor();
            resultCrypt = encryptor.TransformFinalBlock(encrypt, 0, encrypt.Length);
        }
        finally
        {
            tdes.Clear();
        }

        return Convert.ToBase64String(resultCrypt);
    }

        public string decryptMAC(string indata)
    {
        byte[] resultDecrypt;
        UTF8Encoding utf8 = new UTF8Encoding();

        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        tdes.Mode = CipherMode.ECB;
        tdes.Padding = PaddingMode.PKCS7;

        byte[] decrypt = Convert.FromBase64String(indata);

        try
        {
            ICryptoTransform decryptor = tdes.CreateDecryptor();
            resultDecrypt = decryptor.TransformFinalBlock(decrypt, 0, decrypt.Length);
        }
        catch (CryptographicException ex)
        {
            Console.WriteLine(ex);
        }
        finally
        {
            tdes.Clear();
        }

        return utf8.GetString(decrypt);
    }

I've added a key from MD5Crypto, but what IV? – xDotcom Oct 16 '16 at 16:11 — xDotcom, Oct 16 '16 at 16:11

Artjom B. · Answer 1 · 2016-10-16T17:49:38.883

0

TripleDESCryptoServiceProvider will generate a key for you. If you don't set it yourself or retrieve it during encryption, then you will not be able to decrypt the ciphertext.

I suggest that you add a key to your methods and use the same one for encryption and decryption:

public string encryptMAC(string indata, byte[] key)
{
    byte[] resultCrypt;
    UTF8Encoding utf8 = new UTF8Encoding();

    TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
    tdes.Mode = CipherMode.ECB;
    tdes.Padding = PaddingMode.PKCS7;
    tdes.Key = key;

    byte[] encrypt = utf8.GetBytes(indata);

    try
    {
        ICryptoTransform encryptor = tdes.CreateEncryptor();
        resultCrypt = encryptor.TransformFinalBlock(encrypt, 0, encrypt.Length);
    }
    finally
    {
        tdes.Clear();
    }

    return Convert.ToBase64String(resultCrypt);
}

public string decryptMAC(string indata, byte[] key)
{
    byte[] resultDecrypt = new byte[0];
    UTF8Encoding utf8 = new UTF8Encoding();

    TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
    tdes.Mode = CipherMode.ECB;
    tdes.Padding = PaddingMode.PKCS7;
    tdes.Key = key;

    byte[] decrypt = Convert.FromBase64String(indata);

    try
    {
        ICryptoTransform decryptor = tdes.CreateDecryptor();
        resultDecrypt = decryptor.TransformFinalBlock(decrypt, 0, decrypt.Length);
    }
    catch (CryptographicException ex)
    {
        Console.WriteLine(ex);
    }
    finally
    {
        tdes.Clear();
    }

    return utf8.GetString(resultDecrypt);
}

Keep in mind that DES has a small set of weak keys, so you should use TripleDESCryptoServiceProvider to generate a key for you which will filter out those weak keys. You can generate a valid key by (new TripleDESCryptoServiceProvider()).Key.

edited Oct 16 '16 at 17:49

answered Oct 16 '16 at 16:25

Artjom B.

61,146
24
125
222

I made your changes, and when I call the method, what should the input be in the key? I tried converting hidden to byte but that says that they key's sizeis not available for this algorithm – xDotcom Oct 16 '16 at 16:31
I've added an example to my answer. – Artjom B. Oct 16 '16 at 16:36
I changed, it so when I call the method decryptMAC(MACAdress, new TripleDESCryptoServiceProvider()).key); Though, the inaccurate data occured once again on this line: resultDecrypt = decryptor.TransformFinalBlock(decrypt, 0, decrypt.Length); Thanks for you responses :) – xDotcom Oct 16 '16 at 16:44
1

You have to use ***the same*** key for encryption and decryption. Generate a key, assign it to a variable and pass that variable to both encryption and decryption methods. – Artjom B. Oct 16 '16 at 17:15
Does not change anything sadly, still the same error even if it is the same key for both – xDotcom Oct 16 '16 at 17:28
1

Well, you have to return the correct byte array (`resultDecrypt` and not `decrypt`) – Artjom B. Oct 16 '16 at 17:50
Yes, I've changed that. But as long the data is inaccurate, nothing after that line of code will work. Seems to be no solution to this – xDotcom Oct 16 '16 at 18:02
What do you mean by *"inaccurate"*? Decryption is supposed to fail when the ciphertext is broken or you've used a wrong key, but if you don't want this, then you can decrypt without padding (`PaddingMode.None`). I can't read minds. So you need to clarify what you need. I've answered your question in full. – Artjom B. Oct 16 '16 at 18:25
What I want is to make a encryption that my program, later on can read from file and encrypt. Read from file is all OK. But the decryption isn't and that's what failing. With Padding None, the length of data being encrypted is invalidated. – xDotcom Oct 16 '16 at 19:06
The code in my answer doesn't fail if PKCS#7 padding is applied ([example](http://ideone.com/0bQF9K)). If you don't want to detect padding errors, then you can disable padding *only during decryption* (to be clear, it's unpadding). The padding has to be applied during encryption, because you're using a block cipher mode which only works on full blocks. After you've disable padding, you will have to remove padding yourself. You still haven't described *why* you don't want to detect errors. – Artjom B. Oct 16 '16 at 19:35
I tried using exactly your code and "hello there" as indata. Now, it tells me it's a bad length for a base 64 string. The key is made to make it harder for people to modify the MAC that is used in my license system. It's not good, but its better this way than having it plain. So it has to be decrypted so I can tell if it has been modified or not. if, close the program – xDotcom Oct 16 '16 at 20:06
Well, I don't know what you're doing wrong, because the link in my previous code shows that it works correctly. You can encode a previously generated key to Base64 and save that encoded key string in your code to always use the same key, but you will have to decode the key string before use. – Artjom B. Oct 16 '16 at 20:44

TripleDESCryptoService - "Wrong data"

1 Answers1