-1

Exception Occuring:

System.Security.Cryptography.CryptographicException' occurred in mscorlib.dll Additional details:: Length of the data to decrypt is invalid.

public string Encrypt(string toEncrypt, bool useHashing)
    {
        toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);

        System.Configuration.AppSettingsReader settingsReader = new System.Configuration.AppSettingsReader();
        // Get the key from config file

        //string key = (string)settingsReader.GetValue("SecurityKey", typeof(String));
        //string key = UTF8Encoding.UTF8.GetString(keyArray);
        ////System.Windows.Forms.MessageBox.Show(key);
        ////If hashing use get hashcode regards to your key

        //keyArray = UTF8Encoding.UTF8.GetBytes(key);

        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        //set the secret key for the tripleDES algorithm
        try
        {
            tdes.Key = keyArray;
            //mode of operation. there are other 4 modes. We choose ECB(Electronic code Book)
            tdes.Mode = CipherMode.ECB;
            //padding mode(if any extra byte added)
            tdes.Padding = PaddingMode.PKCS7;
            iv = tdes.IV;
            ICryptoTransform cTransform = tdes.CreateEncryptor();
            //transform the specified region of bytes array to resultArray
            byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
            //Release resources held by TripleDes Encryptor
            tdes.Clear();

            //Return the encrypted data into unreadable string format
            return Convert.ToBase64String(resultArray, 0, resultArray.Length);
        }
        catch (Exception  ae)
        {
            MessageBox.Show(ae.Message);
            return ae.Message;
        }


        }
public string Decrypt(string cipherString, bool useHashing)
    {
        //get the byte code of the string

        byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(cipherString);

        System.Configuration.AppSettingsReader settingsReader = new System.Configuration.AppSettingsReader();
        //Get your key from config file to open the lock!
        //string key = (string)settingsReader.GetValue("SecurityKey", typeof(String));
        string key = UTF8Encoding.UTF8.GetString(keyArray);
        if (useHashing)
        {
            //if hashing was used get the hash code with regards to your key
            MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
            keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
            //release any resource held by the MD5CryptoServiceProvider

            hashmd5.Clear();
        }
        else
        {
            //if hashing was not implemented get the byte code of the key
            keyArray = UTF8Encoding.UTF8.GetBytes(key);
        }

        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        //set the secret key for the tripleDES algorithm
        tdes.Key = keyArray;
        tdes.IV=iv;
        //mode of operation. there are other 4 modes.
        //We choose ECB(Electronic code Book)

        tdes.Mode = CipherMode.ECB;
        //padding mode(if any extra byte added)
        tdes.Padding = PaddingMode.PKCS7;

        ICryptoTransform cTransform = tdes.CreateDecryptor();
        byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
        //Release resources held by TripleDes Encryptor

        //string s=resultArray.ToString("X2");

        tdes.Clear();
        //return the Clear decrypted TEXT
        return UTF8Encoding.UTF8.GetString(resultArray);
    }
Romano Zumbé
  • 7,893
  • 4
  • 33
  • 55
Chandan Kapoor
  • 1
  • The same way you did with your `Encrypt` function; wrap the `Decrypt` implementation it in a `try-catch` block. Oh, and you should probably returns `null` from exception instead of the exception message (`ex.message`). – IronGeek Jul 05 '17 at 07:57
  • 1
    **Warning future viewers:** This code is insecure and should not be used (ECB, 3DES). – Luke Joshua Park Jul 05 '17 at 08:00

1 Answers1

1

Your Encrypt() method returns the encrypted bytes converted to a Base64 string. Your Decrypt() method tries to decrypt the Base64 string directly:

byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(cipherString);

Instead you need to convert the Base64 string back to bytes using a Base64 conversion:

byte[] toEncryptArray = Convert.FromBase64String(cipherString);
rossum
  • 15,344
  • 1
  • 24
  • 38