c# - AES Padding cant be removed -

description

i using modified security class taken straight codeproject.com, using encrypt/decrypt aes byte arrays.

i have tested key generation method in these produces same key, , given same password , salt. have same iv

the error on line after cryptostream.write in aes_decrypt function

"an unhandled exception of type 'system.security.cryptography.cryptographicexception' occurred in mscorlib.dll

additional information: padding invalid , cannot removed."

(yes know having static salt bad, testing purposes)

solutions didn't work

paddingmode.zeros
paddingmode.none
.flushfinalblock();

code

using system.security.cryptography; using system.io; using system;  namespace finexcore {     public class security     {         /*          * aes encrypt , decrypt from:          * http://www.codeproject.com/articles/769741/csharp-aes-bits-encryption-library-with-salt           */          // set salt here, change meet flavor:         // salt bytes must @ least 8 bytes.         private byte[] saltbytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8}; //8 bytes          public byte[] aes_encrypt(byte[] bytestobeencrypted, byte[] passwordbytes)         {             byte[] encryptedbytes = null;              using (memorystream ms = new memorystream())             {                 using (rijndaelmanaged aes = new rijndaelmanaged())                 {                     aes.padding = paddingmode.pkcs7;                      aes.keysize = 256;                     aes.blocksize = 128;                      var key = new rfc2898derivebytes(passwordbytes, saltbytes, 1000);                      aes.key = key.getbytes(aes.keysize / 8);                     aes.iv = key.getbytes(aes.blocksize / 8);                      aes.mode = ciphermode.cbc;                      using (var cs = new cryptostream(ms, aes.createencryptor(), cryptostreammode.write))                     {                         cs.write(bytestobeencrypted, 0, bytestobeencrypted.length);                         cs.flushfinalblock();                     }                     encryptedbytes = ms.toarray();                 }             }              return encryptedbytes;         }          public byte[] aes_decrypt(byte[] bytestobedecrypted, byte[] passwordbytes)         {             byte[] decryptedbytes = null;              using (memorystream ms = new memorystream())             {                 using (rijndaelmanaged aes = new rijndaelmanaged())                 {                     aes.padding = paddingmode.pkcs7;                      aes.keysize = 256;                     aes.blocksize = 128;                      var key = new rfc2898derivebytes(passwordbytes, saltbytes, 1000);                     aes.key = key.getbytes(aes.keysize / 8);                     aes.iv = key.getbytes(aes.blocksize / 8);                      aes.mode = ciphermode.cbc;                      using (var cs = new cryptostream(ms, aes.createdecryptor(), cryptostreammode.write))                     {                         cs.write(bytestobedecrypted, 0, bytestobedecrypted.length);                         cs.flushfinalblock();                     }                     decryptedbytes = ms.toarray();                 }             }              return decryptedbytes;         }          public void wipe()         {             array.clear(saltbytes, 0, saltbytes.length);         }     } }

note: save , load functions called exact same password

the code calls encryption

public void load(byte[] password)     {         security decryptor = new security();         byte[] bytes = decryptor.aes_decrypt(system.io.file.readallbytes(pathname()), password);          using (memorystream stream = new memorystream(bytes))         {             var binaryformatter = new system.runtime.serialization.formatters.binary.binaryformatter();             root = (folder)binaryformatter.deserialize(stream);         }         array.clear(bytes, 0, bytes.length);         array.clear(password, 0, password.length);         decryptor.wipe();     }      public void save(byte[] password)     {         byte[] bytes;         using (memorystream stream = new memorystream())         {             var binaryformatter = new system.runtime.serialization.formatters.binary.binaryformatter();             binaryformatter.serialize(stream, root);             bytes = stream.toarray();         }          security encryptor = new security();         bytes = encryptor.aes_encrypt(bytes, password);          system.io.file.writeallbytes(pathname(), bytes);         array.clear(bytes, 0, bytes.length);         array.clear(password, 0, password.length);         encryptor.wipe();     }

code testing key generation

static void keytests() {     byte[] passwordbytes = { 1, 2, 3, 4, 5, 6, 7, 8, 9 };     byte[] saltbytes = { 1, 2, 3, 4, 5, 6, 7, 8};     int iterations = 1000;      var key1 = new rfc2898derivebytes(passwordbytes, saltbytes, iterations);     var key2 = new rfc2898derivebytes(passwordbytes, saltbytes, iterations);      console.writeline(bts(key1.getbytes(256 / 8)));     console.writeline(bts(key2.getbytes(256 / 8))); }  public static string bts(byte[] ba) {     stringbuilder hex = new stringbuilder(ba.length * 2);     foreach (byte b in ba)         hex.appendformat("{0:x2}", b);     return hex.tostring(); }

swift

Search This Blog