c# Format Exception while Decryption

Question

0.00/5 (No votes)

See more:

Hi All,
I am getting format exception while decrypting.Below are encrypt and decrypt methods which I have used.Encryption is working,but while decryption getting
Exception:The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. Please give me your suggestions and solutions.

C#

public static string EncryptString(string Message)
        {
            string Passphrase = "wrsdgfvdg_43fdf";

            byte[] Results;
            System.Text.UTF8Encoding UTF8 = new System.Text.UTF8Encoding();

            // Step 1. We hash the passphrase using MD5
            // We use the MD5 hash generator as the result is a 128 bit byte array
            // which is a valid length for the TripleDES encoder we use below

            MD5CryptoServiceProvider HashProvider = new MD5CryptoServiceProvider();
            byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase));

            // Step 2. Create a new TripleDESCryptoServiceProvider object
            TripleDESCryptoServiceProvider TDESAlgorithm = new TripleDESCryptoServiceProvider();

            // Step 3. Setup the encoder
            TDESAlgorithm.Key = TDESKey;
            TDESAlgorithm.Mode = CipherMode.ECB;
            TDESAlgorithm.Padding = PaddingMode.PKCS7;

            // Step 4. Convert the input string to a byte[]
            byte[] DataToEncrypt = UTF8.GetBytes(Message);

            // Step 5. Attempt to encrypt the string
            try
            {
                ICryptoTransform Encryptor = TDESAlgorithm.CreateEncryptor();
                Results = Encryptor.TransformFinalBlock(DataToEncrypt, 0, DataToEncrypt.Length);
            }
            finally
            {
                // Clear the TripleDes and Hashprovider services of any sensitive information
                TDESAlgorithm.Clear();
                HashProvider.Clear();
            }

            // Step 6. Return the encrypted string as a base64 encoded string
            return Convert.ToBase64String(Results);
        }

        public static string DecryptString(string Message)
        {
            string Passphrase = "wrsdgfvdg_43fdf";

            byte[] Results;
            System.Text.UTF8Encoding UTF8 = new System.Text.UTF8Encoding();

            // Step 1. We hash the passphrase using MD5
            // We use the MD5 hash generator as the result is a 128 bit byte array
            // which is a valid length for the TripleDES encoder we use below

            MD5CryptoServiceProvider HashProvider = new MD5CryptoServiceProvider();
            byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase));

            // Step 2. Create a new TripleDESCryptoServiceProvider object
            TripleDESCryptoServiceProvider TDESAlgorithm = new TripleDESCryptoServiceProvider();

            // Step 3. Setup the decoder
            TDESAlgorithm.Key = TDESKey;
            TDESAlgorithm.Mode = CipherMode.ECB;
            TDESAlgorithm.Padding = PaddingMode.PKCS7;

            // Step 4. Convert the input string to a byte[]
            byte[] DataToDecrypt = Convert.FromBase64String(Message);

            // Step 5. Attempt to decrypt the string
            try
            {
                ICryptoTransform Decryptor = TDESAlgorithm.CreateDecryptor();
                Results = Decryptor.TransformFinalBlock(DataToDecrypt, 0, DataToDecrypt.Length);
            }
            finally
            {
                // Clear the TripleDes and Hashprovider services of any sensitive information
                TDESAlgorithm.Clear();
                HashProvider.Clear();
            }

            // Step 6. Return the decrypted string in UTF8 format
            return UTF8.GetString(Results);
        }

Thanks in advance.

Posted 12-Jan-15 19:40pm

Prasannala

Add a Solution

Comments

dan!sh 13-Jan-15 1:48am

Is input a valid base 64 string?

Prasannala 13-Jan-15 2:11am

Yes,input is valid base 64 string. One thing is its working for all time,but few times only throwing format exception.

Tejas Vaishnav 13-Jan-15 2:29am

Have you stored your encrypted string any where, and from there you are returning that string for decrypting? so it might possible that, the sting getting altered during retrial so you get format exception

Prasannala 13-Jan-15 2:43am

Actually it is Url, so I am encrypting and storing in string variable,then assigning to Hyperlink address.

string querystring = objEncryptionHelper.EncryptQueryString("From=" + FromMail+ "&&To=" + ToMail + "&&address=xyz");

hyperlink.Address = string.Format(@"http://www.testDomain.com/post.aspx?" + querystring);

sashje- 14-Jan-15 3:45am

Perhaps the error is on the postback from the hyperlink control. The querystring might contain the character "+", which will be transformed into a whitespace. Try maybe to do a string.Replace(" ","+") before decryption, so the input base64 string is valid

Prasannala 15-Jan-15 0:49am

But encrypted string don't have white spaces. I tried replacing space with "+". Getting same exception.

sashje- 15-Jan-15 3:53am

Ok.. Last suggestion might be the length of the base64 string then. The length of the string must be exactly dividable by 4.. Try the following before you pass the base64 string into the Decrypt method:

private string FixBase64Length(string additionalQueryStringEncoded)
{
int length = additionalQueryStringEncoded.Length;
int remainder = length % 4;
if (remainder == 0)
{
return additionalQueryStringEncoded.Replace(" ", "+");
}

remainder = 4 - remainder;
for (int i = 0; i < remainder; i++)
{
additionalQueryStringEncoded += "=";
}

return additionalQueryStringEncoded.Replace(" ", "+");
}

sashje- 15-Jan-15 4:11am

I just checked my self.. and a "/" character in the querystring will on postback be picked up as a %2f ... so maybe you should try to replace "%2f" with a "+" aswell.. This can be done using HttpUtility.UrlDecode(inputBase64string) i guess

Prasannala 15-Jan-15 4:18am

Than you for response. Encrypted string was divided by 4, I tried your code.

Prasannala 15-Jan-15 4:26am

Encrypted string don't have %2f. But it has %2s, %3q. I tried to replace these with "+" ,I am getting cryptograpic exception Length of the data to decrypt is invalid. I used your FixBase64Length method also.

sashje- 15-Jan-15 4:31am

And you tried HttpUtility.UrlDecode(inputBase64string) aswell ?

Prasannala 15-Jan-15 4:40am

yes.Do you have any idea that which character will convert to %2s, %3q while encryption.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)