C
C#2y ago
Arch Leaders

❔ ✅ AES - Padding is invalid and cannot be removed

I am attempting to quickly encrypt a set of files using AES, but I'm getting the above error when decrypting. I'm not sure if it's encryption or decryption that's wrong, but I've tried and googled everything I can think of, but nothing seems to works. Can anyone tell me what's wrong with this code: (also tried reading one-byte at a time, but with the same results)
17 Replies
Arch Leaders
Arch LeadersOP2y ago
public static Task Encrypt(string key, string path, string searchPattern = "*.*", SearchOption searchOption = SearchOption.AllDirectories)
{
    using Aes aes = Aes.Create();
    byte[] aesKey = SHA256.HashData(Encoding.UTF8.GetBytes(key));
    ICryptoTransform transform = aes.CreateEncryptor(aesKey, "nkar9l.u&tal-/a4"u8.ToArray());

    return Parallel.ForEachAsync(Directory.EnumerateFiles(path, searchPattern, searchOption), (file, cancellationToken) => {
        using (FileStream fs = File.OpenRead(file)) {
            using FileStream wfs = File.Create(EncodePath(path, file));
            using CryptoStream encryptor = new(wfs, transform, CryptoStreamMode.Write);
            byte[] buffer = new byte[0x400];
            int read = 0;

            while ((read = fs.Read(buffer, 0, buffer.Length)) > 0) {
                encryptor.Write(buffer, 0, read);
            }
        }

        File.Delete(file);
        _ = Task.Run(() => Console.WriteLine($"-> '{file}'"), cancellationToken);
        return new();
    });
}
public static Task Encrypt(string key, string path, string searchPattern = "*.*", SearchOption searchOption = SearchOption.AllDirectories)
{
    using Aes aes = Aes.Create();
    byte[] aesKey = SHA256.HashData(Encoding.UTF8.GetBytes(key));
    ICryptoTransform transform = aes.CreateEncryptor(aesKey, "nkar9l.u&tal-/a4"u8.ToArray());

    return Parallel.ForEachAsync(Directory.EnumerateFiles(path, searchPattern, searchOption), (file, cancellationToken) => {
        using (FileStream fs = File.OpenRead(file)) {
            using FileStream wfs = File.Create(EncodePath(path, file));
            using CryptoStream encryptor = new(wfs, transform, CryptoStreamMode.Write);
            byte[] buffer = new byte[0x400];
            int read = 0;

            while ((read = fs.Read(buffer, 0, buffer.Length)) > 0) {
                encryptor.Write(buffer, 0, read);
            }
        }

        File.Delete(file);
        _ = Task.Run(() => Console.WriteLine($"-> '{file}'"), cancellationToken);
        return new();
    });
}
public static Task Decrypt(string key, string path, string searchPattern = "*.*", SearchOption searchOption = SearchOption.AllDirectories)
{
    using Aes aes = Aes.Create();
    byte[] aesKey = SHA256.HashData(Encoding.UTF8.GetBytes(key));
    ICryptoTransform transform = aes.CreateDecryptor(aesKey, "nkar9l.u&tal-/a4"u8.ToArray());

    return Parallel.ForEachAsync(Directory.EnumerateFiles(path, searchPattern, searchOption), (file, cancellationToken) => {
        using (FileStream fs = File.OpenRead(file)) {
            using FileStream wfs = File.Create(DecodePath(path, file));
            using CryptoStream decryptor = new(fs, transform, CryptoStreamMode.Read);
            byte[] buffer = new byte[0x400];
            int read = 0;

            while ((read = decryptor.Read(buffer, 0, buffer.Length)) > 0) { // <- error occurs here, usually part way through a file
                wfs.Write(buffer, 0, read);
            }
        }

        File.Delete(file);
        _ = Task.Run(() => Console.WriteLine($"-> '{file}'"), cancellationToken);
        return new();
    });
}
public static Task Decrypt(string key, string path, string searchPattern = "*.*", SearchOption searchOption = SearchOption.AllDirectories)
{
    using Aes aes = Aes.Create();
    byte[] aesKey = SHA256.HashData(Encoding.UTF8.GetBytes(key));
    ICryptoTransform transform = aes.CreateDecryptor(aesKey, "nkar9l.u&tal-/a4"u8.ToArray());

    return Parallel.ForEachAsync(Directory.EnumerateFiles(path, searchPattern, searchOption), (file, cancellationToken) => {
        using (FileStream fs = File.OpenRead(file)) {
            using FileStream wfs = File.Create(DecodePath(path, file));
            using CryptoStream decryptor = new(fs, transform, CryptoStreamMode.Read);
            byte[] buffer = new byte[0x400];
            int read = 0;

            while ((read = decryptor.Read(buffer, 0, buffer.Length)) > 0) { // <- error occurs here, usually part way through a file
                wfs.Write(buffer, 0, read);
            }
        }

        File.Delete(file);
        _ = Task.Run(() => Console.WriteLine($"-> '{file}'"), cancellationToken);
        return new();
    });
}
Scratch
Scratch2y ago
did you just share your hardcoded encryption key?
mtreit
mtreit2y ago
That's the IV I think
Scratch
Scratch2y ago
oh okay I don't aes @Arch Leaders what are you trying to make with this? from our perspective it sure looks like ransomware
mtreit
mtreit2y ago
Although you should probably use aes.IV and not something hardcoded Anyway...
Arch Leaders
Arch LeadersOP2y ago
Just personal encryption of files and some practice for a security model I'm working on elsewhere. Didn't really understand it, so I just put 16 random bytes there xD
Arch Leaders
Arch LeadersOP2y ago
Here's the entire project if it helps with that concern with my super secret key totally visible this time I can also plop it on github if need be, just want to solve this weird issue.
mtreit
mtreit2y ago
@Arch Leaders you are hitting that error because the code is not thread safe. You can't share the ICryptoTransform across multiple threads concurrently. Give each parallel task it's own instance of ICryptoTransform and it should fix it. Also just as an aside, if you want to do this more "correctly" the right thing to do is to store the IV along with the ciphertext and then calculate an HMAC on the combined ciphertext + IV and then store that as well. Then validate the HMAC on decrypt.
Arch Leaders
Arch LeadersOP2y ago
Ah splendid, thanks!! Ah good to know thanks, I'll look into that 👍
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
mtreit
mtreit2y ago
lol
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
mtreit
mtreit2y ago
Because AES and RSA are not even remotely the same thing
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
mtreit
mtreit2y ago
You would never use RSA for encrypting arbitrary files so I doubt it's relevant for the OP scenario
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Accord
Accord2y ago
Was this issue resolved? If so, run /close - otherwise I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server