0

Well, I'm trying to run a client-server application with encryption using AES on VS 2010. However, on receipt of a big, serialized and encrypted file, the program throws the exception: Cryptographic Exception: Padding is Invalid and Cannot be Removed.

I looked around SOF and in other areas, the exception is appearing in web services and in cryptographic applications. I also tried all the solutions mentioned, such as changing the padding modes, disposal of encryptors and decryptors and using the same keys, unfortunately, none has worked, so I was wondering if any of you guys had an idea.

pad
  • 41,040
  • 7
  • 92
  • 166
Ouais Alsharif
  • 317
  • 1
  • 4
  • 16
  • 2
    I expect you are not using the same key to encrypt and decrypt. You may want to look at this: http://stackoverflow.com/questions/11762/c-sharp-cryptographicexception-padding-is-invalid-and-cannot-be-removed – James Black Nov 09 '11 at 21:48
  • I am, I checked for that and that's not it – Ouais Alsharif Nov 09 '11 at 22:46

2 Answers2

1

Problem turned out in the TCP connection, it was flushing data before the client wrote the entire stream onto the networkstream, a little while loop solved the problem

Ouais Alsharif
  • 317
  • 1
  • 4
  • 16
0

First, what is the busienss reason for AES encryption? Not questioning that there is one, but what kind of data are you trying to protect?

The reason I ask is many, if not most, applications can suffice with transfering data through a service using https and avoid many of the "custom encryption" coding schemes. Avoiding using the AES objects on both sides greatly reduces the likelihood of error.

Second, I would examine the server implementation, especially if it is web/service based and in a farm. Missing a key in one instance blows the whole thing.

Third, I would make sure the keys are identical.

Fourth, I would check the code in isolation (unit testing is preferable) and make sure the algorithm is correct. Actually, I would probably do this first.

Gregory A Beamer
  • 16,870
  • 3
  • 25
  • 32
  • I'm trying to protect a file, it's a homework thing so I have to do the encryption, so no different routes could be taken – Ouais Alsharif Nov 09 '11 at 22:47
  • Double check your algorithm. The first shot at encapsulating the Microsoft encryption library is, more oft than not, wrong. You can then make sure keys are correct, etc. – Gregory A Beamer Nov 09 '11 at 22:49