Padding is invalid and cannot be removed with Rijndael decryption

Question

I am seeing the "Padding is invalid and cannot be removed" error when I call the method below to decrypt the string from a windows application. String was encrypted from an asp.net application. Both application references the same assembly. I am able encrypt and decrypt with out any problem from the asp.net application. Here is the main code where I do the encryption and decryption.

    private static byte[] EncryptHelper(byte[] arrData, string Password, bool Encrypt)
    {
        //Create the SymetricAlgorithem object
        SymmetricAlgorithm myAlg = new RijndaelManaged();

        //define a salt value to derive the key.
        byte[] salt = System.Text.Encoding.ASCII.GetBytes("hjkhj877ffasah");

        //Instantiate Rfc2898DeriveBytes with the password and salt.
        Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(Password, salt);


        myAlg.Key = key.GetBytes(myAlg.KeySize / 8); 
        myAlg.IV = key.GetBytes(myAlg.BlockSize / 8); 
        myAlg.Padding = PaddingMode.PKCS7;
        //Create the ICryptoTransform Object
        ICryptoTransform encrytptor = Encrypt ? myAlg.CreateEncryptor() : myAlg.CreateDecryptor();

        //Create Memorystream to write the encrypted data
        using (MemoryStream aStream = new MemoryStream())
        {

            //Create the CryptoStream Ojbect using the aStream object
            using (CryptoStream encryptStream = new CryptoStream(aStream, encrytptor, CryptoStreamMode.Write))
            {
                //Write the contents to crypto stream
                encryptStream.Write(arrData, 0, arrData.Length);

                //Flush the cryptostream
                encryptStream.FlushFinalBlock();

                //Reposition the memorystream to write the contents to an array.
                aStream.Position = 0;

            }
            aStream.Flush();
            //Convert to an array and return
            return aStream.ToArray();

        }
    }

This is the method I use to convert the plain text from/to byte array

    private static byte[] GetBytes(string str)
    {
        byte[] bytes = new byte[str.Length * sizeof(char)];
        System.Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length);
        return bytes;
    }

    private static string GetString(byte[] bytes)
    {
        char[] chars = new char[bytes.Length / sizeof(char)];
        System.Buffer.BlockCopy(bytes, 0, chars, 0, bytes.Length);
        return new string(chars);
    }

For persist the cipher text to database I use Convert.ToBase64String() and Convert.FromBase64String. Is the problem is with the way I use Rfc2898DeriveBytes class?

Answer 1

Well I think it's important to mention that from a security perspective, you are going to have the same IV for every message with the same password, and a predictable IV is a really big no no.

After that point I kinda don't want to look at it more to see what's going wrong, there are a lot of really bad cut and paste C# encryption on stackoverflow, and they just sit there with no mechanism for update, no one looking at them again except for people finding them to cut and paste again.

Look at Modern Examples of Symmetric Authenticated Encryption of a string. c#.

I try to keep it up to date and reviewed.