System.Security.Cryptography.CryptographicException when wrong password given

Question

The code I have encrypts and decrypts strings for me with help of a password.

When I enter a wrong password I get this error:

An unhandled exception of type 'System.Security.Cryptography.CryptographicException' occurred in mscorlib.dll

Here is my code of the crypto class:

using System;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.IO;

namespace EncryptStringSample
{
public static class StringCipher
{
    // This constant string is used as a "salt" value for the PasswordDeriveBytes     function calls.
    // This size of the IV (in bytes) must = (keysize / 8).  Default keysize is 256, so     the IV must be
    // 32 bytes long.  Using a 16 character string here gives us 32 bytes when converted to a byte array.
    private const string initVector = "tu89geji340t89u2";

    // This constant is used to determine the keysize of the encryption algorithm.
    private const int keysize = 256;

    public static string Encrypt(string plainText, string passPhrase)
    {
        byte[] initVectorBytes = Encoding.UTF8.GetBytes(initVector);
        byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
        PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
        byte[] keyBytes = password.GetBytes(keysize / 8);
        RijndaelManaged symmetricKey = new RijndaelManaged();
        symmetricKey.Mode = CipherMode.CBC;
        ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
        MemoryStream memoryStream = new MemoryStream();
        CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
        cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
        cryptoStream.FlushFinalBlock();
        byte[] cipherTextBytes = memoryStream.ToArray();
        memoryStream.Close();
        cryptoStream.Close();
        return Convert.ToBase64String(cipherTextBytes);
    }

    public static string Decrypt(string cipherText, string passPhrase)
    {
        byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
        byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
        PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
        byte[] keyBytes = password.GetBytes(keysize / 8);
        RijndaelManaged symmetricKey = new RijndaelManaged();
        symmetricKey.Mode = CipherMode.CBC;
        ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
        MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
        CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
        byte[] plainTextBytes = new byte[cipherTextBytes.Length];
        int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
        memoryStream.Close();
        cryptoStream.Close();
        return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
    }
  }
}

The error occurs here :

int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);

I call everything here:

// encrypting the raw text using PrivateKey
text_encrypted = EncryptStringSample.StringCipher.Encrypt(text_raw, PrivateKey);

// decrypting encrypted message using Partners Private Key
string text_decrypted = EncryptStringSample.StringCipher.Decrypt(decrypt_me, partner_PrivateKey);

What causes this exception and how should it be handled?

Answer 1

It is to be expected to have CryptographicException when using invalid password.

Your code works fine when providing correct password so just simply catch exception and react properly (display message to end user or something).

Alternatively you can add

symmetricKey.Padding = PaddingMode.Zeros;

and after decryption you should remove eight \0 values showing that decryption was successful.