Padding is invalid and cannot be removed when decrypting string

Question

I have a web page that AES encrypts a payload, and a public key to send in the querystring of a site (this is client's request, not my choice), where the payload is to be decrypted and acted upon.

Here's the web page:

<!DOCTYPE html>
<html>
<head>
    <title></title>
    <meta charset="utf-8" />
</head>
<body>

</body>

</html>

<script src="Scripts/CryptoJS/core.js"></script>
<script src="Scripts/CryptoJS/cipher-core.js"></script>
<script src="Scripts/CryptoJS/aes.js"></script>
<script src="Scripts/CryptoJS/enc-utf16.js"></script>
<script src="Scripts/CryptoJS/enc-base64.js"></script>

<script>
    var payload = "you can do this Rick!";
    var keyvalue = '1234567890ABCDEF';

    var key = CryptoJS.enc.Utf8.parse(keyvalue);
    var iv = CryptoJS.enc.Utf8.parse(keyvalue);


    var encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(payload), key,
       {
           keySize: 128 ,
           iv: iv,
           mode: CryptoJS.mode.CBC,
           padding: CryptoJS.pad.Pkcs7
       });

    window.location = "Home/To?encrptedPayload=" + encrypted + "&ivPublicKeyNonEncrypted=" + keyvalue;

</script>

Here's the controller that receives the call:

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Web.Mvc;

namespace Workbench2.Controllers
{
    public class HomeController : Controller
    {
        byte[] Key = Encoding.UTF8.GetBytes("1234567890ABCDEF");

        public ActionResult Index()
        {
            return View();
        }

        public ActionResult To(string encrptedPayload, string ivPublicKeyNonEncrypted)
        {
            string result = "";

            var bIv = Encoding.UTF8.GetBytes(ivPublicKeyNonEncrypted);

            // Create an RijndaelManaged object
            // with the specified key and IV.
            using (RijndaelManaged rijAlg = new RijndaelManaged())
            {
                rijAlg.KeySize = 128;
                rijAlg.Key = Key;
                rijAlg.IV = bIv;
                rijAlg.Padding=PaddingMode.PKCS7;
                rijAlg.Mode=CipherMode.CBC;

                // Create a decrytor to perform the stream transform.
                ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);                

                // Create the streams used for decryption.
                var bPayload = Encoding.UTF8.GetBytes(encrptedPayload);
                using (MemoryStream msDecrypt = new MemoryStream(bPayload))
                {
                    using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                    {
                        using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                        {
                            // Read the decrypted bytes from the decrypting stream
                            // and place them in a string.
                            result = srDecrypt.ReadToEnd(); // THIS LINE THROWS ERROR                            }
                    }
                }

            }

            return View(result);
        }               
    }
}

I get the message "Padding is invalid and cannot be removed." when the following line executes:

result = srDecrypt.ReadToEnd();

Answer 1

Encrypted data is binary, you can't pass it around in a string unless you have encoded it somehow - see e.g. this. Use an encoding like base64 if you need to move it around in string form.