I’m not sure what I’m doing wrong, the encryption it seems to work but

Question

0

Asked: May 30, 20262026-05-30T09:34:11+00:00 2026-05-30T09:34:11+00:00

I’m not sure what I’m doing wrong, the encryption it seems to work but

0

I’m not sure what I’m doing wrong, the encryption it seems to work but when you get to the decryption says bad data when trying to deserialize it, not sure what I’m doing wrong. I’m new at doing encryption so if it’s something really simple I’m sorry.

    public byte[] Serialize(object obj, string key)
    {
        byte[] returnBytes;
        using (MemoryStream memory = new MemoryStream())
        {
            UTF8Encoding UTF8 = new UTF8Encoding();
            TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider();
            MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider();
            byte[] pass = provider.ComputeHash(UTF8.GetBytes(key));
            crypt.Key = pass;
            crypt.Mode = CipherMode.ECB;
            crypt.Padding = PaddingMode.PKCS7;
            using (CryptoStream stream = new CryptoStream(memory, crypt.CreateEncryptor(), CryptoStreamMode.Write))
            {
                BinaryFormatter formatter = new BinaryFormatter();
                formatter.Serialize(stream, obj);
                stream.Close();
                memory.Close();
            }

            returnBytes = memory.ToArray();
        }

        return returnBytes;
    }
    public object Deserialize(byte[] inBytes, string key)
    {
        object returnObj;
        using (MemoryStream memory = new MemoryStream())
        {
            UTF8Encoding UTF8 = new UTF8Encoding();
            TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider();
            MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider();
            byte[] pass = provider.ComputeHash(UTF8.GetBytes(key));
            crypt.Key = pass;
            crypt.Mode = CipherMode.ECB;
            crypt.Padding = PaddingMode.PKCS7;
            using (CryptoStream stream = new CryptoStream(memory, crypt.CreateDecryptor(), CryptoStreamMode.Read))
            {
                BinaryFormatter formatter = new BinaryFormatter();
                returnObj = formatter.Deserialize(stream);
                stream.Close();
                memory.Close();
            }
            return returnObj;
        }

    }

This code i did a while back works on strings

        public string encrypt(string message, string password)
        {
            byte[] result;
            UTF8Encoding UTF8 = new UTF8Encoding();
            MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider();
            byte[] key = provider.ComputeHash(UTF8.GetBytes(password));
            TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider();
            algorithm.Key = key;
            algorithm.Mode = CipherMode.ECB;
            algorithm.Padding = PaddingMode.PKCS7;
            byte[] data = UTF8.GetBytes(message);
            try
            {
                ICryptoTransform encryptor = algorithm.CreateEncryptor();
                result = encryptor.TransformFinalBlock(data, 0, data.Length);
            }
            finally
            {
                algorithm.Clear();
                provider.Clear();
            }
            return Convert.ToBase64String(result);
        }
        public string decrypt(string message, string passsword)
        {
            byte[] result;
            UTF8Encoding UTF8 = new UTF8Encoding();
            MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider();
            byte[] key = provider.ComputeHash(UTF8.GetBytes(passsword));
            TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider();
            algorithm.Key = key;
            algorithm.Mode = CipherMode.ECB;
            algorithm.Padding = PaddingMode.PKCS7;
            byte[] data = Convert.FromBase64String(message);
            try
            {
                ICryptoTransform decryptor = algorithm.CreateDecryptor();
                result = decryptor.TransformFinalBlock(data, 0, data.Length);
            }
            finally
            {
                algorithm.Clear();
                provider.Clear();
            }
            return UTF8.GetString(result);
        }

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-30T09:34:13+00:00

You’re not setting the IV property of crypt, so it’s starting off as a random value each time. You need to set it to the same value when decrypting as when encrypting – like a salt for hashing. EDIT: Given the way ECB works, it looks like the IV may be ignored, which is why your previous code worked without storing it.

EDIT: While the IV part is certainly required for non-ECB, it’s not enough. I’m not sure what the rest of the problem is, although:

The ECB cipher mode isn’t recommended – any reason for using it?
You may well end up running into problems due to padding; I don’t know if BinaryFormatter handles that for you automatically, but it’s worth looking into.

EDIT: Doh – I’ve worked out the bigger problem; you should indeed be using inBytes, as per Elian’s comment. Currently you’re completely ignoring the cipher-text – that’s got no chance of working!

Here’s a complete program showing the whole thing hanging together:

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Runtime.Serialization.Formatters.Binary;

class Test
{
    static void Main()
    {
        byte[] data = Serialize("Some arbitrary test data", "pass");
        object x = Deserialize(data, "pass");
        Console.WriteLine(x);
    }

    private static SymmetricAlgorithm CreateCryptoServiceProvider(string key)
    {
        byte[] passwordHash;
        using (MD5 md5 = MD5.Create())
        {
            // It's not clear why you're taking the hash of the password...
            passwordHash = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
        }
        var crypt = new TripleDESCryptoServiceProvider();
        crypt.Key = passwordHash;
        crypt.Mode = CipherMode.CBC; // This is the default anyway - can remove
        crypt.Padding = PaddingMode.PKCS7; // Ditto
        // Fix this to use a randomly generated one and store it for real code.
        crypt.IV = new byte[crypt.BlockSize / 8];
        return crypt;
    }

    public static byte[] Serialize(object obj, string key)
    {
        var provider = CreateCryptoServiceProvider(key);

        using (MemoryStream memory = new MemoryStream())
        {
            using (CryptoStream stream = new CryptoStream(
                memory, provider.CreateEncryptor(), CryptoStreamMode.Write))
            {
                BinaryFormatter formatter = new BinaryFormatter();
                formatter.Serialize(stream, obj);
            }
            return memory.ToArray();
        }
    }

    public static object Deserialize(byte[] inBytes, string key)
    {
        var provider = CreateCryptoServiceProvider(key);

        using (MemoryStream memory = new MemoryStream(inBytes))
        {
            using (CryptoStream stream = new CryptoStream(
                memory, provider.CreateDecryptor(), CryptoStreamMode.Read))
            {
                BinaryFormatter formatter = new BinaryFormatter();
                return formatter.Deserialize(stream);
            }
        }
    }

}

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m not sure what I’m doing wrong, the encryption it seems to work but

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply