I’m writing a password encryption routine. I’ve written the below app to illustrate my problem. About 20% of the time, this code works as expected. The rest of the time, the decryption throws a cryptographic exception – ‘The data is invalid’.
I believe the problem is in the encryption portion, because the decryption portion works the same every time. That is, if the encryption routine yields a value that the decryption routine can decrypt, it can always decrypt it. But if the encryption routine yields a value that chokes the decryption routine, it always chokes. So the decrypt routine is consistent; the encrypt routine is not.
I suspect my use of Unicode encoding is incorrect, but I’ve tried others with the same result.
What am I doing wrong?
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Security.Cryptography; namespace DataProtectionTest { public partial class Form1 : Form { private static readonly byte[] entropy = { 1, 2, 3, 4, 1, 2, 3, 4 }; private string password; public Form1() { InitializeComponent(); } private void btnEncryptIt_Click(object sender, EventArgs e) { Byte[] pw = Encoding.Unicode.GetBytes(textBox1.Text); Byte[] encryptedPw = ProtectedData.Protect(pw, entropy, DataProtectionScope.LocalMachine); password = Encoding.Unicode.GetString(encryptedPw); } private void btnDecryptIt_Click(object sender, EventArgs e) { Byte[] pwBytes = Encoding.Unicode.GetBytes(password); try { Byte[] decryptedPw = ProtectedData.Unprotect(pwBytes, entropy, DataProtectionScope.LocalMachine); string pw = Encoding.Unicode.GetString(decryptedPw); textBox2.Text = pw; } catch (CryptographicException ce) { textBox2.Text = ce.Message; } } } }
On the advice of a colleague, I opted for Convert.ToBase64String. Works well. Corrected program below.