views:

26

answers:

1

What is the cause of the error "Invalid padding value" in as3crypto?

Error: PKCS#5:unpad: Invalid padding value. expected [153], found [25]
    at com.hurlant.crypto.symmetric::PKCS5/unpad()
    at com.hurlant.crypto.symmetric::CTRMode/decrypt()
    at com.hurlant.crypto.symmetric::SimpleIVMode/decrypt()
    at com.mycompany.myproject::Application$/decrypt()
    ... (followed by the rest of my application stack)

I think I've previously solved this by making sure that the encrypted data is prepended with the intialization vector (IV), by using the SimpleIVMode wrapper class. In this case, I'm already doing that, though.

I'm not using the Crypto class because minimizing download size is important.

Any ideas?

My abstraction code (in Application class):

protected static var cipher:ICipher = 
    new SimpleIVMode(
        new CTRMode(
            new AESKey( Hex.toArray("53c12a8eb8612733ec817290580c3d") // not actual key
        ))
    );

public static function encrypt(d:ByteArray):ByteArray {
    d.position = 0;
    cipher.encrypt(d);
    d.position = 0;
    return d;
}

public static function decrypt(d:ByteArray):ByteArray {
    d.position = 0;
    cipher.decrypt(d); // THIS LINE THROWS
    d.position = 0;
    return d;
}

All that d.position = 0 stuff is my paranoia.

The encryption code:

// we first have to serialize the object to a ByteArray, then encrypt that data.
var encryptedValue:ByteArray = new ByteArray();
encryptedValue.writeObject(objectToEncrypt);
encryptedValue.position = 0; // paranoia?
Application.encrypt(encryptedValue);
so.setProperty(key, encryptedValue); // save it in my SharedObject

Now the code that causes the error:

var data:ByteArray = so.data[key]; // get the byte array out of storage.
trace(data.length); // Check that it's real... I get 553 bytes
Application.decrypt(data); // THIS LINE THROWS
A: 

i think you should extend memory size of your SharedObject, like

so.flush(1000000000000000);
Eugene
Hmm - I tried, no avail. Thanks for the idea.
aaaidan
then I think you should double check alghoritms
Eugene