This issue has been moved from a ticket on Developer Community.

Hello,

I think there's a bug in the example code. When I copy/paste the code to test it, I receive an exception with the message, "Padding is invalid and cannot be removed".

There is a comment in the code example that says, "//The default iteration count is 1000 so the two methods use the same iteration count." The code however does not reflect this. On the line "Rfc2898DeriveBytes k2 = new Rfc2898DeriveBytes(pwd1, salt1);", it is missing ",
myIterations" as the preceding line has. This generates unique keys preventing decryption; reading elsewhere I found that the Keys and IVs must match on both encryption and decryption. Adding myIterations to this line fixes my issue.

Also, later down the page it says the constructors supplied in the example implementation for Rfc2898DeriveBytes are obsolete and should have the hash algorithm name.

Thanks!

Original Comments

Tracy Wang [MSFT] on 12/25/2023, 00:46 AM:

(private comment, text removed)

M Aseel Tungekar on 1/5/2024, 11:33 AM:

(private comment, text removed)

Feedback Bot on 1/2/2024, 09:31 PM:

(private comment, text removed)

Feedback Bot on 1/7/2024, 05:32 PM:

(private comment, text removed)

Tomas Weinfurt [MSFT] on 1/15/2024, 08:07 PM:

(private comment, text removed)

Original Solutions

(no solutions)