GetNetworkCredential difficulties

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 5 years and 1 month old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

I think my error was that the size of the text I was encrypting did not have the correct byte count. That makes sense according to the error message invalid padding.

John
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

$Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

Excuse my lack of knowledge, I fail to see how the byte size of the data is padded properly. How does this make the character fill correct? I see how you specify your key size. That is all i see.

# generate a custom key with correct length
$keyLength = 16 # valid values are 16,24,32
$EncryptKey = [byte[]]::New($keyLength)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($EncryptKey)
$EncryptKey
# to get the string value
[system.Text.Encoding]::UTF8.GetString($EncryptKey)
# we would normally save this in the registry as a local encrypted (secure) string
# Each account would have to install the key into the registry once.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: GetNetworkCredential difficulties

Post by jvierra »

jsira2003@yahoo.com wrote: Sun Jan 27, 2019 5:11 pm I think my error was that the size of the text I was encrypting did not have the correct byte count. That makes sense according to the error message invalid padding.

John
Ahh. I was hoping you would address that. A key ust be of exact length. Many methods of key creation will not work as expected.

To use plain text as a key check it like this:

Code: Select all

$stringKey = <some string>
if( $stringKey.Length -ne $requiredLength){  # must be 16,24 0r 32
     # error
}
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: GetNetworkCredential difficulties

Post by jvierra »

jsira2003@yahoo.com wrote: Sun Jan 27, 2019 5:17 pm $Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John
UTF8 is a character encoding and has nothing to do with fonts.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: GetNetworkCredential difficulties

Post by jvierra »

jsira2003@yahoo.com wrote: Sun Jan 27, 2019 5:23 pm Excuse my lack of knowledge, I fail to see how the byte size of the data is padded properly. How does this make the character fill correct? I see how you specify your key size. That is all i see.

# generate a custom key with correct length
$keyLength = 16 # valid values are 16,24,32
$EncryptKey = [byte[]]::New($keyLength)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($EncryptKey)
$EncryptKey
# to get the string value
[system.Text.Encoding]::UTF8.GetString($EncryptKey)
# we would normally save this in the registry as a local encrypted (secure) string
# Each account would have to install the key into the registry once.
Because it creates a byte array of the correct length and fills it with random characters that will work as a key.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: GetNetworkCredential difficulties

Post by jvierra »

jvierra wrote: Sun Jan 27, 2019 5:45 pm
jsira2003@yahoo.com wrote: Sun Jan 27, 2019 5:17 pm $Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John
UTF8 is a character encoding and has nothing to do with fonts.
Consider what your code is doing when you do that. It is not a byte array.

Code: Select all

PS D:\scripts> $key = 200,45,10,11,12
PS D:\scripts> $key.getType()

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     Object[]                                 System.Array


PS D:\scripts> [byte[]]$key =  200,45,10,11,12
PS D:\scripts> $key.getType()

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     Byte[]                                   System.Array


PS D:\scripts>
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

[Byte[]]$key = (200,48,29,36,41,100,7,9)
$key.GetType()

I will change it to this and see what happens.

John
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

I'll use 32 bytes.
User avatar
jsira2003@yahoo.com
Posts: 117
Last visit: Tue Jul 11, 2023 6:18 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com »

Well as it turns out type [byte[]] array didn't change the outcome. I recreated by key file and put it where expected.

John
This topic is 5 years and 1 month old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked