GetNetworkCredential difficulties

Ask your Windows PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 6:11 pm

I think my error was that the size of the text I was encrypting did not have the correct byte count. That makes sense according to the error message invalid padding.

John

User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 6:17 pm

$Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John

User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 6:23 pm

Excuse my lack of knowledge, I fail to see how the byte size of the data is padded properly. How does this make the character fill correct? I see how you specify your key size. That is all i see.

# generate a custom key with correct length
$keyLength = 16 # valid values are 16,24,32
$EncryptKey = [byte[]]::New($keyLength)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($EncryptKey)
$EncryptKey
# to get the string value
[system.Text.Encoding]::UTF8.GetString($EncryptKey)
# we would normally save this in the registry as a local encrypted (secure) string
# Each account would have to install the key into the registry once.

User avatar
jvierra
Posts: 13294
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: GetNetworkCredential difficulties

Post by jvierra » Sun Jan 27, 2019 6:43 pm

jsira2003@yahoo.com wrote:
Sun Jan 27, 2019 6:11 pm
I think my error was that the size of the text I was encrypting did not have the correct byte count. That makes sense according to the error message invalid padding.

John
Ahh. I was hoping you would address that. A key ust be of exact length. Many methods of key creation will not work as expected.

To use plain text as a key check it like this:

Code: Select all

$stringKey = <some string>
if( $stringKey.Length -ne $requiredLength){  # must be 16,24 0r 32
     # error
}

User avatar
jvierra
Posts: 13294
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: GetNetworkCredential difficulties

Post by jvierra » Sun Jan 27, 2019 6:45 pm

jsira2003@yahoo.com wrote:
Sun Jan 27, 2019 6:17 pm
$Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John
UTF8 is a character encoding and has nothing to do with fonts.

User avatar
jvierra
Posts: 13294
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: GetNetworkCredential difficulties

Post by jvierra » Sun Jan 27, 2019 6:46 pm

jsira2003@yahoo.com wrote:
Sun Jan 27, 2019 6:23 pm
Excuse my lack of knowledge, I fail to see how the byte size of the data is padded properly. How does this make the character fill correct? I see how you specify your key size. That is all i see.

# generate a custom key with correct length
$keyLength = 16 # valid values are 16,24,32
$EncryptKey = [byte[]]::New($keyLength)
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($EncryptKey)
$EncryptKey
# to get the string value
[system.Text.Encoding]::UTF8.GetString($EncryptKey)
# we would normally save this in the registry as a local encrypted (secure) string
# Each account would have to install the key into the registry once.
Because it creates a byte array of the correct length and fills it with random characters that will work as a key.

User avatar
jvierra
Posts: 13294
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: GetNetworkCredential difficulties

Post by jvierra » Sun Jan 27, 2019 6:49 pm

jvierra wrote:
Sun Jan 27, 2019 6:45 pm
jsira2003@yahoo.com wrote:
Sun Jan 27, 2019 6:17 pm
$Key = [system.Text.Encoding]::UTF8.GetBytes('1234561234567890')

as opposed to

$key = (200,45,10,...)

I'm not sure how I'd represent what I wrote as above. Is it necessary to represent the byte array that way? I think utf8 is specifying a font. I'm trying to wrap my head around it.

John
UTF8 is a character encoding and has nothing to do with fonts.
Consider what your code is doing when you do that. It is not a byte array.

Code: Select all

PS D:\scripts> $key = 200,45,10,11,12
PS D:\scripts> $key.getType()

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     Object[]                                 System.Array


PS D:\scripts> [byte[]]$key =  200,45,10,11,12
PS D:\scripts> $key.getType()

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     Byte[]                                   System.Array


PS D:\scripts>

User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 6:58 pm

[Byte[]]$key = (200,48,29,36,41,100,7,9)
$key.GetType()

I will change it to this and see what happens.

John

User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 6:59 pm

I'll use 32 bytes.

User avatar
jsira2003@yahoo.com
Posts: 94
Joined: Fri Apr 07, 2017 9:47 am

Re: GetNetworkCredential difficulties

Post by jsira2003@yahoo.com » Sun Jan 27, 2019 7:13 pm

Well as it turns out type [byte[]] array didn't change the outcome. I recreated by key file and put it where expected.

John

Locked