Trouble with decrypting AES/ECB padded using PCKS5 in C#

Question

I need to decrypt a picture coming from an online service (which is not mine, so I must use this way of encryption).
This picture is encryted using AES/ECB with a single synchronous key and padded using PKCS5 .

I tried several ways to achieve this, but none of them worked. I use the BoucyCastle cryptography library.

Here's my decryption code :

    public static byte[] Decrypt(string input)
    {
        var cipher = CipherUtilities.GetCipher("AES/ECB/PKCS5Padding");
        cipher.Init(false, new KeyParameter(Encoding.UTF8.GetBytes(KEY)));
        byte[] todo = Encoding.UTF8.GetBytes(Pad(input));
        byte[] bytes = cipher.ProcessBytes(todo);
        byte[] final = cipher.DoFinal();

        // Write the decrypt bytes & final to memory...
        var decryptedStream = new MemoryStream(bytes.Length);
        decryptedStream.Write(bytes, 0, bytes.Length);
        decryptedStream.Write(final, 0, final.Length);
        decryptedStream.Flush();

        var decryptedData = new byte[decryptedStream.Length];
        decryptedStream.Read(decryptedData, 0, (int)decryptedStream.Length);
        return decryptedData;
    }

    private static string Pad(string data)
    {
        int len = data.Length;
        int toAdd = (16 - len % 16);
        for (int i = 0; i < toAdd; i++)
        {
            data += (char)toAdd;
        }
        return data;
    }

When I try, it raises an InvalidCipherTextExpression with the message "pad block corrupted", at the byte[] final = cipher.DoFinal(); line.
I tested my padding function and it seemed to work as expected.
I tried to look inside the BouncyCastle source code to look for my error, and what I found is that the last block doesn't have any padding, and that's what is causing the error. So I'm wondering if I'm doing something wrong somewhere else, because it may not come from the padding.
Maybe the input string, which is retrieved from a http server with this :

        // grab te response and print it out to the console along with the status code
        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        return new StreamReader(response.GetResponseStream()).ReadToEnd();

What I want to achieve is exactly the same thing as here : C# Decrypting AES/ECB Paddded Using PKCS#5
But there's no awnsers as the asker didn't try anything..

Thanks in advance, and I'm really sorry for my bad english.

Answer 1

You have an incomplete ciphertext - data encrypted with AES-128 will be always a multiple of 128/8 = 16 bytes. Ie Last block incomplete in decryption means you have, say, 127 bytes of ciphertext instead of 128.

As said in comments, you must not pad ciphertext before decryption. "It worked" because your function did not actually pad anything - because of the reason highlighted above.

Are you sure you're using same "bitness" flavours of AES? (for example, it may be that you decrypt AES-128 ciphertext with AES-192)

PS On an unrelated note, cipher.Init(false, new KeyParameter(Encoding.UTF8.GetBytes(KEY))); does also look suspicious. Are you sure it's not Base64 or the like?