Connect WCF Cryptography.CryptographicException: Specified initialization vector (IV) does not match the block size for this algorithm

Question

In my project I got frequent error relate to "Cryptography" from my log file. Detail:

Global.aspx:  - System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Security.Cryptography.CryptographicException: Specified initialization vector (IV) does not match the block size for this algorithm.
   at System.Security.Cryptography.RijndaelManagedTransform..ctor(Byte[] rgbKey, CipherMode mode, Byte[] rgbIV, Int32 blockSize, Int32 feedbackSize, PaddingMode PaddingValue, RijndaelManagedTransformMode transformMode)
   at System.Security.Cryptography.RijndaelManaged.NewEncryptor(Byte[] rgbKey, CipherMode mode, Byte[] rgbIV, Int32 feedbackSize, RijndaelManagedTransformMode encryptMode)

But actualy, In my project I can't find anything code statement relate to that. Except some statement were auto generated by visual studio when I connect my project with WCF service

Detail in: ./MyProject/Connected Services/WCFServiceName/configuaration91.svcinfo

        <property path="/identity/certificateReference/storeName" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreName, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
          <serializedValue>My</serializedValue>
        </property>
        <property path="/identity/certificateReference/storeLocation" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreLocation, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
          <serializedValue>LocalMachine</serializedValue>
        </property>
        <property path="/identity/certificateReference/x509FindType" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.X509FindType, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
          <serializedValue>FindBySubjectDistinguishedName</serializedValue>
        </property>

I have try to solve and find the solution for that problem, but I don't find any question similar question.

I don't know who to turn to the advice for this subject. Pls help me

Thank you!

Answer 1

The error about the initialization vector (IV) and the presence of RijndaelManaged class implies that your WCF service is using a form of AES encryption.

Have you checked whether the WCF service is not under one of these un-supported scenarios ? https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/unsupported-scenarios

FIPS-compliant AES encryption does not work in duplex callbacks under identification level impersonation.

Answer 2

First, you need to confirm whether the relevant code is included. If it contains,you can refer to Specified initialization vector (IV) does not match the block size for this algorithm , if you change the user account that runs the IIS workflow, System.Security.Cryptography.CryptographicException may occur. If this is the case, you must give read access privileges to the process's account for the file containing the private key. For example, if the IIS worker process is running under the Bob account, then you will need to give Bob read access to the file containing the private key.