?
Solved

Globally Fixing: Padding is invalid and cannot be removed error

Posted on 2010-09-06
6
1 solution
Medium Priority
?
932 Views
Last Modified: 2012-05-10
I've just migrated from a Win 2003 server to a Win 2008R2 (x64) server...

I'm suddenly getting LOTS of these errors, from my .Net 2 / .Net 3.5 / .Net 4 applications:

Padding is invalid and cannot be removed
Is there a way to "Globally" fix the machine to stop these errors?

(I've seen a couple of solutions on-line, but they all refer to application level... I'd like to fix this in one place, once and for all)

Thanks in advance

Gayo

0
Comment
Question by:Espavo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Join The Community
  • 3
  • 2
6 Comments
 
LVL 53

Expert Comment

by:Dhaest
ID: 33609944
Can you post some more errorinformation (like a stacktrace or error from eventviewer), because this error can have multiple causes !
0
 
LVL 10

Author Comment

by:Espavo
ID: 33610086
Here's what comes out of an error message that the application e-mails me onError...
Message :
 
Padding is invalid and cannot be removed.
 
Source :
 
mscorlib
 
TargetSite :
 
Int32 DecryptData(Byte[], Int32, Int32, Byte[] ByRef, Int32, System.Security.Cryptography.PaddingMode, Boolean)
 
StackTrace :
 
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
0
 
LVL 53

Expert Comment

by:Dhaest
ID: 33610945
the explanation at http://www.codeproject.com/dotnet/Cryptor.asp.

The suggestions in other replys will sometimes work, by chance, but what you really need to do is set RijndaelAlg.Padding to PaddingMode.ISO10126, PaddingMode.PKCS7, or PaddingMode.ANSIX923. Any one of these 3 values should work, provided that you use the same value when encrypting and decrypting. Other values will work with some data, but not with all data. The above URL explains why.

What I don't understand is the reason Microsoft provides options that sometimes don't work, or at least why they don't default to a reliable option.


--> If I understand this article and comment correctly, there is no general solution possible. the only thing that helps is adjusting the code and redeploy it to each user !
0
 
LVL 10

Author Comment

by:Espavo
ID: 33611406
Thanks...
The CodeProject URL goes to a "Page Not Found" error...
AND, I don't use encryption on any of my applications... (Other than what is done by default for Forms Authentication)
So, I really need to find a "better/different" way to do this... (I don't have access to the source-code of all the applications that are deployed on my server...)
0
 
LVL 10

Accepted Solution

by:
Espavo earned 0 total points
ID: 33893171
I still haven't seen a solution to this problem... and still have the problem on my servers...
How / where can I get an answer (that works)? <please>
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Get e-book
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There were too many redirects - the boon and Bane of iFrame
Article by: Kini
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Security updates for Microsoft End of Life operating systems..
Article by: Andrew
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Configuring Storage Pools in Backup Exec 2012
Video by: Rodney
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Setting the Media and Overwrite Protection Levels in Backup Exec 2012
Video by: Rodney
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Advertise Here

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Advertise Here