Globally Fixing: Padding is invalid and cannot be removed error

I've just migrated from a Win 2003 server to a Win 2008R2 (x64) server...

I'm suddenly getting LOTS of these errors, from my .Net 2 / .Net 3.5 / .Net 4 applications:

Padding is invalid and cannot be removed
Is there a way to "Globally" fix the machine to stop these errors?

(I've seen a couple of solutions on-line, but they all refer to application level... I'd like to fix this in one place, once and for all)

Thanks in advance

Gayo

LVL 10
EspavoAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
EspavoConnect With a Mentor Author Commented:
I still haven't seen a solution to this problem... and still have the problem on my servers...
How / where can I get an answer (that works)? <please>
0
 
DhaestCommented:
Can you post some more errorinformation (like a stacktrace or error from eventviewer), because this error can have multiple causes !
0
 
EspavoAuthor Commented:
Here's what comes out of an error message that the application e-mails me onError...
Message :
 
Padding is invalid and cannot be removed.
 
Source :
 
mscorlib
 
TargetSite :
 
Int32 DecryptData(Byte[], Int32, Int32, Byte[] ByRef, Int32, System.Security.Cryptography.PaddingMode, Boolean)
 
StackTrace :
 
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
0
 
DhaestCommented:
the explanation at http://www.codeproject.com/dotnet/Cryptor.asp.

The suggestions in other replys will sometimes work, by chance, but what you really need to do is set RijndaelAlg.Padding to PaddingMode.ISO10126, PaddingMode.PKCS7, or PaddingMode.ANSIX923. Any one of these 3 values should work, provided that you use the same value when encrypting and decrypting. Other values will work with some data, but not with all data. The above URL explains why.

What I don't understand is the reason Microsoft provides options that sometimes don't work, or at least why they don't default to a reliable option.


--> If I understand this article and comment correctly, there is no general solution possible. the only thing that helps is adjusting the code and redeploy it to each user !
0
 
EspavoAuthor Commented:
Thanks...
The CodeProject URL goes to a "Page Not Found" error...
AND, I don't use encryption on any of my applications... (Other than what is done by default for Forms Authentication)
So, I really need to find a "better/different" way to do this... (I don't have access to the source-code of all the applications that are deployed on my server...)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.