Solved

Globally Fixing: Padding is invalid and cannot be removed error

Posted on 2010-09-06
6
917 Views
Last Modified: 2012-05-10
I've just migrated from a Win 2003 server to a Win 2008R2 (x64) server...

I'm suddenly getting LOTS of these errors, from my .Net 2 / .Net 3.5 / .Net 4 applications:

Padding is invalid and cannot be removed
Is there a way to "Globally" fix the machine to stop these errors?

(I've seen a couple of solutions on-line, but they all refer to application level... I'd like to fix this in one place, once and for all)

Thanks in advance

Gayo

0
Comment
Question by:Espavo
  • 3
  • 2
6 Comments
 
LVL 53

Expert Comment

by:Dhaest
ID: 33609944
Can you post some more errorinformation (like a stacktrace or error from eventviewer), because this error can have multiple causes !
0
 
LVL 10

Author Comment

by:Espavo
ID: 33610086
Here's what comes out of an error message that the application e-mails me onError...
Message :
 
Padding is invalid and cannot be removed.
 
Source :
 
mscorlib
 
TargetSite :
 
Int32 DecryptData(Byte[], Int32, Int32, Byte[] ByRef, Int32, System.Security.Cryptography.PaddingMode, Boolean)
 
StackTrace :
 
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
0
 
LVL 53

Expert Comment

by:Dhaest
ID: 33610945
the explanation at http://www.codeproject.com/dotnet/Cryptor.asp.

The suggestions in other replys will sometimes work, by chance, but what you really need to do is set RijndaelAlg.Padding to PaddingMode.ISO10126, PaddingMode.PKCS7, or PaddingMode.ANSIX923. Any one of these 3 values should work, provided that you use the same value when encrypting and decrypting. Other values will work with some data, but not with all data. The above URL explains why.

What I don't understand is the reason Microsoft provides options that sometimes don't work, or at least why they don't default to a reliable option.


--> If I understand this article and comment correctly, there is no general solution possible. the only thing that helps is adjusting the code and redeploy it to each user !
0
 
LVL 10

Author Comment

by:Espavo
ID: 33611406
Thanks...
The CodeProject URL goes to a "Page Not Found" error...
AND, I don't use encryption on any of my applications... (Other than what is done by default for Forms Authentication)
So, I really need to find a "better/different" way to do this... (I don't have access to the source-code of all the applications that are deployed on my server...)
0
 
LVL 10

Accepted Solution

by:
Espavo earned 0 total points
ID: 33893171
I still haven't seen a solution to this problem... and still have the problem on my servers...
How / where can I get an answer (that works)? <please>
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question