DotNetNewsgroup.com  
web access to complete list of Microsoft.NET newsgroups
   home   |   control panel login   |   archive  |  
 
  carried group
academic
adonet
aspnet
aspnet.announcements
aspnet.buildingcontrols
aspnet.caching
aspnet.datagridcontrol
aspnet.mobile
aspnet.security
aspnet.webcontrols
aspnet.webservices
assignment_manager
datatools
dotnet.distributed_apps
dotnet.general
dotnet.myservices
dotnet.nternationalization
dotnet.scripting
dotnet.security
dotnet.vjsharp
dotnet.vsa
dotnet.xml
dotnetfaqs
framework
framework.clr
framework.compactframework
framework.component_services
framework.controls
framework.databinding
framework.drawing
framework.enhancements
framework.interop
framework.odbcnet
framework.performance
framework.remoting
framework.sdk
framework.setup
framework.webservices
framework.windowsforms
framework.wmi
frwk.windowsforms.designtime
lang.csharp
lang.jscript
lang.vb
lang.vb.controls
lang.vb.data
lang.vb.upgrade
lang.vc
lang.vc.libraries
  
 
start date: Mon, 13 Aug 2007 12:03:03 -0400,    posted on: microsoft.public.dotnet.framework.aspnet        back       

Thread Index
  1    Amelyan bamelyan at wi.rr.com
          2    bruce barker
                 3    Amelyan bamelyan at wi.rr.com


Padding is invalid and cannot be removed.    
Why does this happen?  How to fix it?

Once in a while I get error in ~/ScriptResource.axd?d=...

System.Reflection.TargetInvocationException: Exception has been thrown by
the target of an invocation. --->
System.Security.Cryptography.CryptographicException: Padding is invalid and
cannot be removed.

   at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)

   at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)

   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()

   at
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
useValidationSymAlgo)

   at System.Web.UI.Page.DecryptString(String s)

   --- End of inner exception stack trace ---

   at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[]
arguments, SignatureStruct& sig, MethodAttributes methodAttributes,
RuntimeTypeHandle typeOwner)

   at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[]
arguments, Signature sig, MethodAttributes methodAttributes,
RuntimeTypeHandle typeOwner)

   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
skipVisibilityChecks)

   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)

   at System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters)

   at System.Web.Handlers.ScriptResourceHandler.DecryptString(String s)

   at
System.Web.Handlers.ScriptResourceHandler.DecryptParameter(NameValueCollection
queryString)

   at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext
context)

   at
System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext
context)

   at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)
Date:Mon, 13 Aug 2007 12:03:03 -0400   Author:  

Re: Padding is invalid and cannot be removed.    
to keep hacker from arbitrarily accessing resource string, the access 
strings are encrypted and converted to base64 to produce a url to access 
the resource value. the error means the url parameters are not valid. 
check the iis logs to see what the values sent are. perhaps truncation 
is occurring.

-- bruce (sqlwork.com)

Amelyan wrote:

> Why does this happen?  How to fix it?
> 
> Once in a while I get error in ~/ScriptResource.axd?d=...
> 
> System.Reflection.TargetInvocationException: Exception has been thrown by
> the target of an invocation. --->
> System.Security.Cryptography.CryptographicException: Padding is invalid and
> cannot be removed.
> 
>    at
> System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
> inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
> Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
> 
>    at
> System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
> inputBuffer, Int32 inputOffset, Int32 inputCount)
> 
>    at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
> 
>    at
> System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
> fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
> useValidationSymAlgo)
> 
>    at System.Web.UI.Page.DecryptString(String s)
> 
>    --- End of inner exception stack trace ---
> 
>    at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[]
> arguments, SignatureStruct& sig, MethodAttributes methodAttributes,
> RuntimeTypeHandle typeOwner)
> 
>    at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[]
> arguments, Signature sig, MethodAttributes methodAttributes,
> RuntimeTypeHandle typeOwner)
> 
>    at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
> skipVisibilityChecks)
> 
>    at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
> 
>    at System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters)
> 
>    at System.Web.Handlers.ScriptResourceHandler.DecryptString(String s)
> 
>    at
> System.Web.Handlers.ScriptResourceHandler.DecryptParameter(NameValueCollection
> queryString)
> 
>    at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext
> context)
> 
>    at
> System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext
> context)
> 
>    at
> System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
> 
>    at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
> completedSynchronously)
> 
> 
> 
> 
>
Date:Mon, 13 Aug 2007 10:18:14 -0700   Author:  

Re: Padding is invalid and cannot be removed.    
This is also happening to normal users not hacking the website.  Is this a 
bug in ASP.NET?


"bruce barker"  wrote in message 
news:Om4fy3c3HHA.5160@TK2MSFTNGP05.phx.gbl...

> to keep hacker from arbitrarily accessing resource string, the access 
> strings are encrypted and converted to base64 to produce a url to access 
> the resource value. the error means the url parameters are not valid. 
> check the iis logs to see what the values sent are. perhaps truncation is 
> occurring.
>
> -- bruce (sqlwork.com)
>
> Amelyan wrote:
>> Why does this happen?  How to fix it?
>>
>> Once in a while I get error in ~/ScriptResource.axd?d=...
>>
>> System.Reflection.TargetInvocationException: Exception has been thrown by
>> the target of an invocation. --->
>> System.Security.Cryptography.CryptographicException: Padding is invalid 
>> and
>> cannot be removed.
>>
>>    at
>> System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
>> inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
>> Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
>>
>>    at
>> System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
>> inputBuffer, Int32 inputOffset, Int32 inputCount)
>>
>>    at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
>>
>>    at
>> System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
>> fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
>> useValidationSymAlgo)
>>
>>    at System.Web.UI.Page.DecryptString(String s)
>>
>>    --- End of inner exception stack trace ---
>>
>>    at System.RuntimeMethodHandle._InvokeMethodFast(Object target, 
>> Object[]
>> arguments, SignatureStruct& sig, MethodAttributes methodAttributes,
>> RuntimeTypeHandle typeOwner)
>>
>>    at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[]
>> arguments, Signature sig, MethodAttributes methodAttributes,
>> RuntimeTypeHandle typeOwner)
>>
>>    at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
>> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, 
>> Boolean
>> skipVisibilityChecks)
>>
>>    at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
>> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
>>
>>    at System.Reflection.MethodBase.Invoke(Object obj, Object[] 
>> parameters)
>>
>>    at System.Web.Handlers.ScriptResourceHandler.DecryptString(String s)
>>
>>    at
>> System.Web.Handlers.ScriptResourceHandler.DecryptParameter(NameValueCollection
>> queryString)
>>
>>    at 
>> System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext
>> context)
>>
>>    at
>> System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext
>> context)
>>
>>    at
>> System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
>>
>>    at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, 
>> Boolean&
>> completedSynchronously)
>>
>>
>>
>>
Date:Mon, 13 Aug 2007 13:22:31 -0400   Author:  

Google
 
Web dotnetnewsgroup.com


COPYRIGHT ?2005, EUROFRONT WORLDWIDE LTD., ALL RIGHT RESERVE  |   Contact us