1

I'm seeing this error a lot in my log lately on my prod. I've searched over the net on this error. I saw some notes like this, this or this. The bottom line on all of them is that I should set machineKey. But I already have machineKey set! Like that:

<machineKey decryption="AES"
        validation="SHA1"
        decryptionKey="64 hex key"
        validationKey="other 64 hex key"/>

Also I'm on web farm server and my application is on asp.net 3.5.

I'm pretty hopeless about this problem =\ How can I solve this?

Thanks.

EDIT:

Here is a full log:

Time: 04/07/2011 19:52:25
MESSAGE: Padding is invalid and cannot be removed.
HTTP_REFERER: 
SOURCE: mscorlib
FORM: 
QUERYSTRING: d=iAY45pNWTDkOra20F86mL9NBCe-wjxevTFjlNNxafjqLF0Aug2JmvB-c_8JQN4XnDIU1UJTmY2MC1xuySMKscg2&t=633851453303086250
TARGETSITE: Int32 DecryptData(Byte[], Int32, Int32, Byte[] ByRef, Int32, System.Security.Cryptography.PaddingMode, Boolean)
STACKTRACE:    at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo)
   at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType)
   at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Community
  • 1
  • 1
Nir
  • 2,497
  • 9
  • 42
  • 71
  • Read also http://stackoverflow.com/questions/1821243/cryptographicexception-padding-is-invalid-and-cannot-be-removed-and-validation-o/2551810#2551810 – Aristos Jul 04 '11 at 19:43
  • I saw one thing there - "a bot getting the pages and make all the character on the links in lower case", can I change the keys in my app to be lower case? Also I see that the QueryString is return as big and low case - so maybe its not related to me? – Nir Jul 04 '11 at 19:56
  • I really do not know to answer. But this is true, a bot make them all low case. But it was not important - the bot is need to read the main page not the resource, and the main page have no problem since bots not make post backs. But the resource keep this key on the url, and this was the point that I see this message. – Aristos Jul 04 '11 at 20:16
  • on your log you do not metion in what page you get the error ? is on resource or on simple page ? The query string is not lowcase however. There is always a case of some one try to hack your site, or just play with it. – Aristos Jul 04 '11 at 20:19
  • What you see I see, It suppose to show some function that I familiar with or HTTP_REFERER so I know from which page it came.. This message just keep coming and I dont have a clue how to solve it =\ – Nir Jul 06 '11 at 15:42
  • make the trick I have here... http://stackoverflow.com/questions/1821243/cryptographicexception-padding-is-invalid-and-cannot-be-removed-and-validation-o/2551810#2551810 – Aristos Jul 06 '11 at 15:50

1 Answers1

3

A recent ASP.Net patch changed the encryption format.

Make sure that every server in the farm is fully updated.

SLaks
  • 868,454
  • 176
  • 1,908
  • 1,964
  • 1
    How can I check this? The web farm server belong to hosting company – Nir Jul 04 '11 at 19:45
  • They said that nothing has changed in the last 4 months. If it just started to accord last month I dont believe that asp.net patch is the issue.. – Nir Jul 06 '11 at 15:39