Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / General / March 2008

Tip: Looking for answers? Try searching our database.

Exception - Padding is Invalid

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
AG - 09 Jan 2008 14:21 GMT
I occassionally get the following exception from an ASP.NET 2.0 Web
Application running on a shared web host.

I have no way of knowing what the actual request page was as it never
happens when I visit the site. The exception is trapped in the
Application_Error event of global.asax and emailed to me.

The only encryption in the app is the connectionStrings section of
web.config.

There is no localization in use.

Can anyone shed any light on how to identify the root cause and correct it?

Could it be a server configuration problem?
Request.Path: /WebResource.axd

Exception Message: Padding is invalid and cannot be removed.

StackTrace: at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)

at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)

at System.Security.Cryptography.CryptoStream.FlushFinalBlock()

at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
useValidationSymAlgo)

at System.Web.UI.Page.DecryptString(String s)

at
System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext
context)

at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)

InnerException:

CurrentExecutionFilePath: /WebResource.axd

Signature

AG
Email: discussATadhdataDOTcom

Reply to this Message
bruce barker - 09 Jan 2008 15:53 GMT
a webresource request has encrypted parameters (assembly name, and resource
id) so a user canot just randomly pluck out resources values (such as a
connect string). after encryption, the parameters are convereted to base64 to
make the strings url safe. due to base64's algrothrym a the string length is
always a mutilpe of three. to get this padding is added.

the error message means the parameter string was truncated (or has illegal
charaters) and does not match the url rendered. this is usally caused by a
proxy server that truncates the url because it too long, or performs some
other translation.

you would to run network traces to see if your end or the other end is
causing the problem.

-- bruce (sqlwork.com)

> I occassionally get the following exception from an ASP.NET 2.0 Web
> Application running on a shared web host.
[quoted text clipped - 45 lines]
>
> CurrentExecutionFilePath: /WebResource.axd
Reply to this Message
AG - 10 Jan 2008 02:05 GMT
Thanks Bruce,

Since I can't run any network traces, it sounds like I have to just ignore
it, unless it becomes more frequent.

Signature

AG
Email: discussATadhdataDOTcom

>a webresource request has encrypted parameters (assembly name, and resource
> id) so a user canot just randomly pluck out resources values (such as a
[quoted text clipped - 65 lines]
>>
>> CurrentExecutionFilePath: /WebResource.axd
Reply to this Message
Steven Cheng[MSFT] - 10 Jan 2008 03:16 GMT
Hi AG,

As for the WebResource.axd, it use machinekey to encrypt the
assembly/resource item parameters. by default, the machinekey of a .NET
application is randomly generated. Thus, if you're using webfarm or your
application will frequently restart due to some reason, you'll likely to
get such invalid exception when a former generated encryption parameter is
passed to webresource.axd.

One thing you can try is manually supply a fixed machinekey for your
ASP.NET application to see whether it helps:

#Getting CryptographicException exception "Padding is invalid and cannot be
removed" after Migrating to ASP.NET 2.0
http://blogs.msdn.com/paraga/rss_tag_ASP.NET+2.0.xml

#ASP.Net¡¯s WebResource.axd and machineKey badness
http://blog.aproductofsociety.org/?p=11

The machinekey has many other impacts on ASP.NET services, here is a good
article mentioned them:

#How To: Configure MachineKey in ASP.NET 2.0
http://msdn2.microsoft.com/en-us/library/ms998288.aspx

Hope this also helps.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================
   

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Reply-To: "AG" <NOSPAMa-giam@newsgroups.nospam>
>From: "AG" <NOSPAMa-giam@newsgroups.nospam>
>References:  <eKflmrsUIHA.6060@TK2MSFTNGP05.phx.gbl>
<798CE899-8322-473E-84D7-233DFBF72B9A@microsoft.com>
>Subject: Re: Exception - Padding is Invalid
>Date: Wed, 9 Jan 2008 21:05:12 -0500
[quoted text clipped - 23 lines]
>>
>> "
Reply to this Message
AG - 10 Jan 2008 12:54 GMT
Thanks Steven, I will try that.

Signature

AG
Email: discussATadhdataDOTcom

> Hi AG,
>
[quoted text clipped - 91 lines]
>>>
>>> "
Reply to this Message
Steven Cheng[MSFT] - 14 Jan 2008 02:45 GMT
Thanks for your reply,

If you got any new results, welcome to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Reply-To: "AG" <NOSPAMa-giam@newsgroups.nospam>
>From: "AG" <NOSPAMa-giam@newsgroups.nospam>
[quoted text clipped - 41 lines]
>>
>> Get notification to my posts through email? Please refer to

http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
>> ications.
>>
[quoted text clipped - 14 lines]
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
Reply to this Message
Matthew - 18 Mar 2008 17:41 GMT
We have set a 'SHA1' machinekey in the application web.config, but continue
to get this errors as shown below.
what do you recommend for us?

Event code: 3005
Event message: An unhandled exception has occurred.
Event ID: 7311ee384a0e4c86b7aea6d442ed2139 Event sequence: 841 Event
occurrence: 12 Event detail code: 0

Process information:
   Process name: w3wp.exe

Exception information:
   Exception type: System.Security.Cryptography.CryptographicException
   Exception message: Padding is invalid and cannot be removed.

Request information:
   Request URL:
http://www.example.com/WebResource.axd?d=sYEWk7s3_htsl7XNJ1fQM1My8nZ0cMidKe_4nIu
occwaRE7QIXQ0IkttYF_X-gPQ7YoV8di6ywT7go93N0RJJw2&t=633407498743493559
   Request path: /WebResource.axd
   User:
   Is authenticated: False
   Authentication Type:

Thread information:
   Is impersonating: True
   Stack trace:    at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32
outputOffset, PaddingMode paddingMode, Boolean fLast)
  at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
  at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
  at
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
useValidationSymAlgo)
  at System.Web.UI.Page.DecryptString(String s)
  at
System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
  at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
  at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)
Reply to this Message
Steven Cheng - 20 Mar 2008 02:52 GMT
Hi mudnug,

As for the error you encountered, where did the url come from? Also, does
the problem occur frequently or can easily repro?

Best regards,

Steven Cheng
Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: =?Utf-8?B?TWF0dGhldw==?= <mudnug@community.nospam>
>References:  <eKflmrsUIHA.6060@TK2MSFTNGP05.phx.gbl>
<798CE899-8322-473E-84D7-233DFBF72B9A@microsoft.com>
<Osei70yUIHA.1168@TK2MSFTNGP02.phx.gbl>
<KD0k5czUIHA.360@TK2MSFTNGHUB02.phx.gbl>
>Subject: Re: Exception - Padding is Invalid
>Date: Tue, 18 Mar 2008 09:41:04 -0700

>We have set a 'SHA1' machinekey in the application web.config, but continue
>to get this errors as shown below.
[quoted text clipped - 40 lines]
>   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
>completedSynchronously)
Reply to this Message
Matthew - 20 Mar 2008 03:02 GMT
The problem does occur rather frequently - over a hundred times overnight on
one occasion. I'm not able to reproduce it consistently, and have seen only a
handful of errors in 24 hours on most occasions.
Reply to this Message
Steven Cheng - 20 Mar 2008 10:21 GMT
Can you determine where did those problem request come from? Is your
appliation an internet application or intranet one?

Best regards,

Steven Cheng
Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: Exception - Padding is Invalid
>thread-index: AciKLmKHo8lmnQmMQgi5jOiciJcoXg==
>Subject: Re: Exception - Padding is Invalid
>Date: Wed, 19 Mar 2008 19:02:00 -0700

>The problem does occur rather frequently - over a hundred times overnight on
>one occasion. I'm not able to reproduce it consistently, and have seen only a
>handful of errors in 24 hours on most occasions.
Reply to this Message
Matthew - 20 Mar 2008 23:55 GMT
A sampling indicates the requests come from googlebot. The site is hosted at
www.dometech.com
Reply to this Message
Steven Cheng - 21 Mar 2008 03:47 GMT
Thanks for your reply mudnug,

If googlebot is the source agent, I think you've run into a common problem.
The google cache may contains a cached version of entire page(include the
viewstate hidden field). Thus, it will always send the cached
viewstate(that is specific to the certain machinekey which is used to sign
it). Then, when the application's server-side machinekey has changed, the
request based on the cached page will fail(with the invalid exception you
saw). Here is a web article also mentioned this:

#A Product of Society
http://blog.aproductofsociety.org/?p=11

If most of the errors in your site is caused by this, I think you can
simply ignore it.

Best regards,

Steven Cheng
Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: =?Utf-8?B?TWF0dGhldw==?= <mudnug@community.nospam>
>References:  <eKflmrsUIHA.6060@TK2MSFTNGP05.phx.gbl>
<798CE899-8322-473E-84D7-233DFBF72B9A@microsoft.com>
<Osei70yUIHA.1168@TK2MSFTNGP02.phx.gbl>
<KD0k5czUIHA.360@TK2MSFTNGHUB02.phx.gbl>
<93FBE7AE-7D77-4AF2-AF48-D019BAB5E867@microsoft.com>
<iIVKF0iiIHA.6264@TK2MSFTNGHUB02.phx.gbl>
<E80F6E0F-4CD7-4EDF-BAEE-C30AF98AF202@microsoft.com>
<fQPkMvmiIHA.6264@TK2MSFTNGHUB02.phx.gbl>
>Subject: Re: Exception - Padding is Invalid
>Date: Thu, 20 Mar 2008 15:55:01 -0700

>A sampling indicates the requests come from googlebot. The site is hosted at
>www.dometech.com
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.