Wednesday, April 02, 2008 10:39 AM Joe Levi

Exception type: CryptographicException

Recently we started getting the following error message on our ASP.NET 2.0 web application running on IIS6.

  • Exception type:
    • CryptographicException
  • Exception message:
    • Padding is invalid and cannot be removed.
  • Stack trace:
    • at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
    • at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
    • at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
    • at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo)
    • at System.Web.UI.Page.DecryptString(String s)
    • [...]

The application provides forms authentication as the login mechanism for the end-user.

To see how I fixed this see my article on JoeTheWebGuy.net.

Filed under:

Comments

# re: Exception type: CryptographicException

Wednesday, April 02, 2008 8:17 PM by Darren Kopp

You just need to put a machine key in the web.config of the application

www.codinghorror.com/.../000132.html

# re: Exception type: CryptographicException

Monday, September 28, 2009 6:21 AM by Andrew Ames

Thanks for the info, i'm getting this too

http://www.snapgift.co.uk

Leave a Comment

(required) 
(required) 
(optional)
(required)