R
rdlauer
For some time now we've been seeing seemingly random errors thrown by
an application "Padding is invalid and cannot be removed". Everything
I've read about this online suggests that the machine key is different
between two load-balanced servers, but this application is running on
just one server. The other odd thing is that the errors come in
groups. Over a short period of time (5 minutes or so) many different
users will hit this error over said time period, but after that, the
app works fine again. I assume it is trying to decrypt the ViewState
or something but we're not doing any explicit encryption in the app.
Here is the error detail, any help would be appreciated!
Error Message: Padding is invalid and cannot be removed.
Source: mscorlib
Stack Trace: at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]&
outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean
fLast) at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount) at
System.Security.Cryptography.CryptoStream.FlushFinalBlock() at
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length,
Boolean useValidationSymAlgo) at
System.Web.UI.ObjectStateFormatter.Deserialize(String inputString)
an application "Padding is invalid and cannot be removed". Everything
I've read about this online suggests that the machine key is different
between two load-balanced servers, but this application is running on
just one server. The other odd thing is that the errors come in
groups. Over a short period of time (5 minutes or so) many different
users will hit this error over said time period, but after that, the
app works fine again. I assume it is trying to decrypt the ViewState
or something but we're not doing any explicit encryption in the app.
Here is the error detail, any help would be appreciated!
Error Message: Padding is invalid and cannot be removed.
Source: mscorlib
Stack Trace: at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]&
outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean
fLast) at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount) at
System.Security.Cryptography.CryptoStream.FlushFinalBlock() at
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length,
Boolean useValidationSymAlgo) at
System.Web.UI.ObjectStateFormatter.Deserialize(String inputString)