Hi my webserver is running .Net 1.1 and intermitently i get the
following error. Does anyone out there have any idea why this happens?
And how i can try and start solving the problem. Most of the time the
website works okay. Thanks in advance!

Server Error in '/Ed/ENROL' Application.
--------------------------------------------------------------------------------

Bad Data.
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException:
Bad Data.

Source Error:

An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.


Stack Trace:


[CryptographicException: Bad Data.
]
   System.Security.Cryptography.CryptoAPITransform._DecryptData(IntPtr
hKey, Byte[] rgb, Int32 ib, Int32 cb, Boolean fDone) +0

System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount) +805
   System.Security.Cryptography.CryptoStream.FlushFinalBlock() +40
   System.Web.Configuration.MachineKey.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length) +139
   System.Web.Security.FormsAuthentication.Decrypt(String
encryptedTicket) +114
   FSSL.Enrol.WebUI.Global.Application_AuthenticateRequest(Object
sender, EventArgs e) +79

System.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
+60
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously) +87




--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:1.1.4322.2300;
ASP.NET Version:1.1.4322.2300

You can get that if the keys or iv are different on each side, or something
messes up the data in pipe, or one side did not fully flush the cryto
service provider correctly so that the final bytes are written.  So "bad
data" is not the most helpful message, but that is all crypto service
provider knows - it is bad.

Show quoteHide quoteSystem.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
Show quoteHide quote

William Stacey [MVP] wrote:
Okay so it's bad. Is there anything i can do to investigate why it's
bad and stop it from happening?


The website works most of the time. Is it a problem with the website or
the set up of the webserver?


Thanks in advance!

Wish I had a simple answer.  I think you will have to Trace the data in your
program on both sides and/or the wire to see where the bogus data is coming
from.  If it is good coming out of the client, but bad going into your
service, then something is happening on the wire.  If it is bad coming out
of the client, then that is easy.   Maybe create a Pipe class (I have one if
you need) that acts as your "wire" and test the client and server code again
locally using the Pipe using real data including the data that is failing.
If you can't get exception with that, then most likely something happening
at transport points.

You may also not be flushing or closing the streams properly so it may work
with some small data, but is failing on larger data.  Post a small, but
complete sample of your encyrpt/decrypt code if you want more eyes on the
issue.

Show quoteHide quote

Advice requested : Storing SID String in SQL table
Aplying more than 1 attributes ?????
Preferred method of hashing salted password
Verify syntax of an URl
Encrypting connection string in app.config
Service runing under Local System account ???
DPAPI and key store
when my C# service impersonates a secondary account does the secondary account need any special perm
Domain isolation question.
SignedXml CheckSignature CryptographicException