Getting Started

Re: Annoying CryptographicException on WebResource.axd

caracho — Thu, 16 Jul 2009 17:02:20 GMT

Hi Joel:

Debug the padding (choose the right padding). Close the flows in a finally block (e.g. msEncrypt: pMemoryStream; csEncrypt: pCryptoStream). Choose the Encoding depending on the Padding of the encription.

Hope it helps, if not, go to a Salsa place, if it helps, go also ;-)

Regards,

Re: Annoying CryptographicException on WebResource.axd

joelc — Wed, 15 Jul 2009 18:58:59 GMT

AlexB1318,

I am also seeing this error. Did you find a resolution to it?

Thanks,
Joel

Re: Annoying CryptographicException on WebResource.axd

AlexB1318 — Wed, 03 Jun 2009 23:35:08 GMT

I've been gettnig this error in Firefox when my session expires. I'm also using a cookie.

Anyone know how I can clear this up?

Re: Annoying CryptographicException on WebResource.axd

caracho — Tue, 20 Jan 2009 15:41:41 GMT

It can be several causes. The way I found the error was to follow the most relevant test arguments (I did an old fashion call tree stack in a text editor), until I found the one. I was decrypting the connection string instead of the key. I know, it's kind of silly but I could detect it.

One good link, that helped me to solve other minor bugs was

http://www.codeproject.com/KB/security/Cryptor.aspx

Specially on "Notes On Padding"

VS2003 has by default PaddingMode.PKCS7, in VS2008 (targeting to .NET2.0) it is required that you explicitily declare it PaddingMode.PKCS7. Even for me it behaved as PaddingMode.Zeros, so I had to program a function that removed the last zeros.

Hope It would help you solve your solution.

"Freedom" Wallace

Re: Annoying CryptographicException on WebResource.axd

GonKas — Wed, 25 Jun 2008 09:34:12 GMT

Hi there!

Watch this website:

http://blog.aproductofsociety.org/?cat=10

Happy programming

Re: Annoying CryptographicException on WebResource.axd

Norton — Fri, 23 Mar 2007 00:32:17 GMT

We had the same error in our NLB settup. We already had consistent machineKeys, but were still getting the error.

The problem was we were missing the decryptionKey=, and that appearantly made a different d= value, and made all machines consistent,

Have not seen the errors resurface yet.

Read my writeup here for more info:

http://blog.aproductofsociety.org/?p=11

Re: Annoying CryptographicException on WebResource.axd

Luc1an — Mon, 19 Mar 2007 10:27:48 GMT

Good stuff, it helped me alot. Thank you!

Also you can visit these pages and find out a little more:

http://www.robotstxt.org/wc/exclusion-admin.html
http://www.mcanerin.com/EN/search-engine/robots-txt.asp

Regards,
Lucian

Re: Annoying CryptographicException on WebResource.axd

fizgig — Wed, 04 Oct 2006 11:13:27 GMT

A partial fix is excluding all axd from your robots.txt file (see one of my earlier posts). This will solve the issue when a search engine wants to re-index the axd.

The problem is that the query parameters to the axd is changed every time, when you use old ones, the crypto error is thrown. So when people look at a page from your website through google cache, the cached copy has a old reference to the axd and you will see the message. Besides blocking google from caching you pages, I could not find a solution for that. I just ignore them in my error-mail script.

Good luck!

Ward

Re: Annoying CryptographicException on WebResource.axd

Tyrven — Wed, 04 Oct 2006 07:36:32 GMT

I'm also getting these errors (by the thousands). I am on a web farm, however I have tried switching users to individual servers in the farm to test and get the same results.

One peculiar detail I've noticed about these: when I view the page (and it works) I see querystring parameters "d" and "t". However, my error logging system consistently reports only querystring parameter "d" with an additional parameter "z" which is always set to a bit value (0, 1).

Has anyone found an answer to this problem?

Jeremy

Re: Annoying CryptographicException on WebResource.axd

efanwick — Wed, 27 Sep 2006 12:12:04 GMT

Has anyone found a solution for this problem yet? I am now getting it and I also make extensive use of freetextbox, but I seem to only get it from proxy.aol.com. I tried playing with output cache page directives but it seems to have not made a difference. All help greatly appreciated

TIA.

Eric

Re: Annoying CryptographicException on WebResource.axd

billr578 — Tue, 22 Aug 2006 19:13:35 GMT

I'm having this same issue now and I tried the robots.txt fix as well to no avail. My site is getting hammered with these errors, and it only happens when someone goes to our offsite search page from our site.

Re: Annoying CryptographicException on WebResource.axd

stvsan — Mon, 14 Aug 2006 14:26:05 GMT

This thread seems old but Yahoo still seems to trigger this error even though I blocked it from my robots.txt file. Didn't anyone find resolution to this?

Thanks

Re: Annoying CryptographicException on WebResource.axd

fizgig — Thu, 09 Mar 2006 06:39:06 GMT

Hi Markus,

I see it much less fortunatly. But I still get it if someone sees a page of my website through google cache. Luckely is looks like it renders ok.

Ward

Re: Annoying CryptographicException on WebResource.axd

mpandur — Wed, 08 Mar 2006 22:03:14 GMT

An update:

1) The lovely trick with the robots.txt file seems to work. However it would still be interesting to know if there could be any noteable effects in the google results or something like that.

2) All the other errors (not from google) seem to be caused from an ISAPI-Filter that I have uninstalled now. I used url_rewrite from iismods.com. I don't try to say that it is the fault of this filter, maybe I did something wrong within the configuration - maybe not.

However I haven't seen this error for around 36 hours now and that's a new record. Hopefully that helps some of you too!

Best regards,

Markus

Re: Annoying CryptographicException on WebResource.axd

campkevin — Wed, 08 Mar 2006 21:26:49 GMT

I am also seeing this error intermittently. It shows up in the event log several times a day. I too am not running a web farm, and I am seeing this with regular user access to the pages on my site (i.e. not just with pages hit by spiders/crawlers).

I see that this issue was previously reported to Microsoft (http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?feedbackid=17c64976-ee21-4055-9de4-992d9c59e589), but they claim it is resolved because they can't reproduce it other than in web farm scenarios. Clearly there is a problem here, as evidenced by the number of people experiencing it in non-webfarm scenarios. It would be really nice to here something further from Microsoft on this.