Padding is invalid and cannot be removed.

Welcome Forums General PowerShell Q&A Padding is invalid and cannot be removed.

This topic contains 4 replies, has 3 voices, and was last updated by

 
Participant
3 years, 5 months ago.

  • Author
    Posts
  • #30451

    Participant
    Points: 18
    Rank: Member

    Powershell version:

    Name : ConsoleHost
    Version : 5.0.10105.0

    Decryption issue

    PS C:\Users\Administrator> ConvertTo-SecureString -key $key -String $password
    ConvertTo-SecureString : Padding is invalid and cannot be removed.
    At line:1 char:1
    + ConvertTo-SecureString -key $key -String $password
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
    + FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecure
    StringCommand

    No issues with earlier version of powershell. ( works fine on version 4 )
    Requesting help in this regards,

    Script:
    $file = "c:\securefile"
    $key = 1..32 | Get-Random -Count 16 -SetSeed 654321
    $password = Get-Content $File | ConvertTo-SecureString -key $key

    need some directions to fix this.

    Additional notes::

    just to add,
    https://technet.microsoft.com/en-us/library/hh849905.aspx?f=255&MSPPError=-2147217396

    Example 11 says
    # Commands with the same seed are not random.

    I got 2 different set of output for $key for version 4 and version 5.

    any suggestions?

  • #30452

    Member
    Points: 0
    Rank: Member

    Looks like something changed in Get-Random between those PS versions. Since you're essentially hard-coding your key either way, it would probably be safer just to save it that way, and avoid the problem.

    $key = [Convert]::FromBase64String('CwUCCg4QGxITESAJGQgBFw==')
    

    To get that key, I ran these commands in PowerShell v2:

    $bytes = 1..32 | Get-Random -Count 16 -SetSeed 654321
    [Convert]::ToBase64String($bytes)
    
  • #30453

    Member
    Points: 0
    Rank: Member

    On a side note, this doesn't really add any security, since anyone can retrieve your key using the same PowerShell commands. I did a talk on this subject at the PowerShell summit which might interest you: https://www.youtube.com/watch?v=Ta2hQHVKauo

  • #30463

    Participant
    Points: 18
    Rank: Member

    Hello Dave,

    Thank you.. i've already seen your talk on crypto and it had helped me a lot , this is the type 1 , the script executes and it gets deleted and it happens even before the server is ready.

    for now, i've hard-coded the working key.. waiting to know what has changed in get-random even though there is a work around ..

    Thank you once again...

  • #30464

    Participant
    Points: 21
    Rank: Member

    The only change I see.

    Beginning in Windows PowerShell 3.0, Get-Random supports 64-bit integers. In Windows PowerShell 2.0, all values are cast to System.Int32

The topic ‘Padding is invalid and cannot be removed.’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort