This topic contains 4 replies, has 3 voices, and was last updated by
October 6, 2015 at 3:24 am #30451ParticipantTopics: 4Replies: 8Points: 18Rank: Member
Name : ConsoleHost
Version : 5.0.10105.0
PS C:\Users\Administrator> ConvertTo-SecureString -key $key -String $password
ConvertTo-SecureString : Padding is invalid and cannot be removed.
At line:1 char:1
+ ConvertTo-SecureString -key $key -String $password
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecure
No issues with earlier version of powershell. ( works fine on version 4 )
Requesting help in this regards,
$file = "c:\securefile"
$key = 1..32 | Get-Random -Count 16 -SetSeed 654321
$password = Get-Content $File | ConvertTo-SecureString -key $key
need some directions to fix this.
Example 11 says
# Commands with the same seed are not random.
I got 2 different set of output for $key for version 4 and version 5.
October 6, 2015 at 4:06 am #30452MemberTopics: 9Replies: 2322Points: 0Rank: Member
Looks like something changed in Get-Random between those PS versions. Since you're essentially hard-coding your key either way, it would probably be safer just to save it that way, and avoid the problem.
$key = [Convert]::FromBase64String('CwUCCg4QGxITESAJGQgBFw==')
To get that key, I ran these commands in PowerShell v2:
$bytes = 1..32 | Get-Random -Count 16 -SetSeed 654321 [Convert]::ToBase64String($bytes)
October 6, 2015 at 4:08 am #30453MemberTopics: 9Replies: 2322Points: 0Rank: Member
On a side note, this doesn't really add any security, since anyone can retrieve your key using the same PowerShell commands. I did a talk on this subject at the PowerShell summit which might interest you: https://www.youtube.com/watch?v=Ta2hQHVKauo
October 6, 2015 at 9:20 am #30463ParticipantTopics: 4Replies: 8Points: 18Rank: Member
Thank you.. i've already seen your talk on crypto and it had helped me a lot , this is the type 1 , the script executes and it gets deleted and it happens even before the server is ready.
for now, i've hard-coded the working key.. waiting to know what has changed in get-random even though there is a work around ..
Thank you once again...
October 6, 2015 at 9:51 am #30464ParticipantTopics: 18Replies: 573Points: 32Rank: Member
The only change I see.
Beginning in Windows PowerShell 3.0, Get-Random supports 64-bit integers. In Windows PowerShell 2.0, all values are cast to System.Int32
The topic ‘Padding is invalid and cannot be removed.’ is closed to new replies.