Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, October 6, 2015 6:40 AM
Powershell version:
Name : ConsoleHost
Version : 5.0.10105.0
Decryption issue
PS C:\Users\Administrator> ConvertTo-SecureString -key $key -String $password
ConvertTo-SecureString : Padding is invalid and cannot be removed.
At line:1 char:1
+ ConvertTo-SecureString -key $key -String $password
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecure
StringCommand
No issues with earlier version of powershell. ( works fine on version 4 )
Requesting help in this regards,
Script
$file = "c:\securefile"
$key = 1..32 | Get-Random -Count 16 -SetSeed 654321
$password = Get-Content $File | ConvertTo-SecureString -key $key
need some directions to fix this.
Regards,
Venu
All replies (7)
Wednesday, October 7, 2015 9:00 AM ✅Answered
It works for me in 4 and 5. The issue is with files with multiple lines. It is not buffered correctly for some reason as is noted in the article posted above.
you want a password or a line on the file and not many lines. ConvertTo-SecureString converts strings and not arrays. Get-Content returns an array and not a string. The difference may be in the handling of a file with a single line.
\(ツ)_/
Tuesday, October 6, 2015 8:03 AM
just to add,
https://technet.microsoft.com/en-us/library/hh849905.aspx?f=255&MSPPError=-2147217396
Example 11 says
# Commands with the same seed are not random.
I got 2 different set of output for $key for version 4 and version 5.
any suggestions?
Wednesday, October 7, 2015 8:37 AM
Hi,
Please check this article below to see whether it is helpful to you:
Oh no! My padding’s invalid!
https://www.simple-talk.com/blogs/2012/02/28/oh-no-my-paddings-invalid/
Please Note: Since web sites above are not hosted by Microsoft, links may change without notice. Microsoft does not guarantee the accuracy of this information.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, October 7, 2015 8:49 AM | 1 vote
Try this:
$password = (Get-Content $File)[0] | ConvertTo-SecureString -key $key
You only want one line. Early versions of PS may add a blank line which will cause this to happen. The fix should work in all versions.
\(ツ)_/
Wednesday, October 7, 2015 8:54 AM
Actually to work on all files you will need this:
$string=@(Get-Content $File)[0]
$password=ConvertTo-SecureString -key $key -String $string
This accounts for the case where the line in the file does not have a line terminator.
\(ツ)_/
Wednesday, October 7, 2015 8:55 AM
Hi,
but how come it would work if the $key that was generated is different in V4 and V5.
if i used a fixed $key then its working on both v4 and v5.
$key = 1..10 | get-random -Count 4 -SetSeed 12345
the above would return different values for v4 and v5. even with -setseed.
Regards,
Venu
Wednesday, October 7, 2015 9:05 AM
Hi jrv,Amy,
Thank you so much.. I would check this and let you know.
Regards,
Venu