locked
System.Security.Cryptography.CryptographicException: Key not valid for use in specified state. RRS feed

  • Question

  • User1888916800 posted

    I have developed a C# web application using Developer Studio 2010.  It works fine when I launch from the Developer Studio IDE.  The site also deploys as a standalone IIS web application that serves up fine.  However, the following error occurs when a call is made to Encoding.Unicode.GetString:

    [CryptographicException: Key not valid for use in specified state.
    ]
    System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope) +397
    CMS_Web.CUserDB.Decrypt(String text) in D:\<path_here>\<class_name>.cs:23
    CMS_Web.CUserDB.AuthenticateUser(String strUserID, String strPass) in D:\<path_here>\<class_name>.cs:279
    CMS_Web._Default.AuthenticateUser(String strUserName, String strPassword) in D:\<path_here>\Default.aspx.cs:46
    ASP.default_aspx.btnLogin_OnClick(Object sender, EventArgs e) in c:\inetpub\wwwroot\cms\Default.aspx:23
    System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +155
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3804

    This is occurring on 64-bit Windows 8.1 and Server 2012.  I have read various forums and tried multiple solutions to no avail.  Any assistance is appreciated.

    Tuesday, June 2, 2015 2:12 AM

Answers

  • User-166373564 posted

    Hi ShaneBurke,

    Welcome to asp.net forum.

    CryptographicException: Key not valid for use in specified state.

    According to the error message above, this issue is related to the authentication token cookie. Check whether the identity has sufficient permission.

    With regards,

    Angie

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 5, 2015 5:01 AM

All replies

  • User-166373564 posted

    Hi ShaneBurke,

    Welcome to asp.net forum.

    CryptographicException: Key not valid for use in specified state.

    According to the error message above, this issue is related to the authentication token cookie. Check whether the identity has sufficient permission.

    With regards,

    Angie

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 5, 2015 5:01 AM
  • User1888916800 posted

    Thanks for responding.  I'm not clear on this answer.  The encode and decode conversions are intrinsic to System.Security.Cryptography.  I don't see a user-specific cookie or token when I publish the web application.  The key is generated behind-the-scenes on my development PC.  Is there a way to export the key for use on target systems?

    Monday, July 20, 2015 3:51 PM