Red Gate forums :: View topic - CryptographicException while signing assembly
Return to www.red-gate.com RSS Feed Available

Search  | Usergroups |  Profile |  Messages |  Log in  Register 
Go to product documentation
SmartAssembly 5
SmartAssembly 5 forum

CryptographicException while signing assembly

Search in SmartAssembly 5 forum
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.
Jump to:  
Author Message
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Thu Jun 24, 2010 11:13 pm    Post subject: CryptographicException while signing assembly Reply with quote

I do get a "System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed" while building a .{sa}proj file with SA5. The keyfile was a simple VS2008 generated .snk file without password.
Exception report was sent.

Building the same file with SA4.x works without problems, so it seems to be a bug in SA5.
Back to top
View user's profile Send private message MSN Messenger
Paul.Martin



Joined: 03 Feb 2010
Posts: 83
Location: Cambridgeshire

PostPosted: Fri Jun 25, 2010 11:03 am    Post subject: Reply with quote

Looking at the report it seems that SmartAssembly thinks that the strong name key does have a password for some unknown reason.

Try opening SmartAssembly and in the project settings page for your project, just re-browse for the strong name key file again. Hopefully this should fix it.
Back to top
View user's profile Send private message
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Fri Jun 25, 2010 2:26 pm    Post subject: Reply with quote

Did that. Getting the same error but this time right when selecting the key file. Error report sent.
Back to top
View user's profile Send private message MSN Messenger
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Fri Jun 25, 2010 2:36 pm    Post subject: Reply with quote

Ok, now I created a new key, directly in SA and got the same result at build time. Error report sent.
Back to top
View user's profile Send private message MSN Messenger
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Fri Jun 25, 2010 2:38 pm    Post subject: Reply with quote

Last try: created a password protected key file in VS2010, same problem when selecting the keyfile in SA. It doesnt even ask for the password.
Back to top
View user's profile Send private message MSN Messenger
Paul.Martin



Joined: 03 Feb 2010
Posts: 83
Location: Cambridgeshire

PostPosted: Fri Jun 25, 2010 2:39 pm    Post subject: Reply with quote

OK, can you try it the manual way.
If you open the .{sa}proj file in notepad or similar, under the "Options" section there will be a "StrongNameSigning" node.
If you remove the node completely and then re-open the project in SmartAssembly. It should now not be strong name signing, if you then specify a key, hopefully...
Back to top
View user's profile Send private message
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Fri Jun 25, 2010 2:45 pm    Post subject: Reply with quote

I just removed the Password= attribute from the sa project using the same keyfile without password. Works now.

Obviously there is something wrong with the password handling in SA5.
Back to top
View user's profile Send private message MSN Messenger
Paul.Martin



Joined: 03 Feb 2010
Posts: 83
Location: Cambridgeshire

PostPosted: Fri Jun 25, 2010 2:58 pm    Post subject: Reply with quote

There is one known issue with the stored encrypted passwords when you upgrade a project file from SmartAssembly 4 to 5.
Usually it can just be resolved by just re-selecting the Strong Name Key file.

The interesting thing in this case was that you were using a strong name key file without a password. Looking at the code I think what must have happened is that at some point you had used a password protected strong name key file on this project, and because the code only updates the encrypted password when the user specifies a new password (which you didn't need to do because the new key didn't need one) it was left there.
In which case yes removing the Password= attribute from the "StrongNameSigning" node will solve the issue.
Back to top
View user's profile Send private message
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Fri Jun 25, 2010 3:03 pm    Post subject: Reply with quote

Yes, you are right, at one point there was another keyfile with password used in the project, which changed using SA 4.x still. Funny though that SA4 does not complain about the password it left in the project file and doesnt try to use it.

Bad though that SA doesn't ignore/reset the password when you change the key file through the GUI, even worse, when you create a new one.
Back to top
View user's profile Send private message MSN Messenger
Paul.Martin



Joined: 03 Feb 2010
Posts: 83
Location: Cambridgeshire

PostPosted: Fri Jun 25, 2010 3:12 pm    Post subject: Reply with quote

I agree, I am in the middle of filing a bug report.
Back to top
View user's profile Send private message
Uniwares_AS



Joined: 11 Oct 2007
Posts: 132

PostPosted: Mon Jun 28, 2010 7:58 pm    Post subject: Reply with quote

I am back to this one but because of another reason. It seems to me that you have changed salt or encoding scheme of the passwords as they are stored in the project files.
When using an SA 4.x project file unaltered with SA 5.0, I am seeing the same error. Removing and adding the same keyfile with the same password solves the situation.
From what I have seen comparing old and new project file, only the password value if different, while having the same password on the keyfile.

If thats the case then you should issue a big no-no when upgrading, otherwise the user will fall into that trap.
Back to top
View user's profile Send private message MSN Messenger
Paul.Martin



Joined: 03 Feb 2010
Posts: 83
Location: Cambridgeshire

PostPosted: Tue Jun 29, 2010 12:55 am    Post subject: Reply with quote

Yes, that is why I suggested that workaround of reselecting the strong name key file as this refreshes the password.

Yes I know that it is a silly thing to have to do when upgrading projects, it is going to be formally documented in the update on Thursday.
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies. All times are GMT + 1 Hour
Page 1 of 1

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group