Name : ConsoleHost
Version : 5.0.10105.0
PS C:\Users\Administrator> ConvertTo-SecureString -key $key -String $password
ConvertTo-SecureString : Padding is invalid and cannot be removed.
At line:1 char:1
ConvertTo-SecureString -key $key -String $password
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecure
No issues with earlier version of powershell. ( works fine on version 4 )
Requesting help in this regards,
$file = “c:\securefile”
$key = 1…32 | Get-Random -Count 16 -SetSeed 654321
$password = Get-Content $File | ConvertTo-SecureString -key $key
need some directions to fix this.
just to add,
Example 11 says
Commands with the same seed are not random.
I got 2 different set of output for $key for version 4 and version 5.
October 5, 2015, 10:36pm
Looks like something changed in Get-Random between those PS versions. Since you’re essentially hard-coding your key either way, it would probably be safer just to save it that way, and avoid the problem.
$key = [Convert]::FromBase64String('CwUCCg4QGxITESAJGQgBFw==')
To get that key, I ran these commands in PowerShell v2:
$bytes = 1..32 | Get-Random -Count 16 -SetSeed 654321
October 5, 2015, 10:38pm
On a side note, this doesn’t really add any security, since anyone can retrieve your key using the same PowerShell commands. I did a talk on this subject at the PowerShell summit which might interest you:
Keeping Secrets - YouTube
Thank you… i’ve already seen your talk on crypto and it had helped me a lot , this is the type 1 , the script executes and it gets deleted and it happens even before the server is ready.
for now, i’ve hard-coded the working key… waiting to know what has changed in get-random even though there is a work around …
Thank you once again…
The only change I see.
Beginning in Windows PowerShell 3.0, Get-Random supports 64-bit integers. In Windows PowerShell 2.0, all values are cast to System.Int32