Invalid padding on ASP 2.0 cookie, MVC looks ok

Posted by brian b on Stack Overflow See other posts from Stack Overflow or by brian b
Published on 2010-04-05T15:35:24Z Indexed on 2010/04/05 16:53 UTC
Read the original article Hit count: 530

Filed under:
|
|
|
|

We have a cookie management library that writes a cookie containing some sensitive information, encrypted with Rijndael. The cookie encrypts and decrypts fine in unit tests (using Moq), works fine for MVC web applications, but when called from an ASP.net 2.0 website, the cookie cannot be decrypted. "Padding is invalid and cannot be removed."

We are sure that the cookie value is valid because we tested it 10,000 times with random data in a unit test. There is something about what ASP.NET 2.0 does when it reads and writes the cookie that causes trouble.

There has to be a gotcha. Any suggestions?

© Stack Overflow or respective owner

Related posts about mvc

Related posts about asp.net-mvc