Invalid padding on ASP 2.0 cookie, MVC looks ok
Posted
by brian b
on Stack Overflow
See other posts from Stack Overflow
or by brian b
Published on 2010-04-05T15:35:24Z
Indexed on
2010/04/05
16:53 UTC
Read the original article
Hit count: 530
We have a cookie management library that writes a cookie containing some sensitive information, encrypted with Rijndael. The cookie encrypts and decrypts fine in unit tests (using Moq), works fine for MVC web applications, but when called from an ASP.net 2.0 website, the cookie cannot be decrypted. "Padding is invalid and cannot be removed."
We are sure that the cookie value is valid because we tested it 10,000 times with random data in a unit test. There is something about what ASP.NET 2.0 does when it reads and writes the cookie that causes trouble.
There has to be a gotcha. Any suggestions?
© Stack Overflow or respective owner