Problem with decrypt/encrypt

[stuckish]

Im trying to encrypt a string in asp.net. Post the encrypted string
thru a form. Recive the encrypted string on a classic asp page and
decrypt it there.

I get a error saying "Padding is invalid and cannot be removed". It
works perfect on my localhost (running XP SP2) but i get that error on
my Windows 2000 server.

Anyone have any idea why this happens? I guess something strange is
happen when i post the form. But i have checked the strings that is
sent and they look the same. But mabye it can have something to do with
the page in some way? Well .. give me some ideas

Br, Ola

 

[S. Justin Gengo]

Stuckish,

..NET has a request validator built into it that stops a post with illegal
characters in it. Does the encrypted string contain any characters that
would be considered illegal by .NET?

To turn off request validation for a page place validateRequest=false in the
page directive like this:

<%@ Page Language="vb" validateRequest=false AutoEventWireup="false"
Codebehind="default.aspx.vb" Inherits="AboutFortunate._default1"
smartNavigation="True"%>

I'm not positive if this will solve your problem, but it's something to try.
If it does work be careful though. You should really validate the
information being sent to your form yourself if you have removed the built
in validation.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche

 

[Peter Rilling]

If he is posting to a legacy ASP page, then validation would not be an
issue.

The error makes it sound like you are encrypting it using a different
algorithm then you are decrypting it with. Make sure the algorithms are the
same and that the key and key lengths are the same.

What component on legacy ASP are you using to decrypt?

 

[S. Justin Gengo]

Oops. Missed that. Thanks for catching that Peter.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche

 

[stuckish]

No, the validation is not the issue.

I use my own decrypt/encrypt dotnet component both from ASP and ASP.NET
(built with help from this article
http://www.dotnetthis.com/Articles/Crypto.htm). And it works fine to
encrypt and decrypt if i use .net "on both sides". Although i haven't
tried to post it with a form an decrypt it on the other side (with
asp.net).

The strange thing is that it works on my localhost but not on my
server. I can't say thou that im 100% sure that i use the exact same
version of my decrypt/encrypt component on my server. But i cant
remeber that i have changed it. And i cant update it now because it is
looked by my server and i dont want to do a iisreset right now.

I guess i have to try some more the next time i should reboot the
server ..