I am encrypting data into a cookie via FormsAuthentication.Encrypt(data) in a .Net 4.0 ASP.Net web application deployed on a development web farm. I have specified a machineKey attribute to hard-code the ValidationKey, DecryptionKey, and Decryption (algorithm).
Now, I am trying to decrypt that cookie using an application i built on my development workstation. I am able to get the cookie via Request.Cookies["CookieName"] but when I attempt to decrypt the value via FormsAuthentication.Decrypt(encCookie), I get the following error:
Unable to validate data. at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData) at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) at TuoVanitySite.Default.Page_Load(Object sender, EventArgs e) in c:\src\ets_2008\main\ebtDev\Sandboxes\rrozinov\TuoVanitySite\TuoVanitySite\Default.aspx.cs:line 22
Here is blurp from my web config (keys were removed):
<machineKey
validationKey="keyA"
decryptionKey="keyB"
decryption="3DES"
compatibilityMode="Framework20SP1"/>
Anyone has dealt with this situation where machineKey was not enough?