[Nitro] two way crypt function
george.moschovitis at gmail.com
Sun Nov 11 06:09:34 EST 2007
My problem is that sometimes, for some stupid reason, the digest integrity
check fails for non altered cookies.
Ie you get AlteredCookie exceptions for now reason.
I really can't find the problem.
So I was thinking, I could just encrypt/decrypt the cookie with a fast 2 way
encryption method and
solve this once and for all.
On Nov 11, 2007 3:24 AM, Trans <transfire at gmail.com> wrote:
> On Nov 10, 5:23 pm, Timothy <interfe... at gmail.com> wrote:
> > HMAC is not appropriate for this! HMAC is for authentication over a
> > not for encryption.
> Currently authentication is all George is doing and that's what I was
> suggesting it for. Also, HMAC is a part of OpenSSL.
> I think if you go so far as to enrypt cookies, you should consider
> carefully if you should be using cookies to begin with. Also don't
> bother encrypting any cookie that doesn't really need to be. I
> couldn't care less if anyone finds out my shoe size ;)
> Nitro-general mailing list
> Nitro-general at rubyforge.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nitro-general