in reply to Base64 Encoding

This part of the code looks correct. You construct $encode much too big, but substr() corrects that

You didn't show the rest of your code, it might be that the problem is there. It might be that the problem is on the other side on the server

I would suggest you try to test your code with a really short $user_string and a short key, so that you can calculate everything by hand and compare that with what your script does.

You do know that the encryption you are using is horribly weak?

Replies are listed 'Best First'.
Re^2: Base64 Encoding
by mikemc24 (Novice) on Feb 19, 2011 at 06:04 UTC

    That is all the code, $base_encoded and $base_key are whet is sent to to the remote server

    The $key has to be 16 chars long. So I reduced the $user_string and whatever I reduce it to after the base64 encoding the remote server produces additional characters

    Is there another way to base64 encode.

[reply]

      That is not all the code. You don't show how you send it to the server, and you didn't show the code on the server. We can't tell what you actually sent, and if you sent the correct string, we can't tell you where the algorithm on the client differs from the one on the server if we only see one.

      We may also be able to deduce the difference if we knew the exact output of the server's decode. (The "additional characters" you mentioned.)

[reply]

        The remote server returns

        Form decoded the Crypt field as follows.
VendorTxCode=1298062774&Amount=43.01&Currency=GBP&Description=Goods&Su
+ccessURL=http://www.h
appy.com/success.html&FailureURL=http://www.unhappy.com/failure.html&B
+illingSurname=Blo
ggs&BillingFirstnames=Fred&BillingAddress1=30 Peyton
Place&BillingCity=Somewhere&BillingPostCode=AB1
2CD&BillingCountry=UK&DeliverySurname=Bloggs&DeliveryFirstnames=Bill&D
+eliveryAddress1=30
Peyton Place&DeliveryCity=Somewhere&DeliveryPostCode=AB1
2CD&DeliveryCountry=UK6 U

        [download]

        And on the last field DeliveryCountry=UK6UK3EåÆÿðyë

[reply]
[d/l]
        The remote server returns 
        Form decoded the Crypt field as follows.
VendorTxCode=1298062774&Amount=43.01&Currency=GBP&Description=Goods&Su
+ccessURL=http://www.h
appy.com/success.html&FailureURL=http://www.unhappy.com/failure.html&B
+illingSurname=Blo
ggs&BillingFirstnames=Fred&BillingAddress1=30 Peyton
Place&BillingCity=Somewhere&BillingPostCode=AB1
2CD&BillingCountry=UK&DeliverySurname=Bloggs&DeliveryFirstnames=Bill&D
+eliveryAddress1=30
Peyton Place&DeliveryCity=Somewhere&DeliveryPostCode=AB1
2CD&DeliveryCountry=UK6 U

        [download]

        And on the last field DeliveryCountry:

        UK6UK3EåÆÿðyë
[reply]
[d/l]
[select]

      To state the obvious, this can't be all the code, there must be code where the data is sent to the server. Why should that necessarily be error free? What about the remote server, is there some convincing evidence that that code is correct?

      Since you also encode the key, do you send the key as well? Maybe you appended it wrongly (or just the wrong way) and that gets sent back as additional characters. I notice that the number of additional characters is about what you would expect if you got sent back the base64_decoded cleartext password. But the characters themselves don't look like base64_decoded, so my guess is probably wrong, but might give you a hint in the right direction

      PS: AFAIK MIME::Base64 is a very old and well-tested module, the chance to find the bug there are pretty slim

[reply]

        What a plonker I am, Jethro is correct, I have been including the key in the form transmission when it was nor necessary.

        Thanks to all that responded to my initial query.

[reply]

In Section Seekers of Perl Wisdom