Garbage values when transfering a string from client to server

Question

This is my string in client:

<?xml version="1.0" encoding="UTF-8"?><samlp
:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsum
erServiceURL="http://172.16.32.160:8080/ration/consumer.jsp" ID="3dece98b-f89d-4
b59-b7ed-5f278aa56eb0" IssueInstant="2012-04-14T12:47:36" ProtocolBinding="urn:o
asis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" destination="http://172
.16.32.160:8080/ration/EFORMS/service1level1.html" level="level1"><saml:Issuer x
mlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://172.16.32.160:8080/rati
on/SProvider.jsp</saml:Issuer><samlp:NameIDPolicy AllowCreate="true" Format="urn
:oasis:names:tc:SAML:2.0:nameid-format:unspecified"/><samlp:RequestedAuthnContex
t Comparison="exact"/><saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:
SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTran
sport</saml:AuthnContextClassRef><Signature xmlns="http://www.w3.org/2000/09/xml
dsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/
xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rs
a-sha1"/><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2
000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http:
//www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>ZrvAtwVXohf0JrjGzWlBt9gt9SNESE
Id6lZuU4iOZkg=</DigestValue></Reference></SignedInfo><SignatureValue>M62OPXOZ8nR
zIDjFcTgBTnYSzZdrjwHL6p93wbpSYHZgBOUD4EZgt47GhtFAVU3oVga5VLt5yK+j
hBvEVtaj2/bKIvFfXDpnOuXKNlsKtdu140iMUMdxRvnMyh8enx77YhUlSl2VCQ0NnYnk3gs4H8QE
qmeorwXsthtjUMTKqAw=</SignatureValue></Signature></samlp:AuthnRequest>

I have encoded it using the foolwing code:

byte[] q3=Base64.encodeBase64(xmlString.getBytes("utf-8"));
        String xmlString1=new String(q3,"utf-8");

In the server I have used the following to decode first:

byte[] decoded = Base64.decodeBase64(result.getBytes("utf-8"));
                String result10=new String(decoded,"utf-8");

Result contains the following :

<?xml version="1.0" encoding="UTF-8"?><samlp:
AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsume
rServiceURL="http://172.16.32.160:8080/ration/consumer.jsp" ID="3dece98b-f89d-4b
59-b7ed-5f278aa56eb0" IssueInstant="2012-04-14T12:47:36" ProtocolBinding="urn:oa
sis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" destination="http://172.
16.32.160:8080/ration/EFORMS/service1level1.html" level="level1"><saml:Issuer xm
lns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://172.16.32.160:8080/ratio
n/SProvider.jsp</saml:Issuer><samlp:NameIDPolicy AllowCreate="true" Format="urn:
oasis:names:tc:SAML:2.0:nameid-format:unspecified"/☼∟?[[∟♫??\]Y\?↓Y►]]→←???↓►??\
↑\?\??H?^↑X??∟?[[♫?]]→←???↓^↔►?↑\??Y?▲←[←???[[☼H?\????\?\??[Y\?↑??SS♫???♫?\??\?→
[???\????\?\??[Y\?↑??SS♫???♫?X??↑\??\?↑\????¶∟??↓X?↓Y§∟?[??←?☼♂??[[♫?]]→←???↓^↔►
?↑\??Y??¶?Y?]↔\?H▲←[←??H?↔↔∟♫???????????♀♀♂?♫K?←[↓∟?Y???¶?Y?Y↕[???►?[??X?[→^?]→[
?Y]→►[↓??]→←OH?↔↔∟♫???????????♀♀K?L♂?←[♂Y^↑?X?M←????6?v?↨GW&T?WF??B♦▬?v?&?F???&?
GG♥???wwr?s2??&r?#♥♥☻?♥?????G6?r7'6↕?6?‼↕"???&VfW&V?6R♣U$??"#??G&▬?6f?&?3??G&▬?6
f?&?♦▬?v?&?F???&?GG♥???wwr?s2??&r?#♥♥☻?♥?????G6?r6V?fV??♠VB?6?v?↨GW&R"????G&▬?6f
?&?3??F?vW7D?WF??B♦▬?v?&?F???&?GG♥???wwr?s2??&r?#♥♥↕?♥B????V?276?‼#Sb"??◄?????Y?
???i??♣??Ya????)?↔?]?   ????M9§M§%??i?T?=i????◄?????Y?????I?????????M?????%???<S
ignatureValue>M62OPXOZ8nRzIDjFcTgBTnYSzZdrjwHL6p93wbpSYHZgBOUD4EZgt47GhtFAVU3oVg
a5VLt5yK+j
hBvEVtaj2/bKIvFfXDpnOuXKNlsKtdu140iMUMdxRvnMyh8enx77YhUlSl2VCQ0NnYnk3gs4H8QE
qmeorwXsthtjUMTKqAw=</SignatureValue></Signature></samlp:AuthnRequest><br>

As you can see thee is garbage value inserted in the middle part. But there are no characters there that are not there in the rest of the document. Why is that part alone having garbage value?
EDIT
I am sending the xmlString using the following code.

String reqString = "http://172.16.32.160:8080/saml/IDProvider"+"?SAMLRequest=" + xmlString1;

        resp.sendRedirect(reqString);

In the server I am using

String result=req.getParameter("SAMLRequest");
                byte[] decoded = Base64.decodeBase64(result.getBytes("utf-8"));
                String result10=new String(decoded,"utf-8");

Answer 1

In principle it is correct; you could also have done (as you know):

Sending:

byte[] q3=Base64.encodeBase64(xmlString.getBytes("utf-8"));
String xmlString1=new String(q3,"US-ASCII");

Receiving:

byte[] decoded = Base64.decodeBase64(result.getBytes("US-ASCII"));
String result10=new String(decoded,"utf-8");

I think it is the transferal: Base64 gives A-z0-9 and + and /. You probably have to replace + and /. Furthermore whitespace/newlines may be generated and have to be handled too. A space could become a + during the transfer.

A less likely error would be setting the content length in the header to the original size (6/8) instead of the encoded length.

You might see it yourself, if you look at the encoded result. Encode upto the correct content + one char.

Answer 2

You have left out an important part: the code where you send xmlString1 to the server, and where the server forms the result string.

That is probably where the problems lie. Certainly, that code will determine whether your encoding and decoding is appropriate / correct.