Beispiel #1
0
        /// <summary>
        /// Encodes the query string.
        /// </summary>
        /// <param name="queryString">The query string.</param>
        /// <returns></returns>
        public static String EncodeQueryString(String queryString)
        {
            if (!_active)
            {
                return(queryString);
            }
            var ms              = new MemoryStream();
            var crypto          = new RijndaelManaged();
            ICryptoTransform ct = crypto.CreateEncryptor(
                HexEncoding.GetBytes(Config.QueryStringEncryptionKey),
                HexEncoding.GetBytes(Config.InitializationVector));
            var cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);

            Byte[] rawQueryString = Encoding.ASCII.GetBytes(queryString);
            cs.Write(rawQueryString, 0, rawQueryString.Length);
            cs.Close();
            return("ck=" + HttpContext.Current.Server.UrlEncode(Convert.ToBase64String(ms.ToArray())));
        }
Beispiel #2
0
 /// <summary>
 /// Handles the BeginRequest event of the Application control.
 /// </summary>
 /// <param name="sender">The source of the event.</param>
 /// <param name="args">The <see cref="System.EventArgs"/> instance containing the event data.</param>
 public void Application_BeginRequest(object sender, EventArgs args)
 {
     if (HttpContext.Current.Request.QueryString["ck"] != null)
     {
         String           criptedQueryString = HttpContext.Current.Request.QueryString["ck"];
         Byte[]           rawQueryString     = Convert.FromBase64String(criptedQueryString);
         var              ms     = new MemoryStream();
         var              crypto = new RijndaelManaged();
         ICryptoTransform ct     = crypto.CreateDecryptor(
             HexEncoding.GetBytes(Config.QueryStringEncryptionKey),
             HexEncoding.GetBytes(Config.InitializationVector));
         var cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);
         cs.Write(rawQueryString, 0, rawQueryString.Length);
         cs.Close();
         String decryptedQueryString = Encoding.ASCII.GetString(ms.ToArray());
         HttpContext.Current.RewritePath(HttpContext.Current.Request.Path + "?" + decryptedQueryString);
     }
     else if (HttpContext.Current.Request.QueryString.Count > 0)
     {
         throw new SecurityException("Wrong querystring");
     }
 }
Beispiel #3
0
        /// <summary>
        /// Gets the machine key.
        /// </summary>
        /// <returns></returns>
        public static Byte[] GetMachineKey()
        {
            var section = (MachineKeySection)WebConfigurationManager.GetSection("system.web/machineKey");

            return(HexEncoding.GetBytes(section.DecryptionKey));
        }