/// <summary> /// 反序列化 防伪数据 /// </summary> /// <param name="serializedTicket"></param> /// <returns></returns> internal static AntiForgeryData Deserializer(byte[] serializedTicket) { AntiForgeryData result; try { using (MemoryStream memoryStream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader(memoryStream)) { byte b = serializingBinaryReader.ReadByte(); if (b != 1) { result = null; } else { result = new AntiForgeryData { Salt = serializingBinaryReader.ReadBinaryString(), Value = serializingBinaryReader.ReadBinaryString(), CreationDate = new DateTime(serializingBinaryReader.ReadInt64()), Username = serializingBinaryReader.ReadBinaryString() }; } } } } catch { result = null; } return(result); }
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { FormsAuthenticationTicket ticket; try { using (MemoryStream stream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader reader = new SerializingBinaryReader(stream)) { int version; DateTime issueDate; DateTime expirationDate; if (reader.ReadByte() != 1) { return(null); } version = reader.ReadByte(); int issueDateTimestamp = reader.ReadInt32(); issueDate = DateTimeExtend.FromUnixTime(issueDateTimestamp); int expirationTimestamp = reader.ReadInt32(); expirationDate = DateTimeExtend.FromUnixTime(expirationTimestamp); bool isPersistent = reader.ReadByte() == 1; if (reader.ReadByte() != 0xfe) { return(null); } string name = reader.ReadBinaryString(); string userData = reader.ReadBinaryString(); string cookiePath = reader.ReadBinaryString(); if (reader.ReadByte() != 0xff) { return(null); } if (stream.Position != serializedTicketLength) { return(null); } ticket = new FormsAuthenticationTicket(version, name, issueDate, expirationDate, isPersistent, userData, cookiePath); } } } catch { ticket = null; } return(ticket); }
private FormsAuthenticationCookie ConvertToAuthenticationTicket(byte[] data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } using (var ticketBlobStream = new MemoryStream(data)) using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream)) { byte serializedFormatVersion = ticketReader.ReadByte(); if (serializedFormatVersion != 0x01) { throw new ArgumentException("The data is not in the correct format, first byte must be 0x01.", nameof(data)); } byte ticketVersion = ticketReader.ReadByte(); DateTime ticketIssueDateUtc = new DateTime(ticketReader.ReadInt64(), DateTimeKind.Utc); byte spacer = ticketReader.ReadByte(); if (spacer != 0xFE) { throw new ArgumentException("The data is not in the correct format, tenth byte must be 0xFE.", nameof(data)); } DateTime ticketExpirationDateUtc = new DateTime(ticketReader.ReadInt64(), DateTimeKind.Utc); bool ticketIsPersistent = ticketReader.ReadByte() == 1; string ticketName = ticketReader.ReadBinaryString(); string ticketUserData = ticketReader.ReadBinaryString(); string ticketCookiePath = ticketReader.ReadBinaryString(); byte footer = ticketReader.ReadByte(); if (footer != 0xFF) { throw new ArgumentException("The data is not in the correct format, footer byte must be 0xFF.", nameof(data)); } //create ticket return(new FormsAuthenticationCookie() { Version = ticketVersion, UserName = ticketName, UserData = ticketUserData, CookiePath = ticketCookiePath, IsPersistent = ticketIsPersistent, IssuedUtc = ticketIssueDateUtc, ExpiresUtc = ticketExpirationDateUtc }); } }
public static AuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { try { using (MemoryStream memoryStream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader((Stream)memoryStream)) { if ((int)serializingBinaryReader.ReadByte() != 1) { return(null); } int version = (int)serializingBinaryReader.ReadByte(); DateTime issueDateUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc); if ((int)serializingBinaryReader.ReadByte() != 254) { return(null); } DateTime expirationUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc); string name = serializingBinaryReader.ReadBinaryString(); int userDataLength = serializingBinaryReader.ReadInt32(); byte[] userBinary = serializingBinaryReader.ReadBytes(userDataLength); User user = null; try { user = userBinary.BinaryDeserialize <User>(); } catch { return(null); } if ((int)serializingBinaryReader.ReadByte() != (int)byte.MaxValue || memoryStream.Position != (long)serializedTicketLength) { return(null); } else { return(new AuthenticationTicket(name, version, issueDateUtc, expirationUtc, user)); } } } } catch { return(null); } }
public static AuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { try { using (MemoryStream memoryStream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader((Stream)memoryStream)) { if ((int)serializingBinaryReader.ReadByte() != 1) return null; int version = (int)serializingBinaryReader.ReadByte(); DateTime issueDateUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc); if ((int)serializingBinaryReader.ReadByte() != 254) return null; DateTime expirationUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc); string name = serializingBinaryReader.ReadBinaryString(); int userDataLength = serializingBinaryReader.ReadInt32(); byte[] userBinary = serializingBinaryReader.ReadBytes(userDataLength); User user = null; try { user = userBinary.BinaryDeserialize<User>(); } catch { return null; } if ((int)serializingBinaryReader.ReadByte() != (int)byte.MaxValue || memoryStream.Position != (long)serializedTicketLength) return null; else return new AuthenticationTicket(name, version, issueDateUtc, expirationUtc, user); } } } catch { return null; } }
// Methods public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { FormsAuthenticationTicket ticket; try { using (MemoryStream stream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader reader = new SerializingBinaryReader(stream)) { int num2; DateTime time; DateTime time2; bool flag; string str; if (reader.ReadByte() == 1) { num2 = reader.ReadByte(); long ticks = reader.ReadInt64(); time = new DateTime(ticks, DateTimeKind.Utc); time.ToLocalTime(); if (reader.ReadByte() != 0xfe) { return(null); } long num5 = reader.ReadInt64(); time2 = new DateTime(num5, DateTimeKind.Utc); time2.ToLocalTime(); switch (reader.ReadByte()) { case 0: flag = false; goto Label_00A1; case 1: flag = true; goto Label_00A1; } } return(null); Label_00A1: str = reader.ReadBinaryString(); string userData = reader.ReadBinaryString(); string cookiePath = reader.ReadBinaryString(); if (reader.ReadByte() != 0xff) { return(null); } if (stream.Position != serializedTicketLength) { return(null); } ticket = new FormsAuthenticationTicket(num2, str, time.ToLocalTime(), time2.ToLocalTime(), flag, userData, cookiePath); } } } catch { ticket = null; } return(ticket); }
// Resurrects a FormsAuthenticationTicket from its serialized blob representation. // The input blob must be unsigned and unencrypted. This function returns null if // the serialized ticket format is invalid. The caller must also verify that the // ticket is still valid, as this method doesn't check expiration. public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { try { using (MemoryStream ticketBlobStream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream)) { // Step 1: Read the serialized format version number from the stream. // Currently the only supported format is 0x01. // LENGTH: 1 byte byte serializedFormatVersion = ticketReader.ReadByte(); if (serializedFormatVersion != CURRENT_TICKET_SERIALIZED_VERSION) { return null; // unexpected value } // Step 2: Read the ticket version number from the stream. // LENGTH: 1 byte int ticketVersion = ticketReader.ReadByte(); // Step 3: Read the ticket issue date from the stream. // LENGTH: 8 bytes long ticketIssueDateUtcTicks = ticketReader.ReadInt64(); DateTime ticketIssueDateUtc = new DateTime(ticketIssueDateUtcTicks, DateTimeKind.Utc); DateTime ticketIssueDateLocal = ticketIssueDateUtc.ToLocalTime(); // Step 4: Read the spacer from the stream. // LENGTH: 1 byte byte spacer = ticketReader.ReadByte(); if (spacer != 0xfe) { return null; // unexpected value } // Step 5: Read the ticket expiration date from the stream. // LENGTH: 8 bytes long ticketExpirationDateUtcTicks = ticketReader.ReadInt64(); DateTime ticketExpirationDateUtc = new DateTime(ticketExpirationDateUtcTicks, DateTimeKind.Utc); DateTime ticketExpirationDateLocal = ticketExpirationDateUtc.ToLocalTime(); // Step 6: Read the ticket persistence field from the stream. // LENGTH: 1 byte byte ticketPersistenceFieldValue = ticketReader.ReadByte(); bool ticketIsPersistent; switch (ticketPersistenceFieldValue) { case 0: ticketIsPersistent = false; break; case 1: ticketIsPersistent = true; break; default: return null; // unexpected value } // Step 7: Read the ticket username from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketName = ticketReader.ReadBinaryString(); // Step 8: Read the ticket custom data from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketUserData = ticketReader.ReadBinaryString(); // Step 9: Read the ticket cookie path from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketCookiePath = ticketReader.ReadBinaryString(); // Step 10: Read the footer from the stream. // LENGTH: 1 byte byte footer = ticketReader.ReadByte(); if (footer != 0xff) { return null; // unexpected value } // Step 11: Verify that we have consumed the entire payload. // We don't expect there to be any more information after the footer. // The caller is responsible for telling us when the actual payload // is finished, as he may have handed us a byte array that contains // the payload plus signature as an optimization, and we don't want // to misinterpet the signature as a continuation of the payload. if (ticketBlobStream.Position != serializedTicketLength) { return null; } // Success. return FormsAuthenticationTicket.FromUtc( ticketVersion /* version */, ticketName /* name */, ticketIssueDateUtc /* issueDateUtc */, ticketExpirationDateUtc /* expirationUtc */, ticketIsPersistent /* isPersistent */, ticketUserData /* userData */, ticketCookiePath /* cookiePath */); } } } catch { // If anything goes wrong while parsing the token, just treat the token as invalid. return null; } }
// Resurrects a FormsAuthenticationTicket from its serialized blob representation. // The input blob must be unsigned and unencrypted. This function returns null if // the serialized ticket format is invalid. The caller must also verify that the // ticket is still valid, as this method doesn't check expiration. public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { try { using (MemoryStream ticketBlobStream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream)) { // Step 1: Read the serialized format version number from the stream. // Currently the only supported format is 0x01. // LENGTH: 1 byte byte serializedFormatVersion = ticketReader.ReadByte(); if (serializedFormatVersion != CURRENT_TICKET_SERIALIZED_VERSION) { return(null); // unexpected value } // Step 2: Read the ticket version number from the stream. // LENGTH: 1 byte int ticketVersion = ticketReader.ReadByte(); // Step 3: Read the ticket issue date from the stream. // LENGTH: 8 bytes long ticketIssueDateUtcTicks = ticketReader.ReadInt64(); DateTime ticketIssueDateUtc = new DateTime(ticketIssueDateUtcTicks, DateTimeKind.Utc); DateTime ticketIssueDateLocal = ticketIssueDateUtc.ToLocalTime(); // Step 4: Read the spacer from the stream. // LENGTH: 1 byte byte spacer = ticketReader.ReadByte(); if (spacer != 0xfe) { return(null); // unexpected value } // Step 5: Read the ticket expiration date from the stream. // LENGTH: 8 bytes long ticketExpirationDateUtcTicks = ticketReader.ReadInt64(); DateTime ticketExpirationDateUtc = new DateTime(ticketExpirationDateUtcTicks, DateTimeKind.Utc); DateTime ticketExpirationDateLocal = ticketExpirationDateUtc.ToLocalTime(); // Step 6: Read the ticket persistence field from the stream. // LENGTH: 1 byte byte ticketPersistenceFieldValue = ticketReader.ReadByte(); bool ticketIsPersistent; switch (ticketPersistenceFieldValue) { case 0: ticketIsPersistent = false; break; case 1: ticketIsPersistent = true; break; default: return(null); // unexpected value } // Step 7: Read the ticket username from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketName = ticketReader.ReadBinaryString(); // Step 8: Read the ticket custom data from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketUserData = ticketReader.ReadBinaryString(); // Step 9: Read the ticket cookie path from the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) string ticketCookiePath = ticketReader.ReadBinaryString(); // Step 10: Read the footer from the stream. // LENGTH: 1 byte byte footer = ticketReader.ReadByte(); if (footer != 0xff) { return(null); // unexpected value } // Step 11: Verify that we have consumed the entire payload. // We don't expect there to be any more information after the footer. // The caller is responsible for telling us when the actual payload // is finished, as he may have handed us a byte array that contains // the payload plus signature as an optimization, and we don't want // to misinterpet the signature as a continuation of the payload. if (ticketBlobStream.Position != serializedTicketLength) { return(null); } // Success. return(FormsAuthenticationTicket.FromUtc( ticketVersion /* version */, ticketName /* name */, ticketIssueDateUtc /* issueDateUtc */, ticketExpirationDateUtc /* expirationUtc */, ticketIsPersistent /* isPersistent */, ticketUserData /* userData */, ticketCookiePath /* cookiePath */)); } } } catch { // If anything goes wrong while parsing the token, just treat the token as invalid. return(null); } }
public FormsAuthenticationCookie Unprotect(string encryptedTicket) { var config = ConfigOptions.Value; switch (config.FormsCompatibilityMode) { case FormsCompatibilityModes.Framework20SP1: break; default: throw new UnexpectedSwitchValueException(config.FormsCompatibilityMode); } int hashSize; switch (config.HashAlgorithm) { case LegacyFormsAuthenticationHashAlgorithms.SHA1: hashSize = SHA1_HASH_SIZE; break; default: throw new UnexpectedSwitchValueException(config.HashAlgorithm); } SymmetricAlgorithm decryptAlgorithm; switch (config.CryptographyAlgorithm) { case LegacyFormsAuthenticationCryptographyAlgorithms.AES: decryptAlgorithm = Aes.Create(); break; case LegacyFormsAuthenticationCryptographyAlgorithms.TripleDES: decryptAlgorithm = TripleDES.Create(); break; default: throw new UnexpectedSwitchValueException(config.CryptographyAlgorithm); } ; decryptAlgorithm.Key = HexToBinary(config.DecryptionKey); decryptAlgorithm.GenerateIV(); decryptAlgorithm.IV = new byte[decryptAlgorithm.IV.Length]; var ivLengthDecryption = (decryptAlgorithm.KeySize / 8) + (((decryptAlgorithm.KeySize & 7) != 0) ? 1 : 0); var bBlob = HexToBinary(encryptedTicket); var buf = GetUnHashedData(bBlob, hashSize, config.HashValidationKey); byte[] paddedData; using (var st = new MemoryStream()) { using (var cryptoTransform = decryptAlgorithm.CreateDecryptor()) { using (var cs = new CryptoStream(st, cryptoTransform, CryptoStreamMode.Write)) { cs.Write(buf, 0, buf.Length); cs.FlushFinalBlock(); paddedData = st.ToArray(); } } } // strip IV var bDataLength = paddedData.Length - ivLengthDecryption; var bData = new byte[bDataLength]; Buffer.BlockCopy(paddedData, ivLengthDecryption, bData, 0, bDataLength); using (var st = new MemoryStream(bData)) { using (var reader = new SerializingBinaryReader(st)) { var c = new FormsAuthenticationCookie(); var formatVersion = reader.ReadByte(); var version = reader.ReadByte(); var utcTicks = reader.ReadInt64(); c.Issued = new DateTimeOffset(new DateTime(utcTicks, DateTimeKind.Utc)); var spacer = reader.ReadByte(); var expireDateTicks = reader.ReadInt64(); c.Expires = new DateTimeOffset(new DateTime(expireDateTicks, DateTimeKind.Utc)); var persistenceField = reader.ReadByte(); c.UserName = reader.ReadString(); c.UserData = reader.ReadString(); c.CookiePath = reader.ReadString(); var footer = reader.ReadByte(); return(c); } } }
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) { FormsAuthenticationTicket ticket; try { using (MemoryStream stream = new MemoryStream(serializedTicket)) { using (SerializingBinaryReader reader = new SerializingBinaryReader(stream)) { int num2; DateTime time; DateTime time2; bool flag; string str; if (reader.ReadByte() == 1) { num2 = reader.ReadByte(); long ticks = reader.ReadInt64(); time = new DateTime(ticks, DateTimeKind.Utc); time.ToLocalTime(); if (reader.ReadByte() != 0xfe) { return null; } long num5 = reader.ReadInt64(); time2 = new DateTime(num5, DateTimeKind.Utc); time2.ToLocalTime(); switch (reader.ReadByte()) { case 0: flag = false; goto Label_00A1; case 1: flag = true; goto Label_00A1; } } return null; Label_00A1: str = reader.ReadBinaryString(); string userData = reader.ReadBinaryString(); string cookiePath = reader.ReadBinaryString(); if (reader.ReadByte() != 0xff) { return null; } if (stream.Position != serializedTicketLength) { return null; } ticket = FormsAuthenticationTicket.FromUtc(num2, str, time, time2, flag, userData, cookiePath); } } } catch { ticket = null; } return ticket; }