/// <summary>
/// 反序列化 防伪数据
/// </summary>
/// <param name="serializedTicket"></param>
/// <returns></returns>
internal static AntiForgeryData Deserializer(byte[] serializedTicket)
{
AntiForgeryData result;
try
{
using (MemoryStream memoryStream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader(memoryStream))
{
byte b = serializingBinaryReader.ReadByte();
if (b != 1)
{
result = null;
}
else
{
result = new AntiForgeryData
{
Salt = serializingBinaryReader.ReadBinaryString(),
Value = serializingBinaryReader.ReadBinaryString(),
CreationDate = new DateTime(serializingBinaryReader.ReadInt64()),
Username = serializingBinaryReader.ReadBinaryString()
};
}
}
}
}
catch
{
result = null;
}
return(result);
}
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
FormsAuthenticationTicket ticket;
try
{
using (MemoryStream stream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader reader = new SerializingBinaryReader(stream))
{
int version;
DateTime issueDate;
DateTime expirationDate;
if (reader.ReadByte() != 1)
{
return(null);
}
version = reader.ReadByte();
int issueDateTimestamp = reader.ReadInt32();
issueDate = DateTimeExtend.FromUnixTime(issueDateTimestamp);
int expirationTimestamp = reader.ReadInt32();
expirationDate = DateTimeExtend.FromUnixTime(expirationTimestamp);
bool isPersistent = reader.ReadByte() == 1;
if (reader.ReadByte() != 0xfe)
{
return(null);
}
string name = reader.ReadBinaryString();
string userData = reader.ReadBinaryString();
string cookiePath = reader.ReadBinaryString();
if (reader.ReadByte() != 0xff)
{
return(null);
}
if (stream.Position != serializedTicketLength)
{
return(null);
}
ticket = new FormsAuthenticationTicket(version, name, issueDate, expirationDate, isPersistent, userData, cookiePath);
}
}
}
catch
{
ticket = null;
}
return(ticket);
}
private FormsAuthenticationCookie ConvertToAuthenticationTicket(byte[] data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
using (var ticketBlobStream = new MemoryStream(data))
using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream))
{
byte serializedFormatVersion = ticketReader.ReadByte();
if (serializedFormatVersion != 0x01)
{
throw new ArgumentException("The data is not in the correct format, first byte must be 0x01.", nameof(data));
}
byte ticketVersion = ticketReader.ReadByte();
DateTime ticketIssueDateUtc = new DateTime(ticketReader.ReadInt64(), DateTimeKind.Utc);
byte spacer = ticketReader.ReadByte();
if (spacer != 0xFE)
{
throw new ArgumentException("The data is not in the correct format, tenth byte must be 0xFE.", nameof(data));
}
DateTime ticketExpirationDateUtc = new DateTime(ticketReader.ReadInt64(), DateTimeKind.Utc);
bool ticketIsPersistent = ticketReader.ReadByte() == 1;
string ticketName = ticketReader.ReadBinaryString();
string ticketUserData = ticketReader.ReadBinaryString();
string ticketCookiePath = ticketReader.ReadBinaryString();
byte footer = ticketReader.ReadByte();
if (footer != 0xFF)
{
throw new ArgumentException("The data is not in the correct format, footer byte must be 0xFF.", nameof(data));
}
//create ticket
return(new FormsAuthenticationCookie()
{
Version = ticketVersion,
UserName = ticketName,
UserData = ticketUserData,
CookiePath = ticketCookiePath,
IsPersistent = ticketIsPersistent,
IssuedUtc = ticketIssueDateUtc,
ExpiresUtc = ticketExpirationDateUtc
});
}
}
public static AuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
try
{
using (MemoryStream memoryStream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader((Stream)memoryStream))
{
if ((int)serializingBinaryReader.ReadByte() != 1)
{
return(null);
}
int version = (int)serializingBinaryReader.ReadByte();
DateTime issueDateUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc);
if ((int)serializingBinaryReader.ReadByte() != 254)
{
return(null);
}
DateTime expirationUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc);
string name = serializingBinaryReader.ReadBinaryString();
int userDataLength = serializingBinaryReader.ReadInt32();
byte[] userBinary = serializingBinaryReader.ReadBytes(userDataLength);
User user = null;
try
{
user = userBinary.BinaryDeserialize <User>();
}
catch
{
return(null);
}
if ((int)serializingBinaryReader.ReadByte() != (int)byte.MaxValue || memoryStream.Position != (long)serializedTicketLength)
{
return(null);
}
else
{
return(new AuthenticationTicket(name, version, issueDateUtc, expirationUtc, user));
}
}
}
}
catch
{
return(null);
}
}
public static AuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
try
{
using (MemoryStream memoryStream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader serializingBinaryReader = new SerializingBinaryReader((Stream)memoryStream))
{
if ((int)serializingBinaryReader.ReadByte() != 1)
return null;
int version = (int)serializingBinaryReader.ReadByte();
DateTime issueDateUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc);
if ((int)serializingBinaryReader.ReadByte() != 254)
return null;
DateTime expirationUtc = new DateTime(serializingBinaryReader.ReadInt64(), DateTimeKind.Utc);
string name = serializingBinaryReader.ReadBinaryString();
int userDataLength = serializingBinaryReader.ReadInt32();
byte[] userBinary = serializingBinaryReader.ReadBytes(userDataLength);
User user = null;
try
{
user = userBinary.BinaryDeserialize<User>();
}
catch
{
return null;
}
if ((int)serializingBinaryReader.ReadByte() != (int)byte.MaxValue || memoryStream.Position != (long)serializedTicketLength)
return null;
else
return new AuthenticationTicket(name, version, issueDateUtc, expirationUtc, user);
}
}
}
catch
{
return null;
}
}
// Methods
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
FormsAuthenticationTicket ticket;
try
{
using (MemoryStream stream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader reader = new SerializingBinaryReader(stream))
{
int num2;
DateTime time;
DateTime time2;
bool flag;
string str;
if (reader.ReadByte() == 1)
{
num2 = reader.ReadByte();
long ticks = reader.ReadInt64();
time = new DateTime(ticks, DateTimeKind.Utc);
time.ToLocalTime();
if (reader.ReadByte() != 0xfe)
{
return(null);
}
long num5 = reader.ReadInt64();
time2 = new DateTime(num5, DateTimeKind.Utc);
time2.ToLocalTime();
switch (reader.ReadByte())
{
case 0:
flag = false;
goto Label_00A1;
case 1:
flag = true;
goto Label_00A1;
}
}
return(null);
Label_00A1:
str = reader.ReadBinaryString();
string userData = reader.ReadBinaryString();
string cookiePath = reader.ReadBinaryString();
if (reader.ReadByte() != 0xff)
{
return(null);
}
if (stream.Position != serializedTicketLength)
{
return(null);
}
ticket = new FormsAuthenticationTicket(num2, str, time.ToLocalTime(), time2.ToLocalTime(), flag, userData, cookiePath);
}
}
}
catch
{
ticket = null;
}
return(ticket);
}
// Resurrects a FormsAuthenticationTicket from its serialized blob representation.
// The input blob must be unsigned and unencrypted. This function returns null if
// the serialized ticket format is invalid. The caller must also verify that the
// ticket is still valid, as this method doesn't check expiration.
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength) {
try {
using (MemoryStream ticketBlobStream = new MemoryStream(serializedTicket)) {
using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream)) {
// Step 1: Read the serialized format version number from the stream.
// Currently the only supported format is 0x01.
// LENGTH: 1 byte
byte serializedFormatVersion = ticketReader.ReadByte();
if (serializedFormatVersion != CURRENT_TICKET_SERIALIZED_VERSION) {
return null; // unexpected value
}
// Step 2: Read the ticket version number from the stream.
// LENGTH: 1 byte
int ticketVersion = ticketReader.ReadByte();
// Step 3: Read the ticket issue date from the stream.
// LENGTH: 8 bytes
long ticketIssueDateUtcTicks = ticketReader.ReadInt64();
DateTime ticketIssueDateUtc = new DateTime(ticketIssueDateUtcTicks, DateTimeKind.Utc);
DateTime ticketIssueDateLocal = ticketIssueDateUtc.ToLocalTime();
// Step 4: Read the spacer from the stream.
// LENGTH: 1 byte
byte spacer = ticketReader.ReadByte();
if (spacer != 0xfe) {
return null; // unexpected value
}
// Step 5: Read the ticket expiration date from the stream.
// LENGTH: 8 bytes
long ticketExpirationDateUtcTicks = ticketReader.ReadInt64();
DateTime ticketExpirationDateUtc = new DateTime(ticketExpirationDateUtcTicks, DateTimeKind.Utc);
DateTime ticketExpirationDateLocal = ticketExpirationDateUtc.ToLocalTime();
// Step 6: Read the ticket persistence field from the stream.
// LENGTH: 1 byte
byte ticketPersistenceFieldValue = ticketReader.ReadByte();
bool ticketIsPersistent;
switch (ticketPersistenceFieldValue) {
case 0:
ticketIsPersistent = false;
break;
case 1:
ticketIsPersistent = true;
break;
default:
return null; // unexpected value
}
// Step 7: Read the ticket username from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketName = ticketReader.ReadBinaryString();
// Step 8: Read the ticket custom data from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketUserData = ticketReader.ReadBinaryString();
// Step 9: Read the ticket cookie path from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketCookiePath = ticketReader.ReadBinaryString();
// Step 10: Read the footer from the stream.
// LENGTH: 1 byte
byte footer = ticketReader.ReadByte();
if (footer != 0xff) {
return null; // unexpected value
}
// Step 11: Verify that we have consumed the entire payload.
// We don't expect there to be any more information after the footer.
// The caller is responsible for telling us when the actual payload
// is finished, as he may have handed us a byte array that contains
// the payload plus signature as an optimization, and we don't want
// to misinterpet the signature as a continuation of the payload.
if (ticketBlobStream.Position != serializedTicketLength) {
return null;
}
// Success.
return FormsAuthenticationTicket.FromUtc(
ticketVersion /* version */,
ticketName /* name */,
ticketIssueDateUtc /* issueDateUtc */,
ticketExpirationDateUtc /* expirationUtc */,
ticketIsPersistent /* isPersistent */,
ticketUserData /* userData */,
ticketCookiePath /* cookiePath */);
}
}
}
catch {
// If anything goes wrong while parsing the token, just treat the token as invalid.
return null;
}
}
// Resurrects a FormsAuthenticationTicket from its serialized blob representation.
// The input blob must be unsigned and unencrypted. This function returns null if
// the serialized ticket format is invalid. The caller must also verify that the
// ticket is still valid, as this method doesn't check expiration.
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
try {
using (MemoryStream ticketBlobStream = new MemoryStream(serializedTicket)) {
using (SerializingBinaryReader ticketReader = new SerializingBinaryReader(ticketBlobStream)) {
// Step 1: Read the serialized format version number from the stream.
// Currently the only supported format is 0x01.
// LENGTH: 1 byte
byte serializedFormatVersion = ticketReader.ReadByte();
if (serializedFormatVersion != CURRENT_TICKET_SERIALIZED_VERSION)
{
return(null); // unexpected value
}
// Step 2: Read the ticket version number from the stream.
// LENGTH: 1 byte
int ticketVersion = ticketReader.ReadByte();
// Step 3: Read the ticket issue date from the stream.
// LENGTH: 8 bytes
long ticketIssueDateUtcTicks = ticketReader.ReadInt64();
DateTime ticketIssueDateUtc = new DateTime(ticketIssueDateUtcTicks, DateTimeKind.Utc);
DateTime ticketIssueDateLocal = ticketIssueDateUtc.ToLocalTime();
// Step 4: Read the spacer from the stream.
// LENGTH: 1 byte
byte spacer = ticketReader.ReadByte();
if (spacer != 0xfe)
{
return(null); // unexpected value
}
// Step 5: Read the ticket expiration date from the stream.
// LENGTH: 8 bytes
long ticketExpirationDateUtcTicks = ticketReader.ReadInt64();
DateTime ticketExpirationDateUtc = new DateTime(ticketExpirationDateUtcTicks, DateTimeKind.Utc);
DateTime ticketExpirationDateLocal = ticketExpirationDateUtc.ToLocalTime();
// Step 6: Read the ticket persistence field from the stream.
// LENGTH: 1 byte
byte ticketPersistenceFieldValue = ticketReader.ReadByte();
bool ticketIsPersistent;
switch (ticketPersistenceFieldValue)
{
case 0:
ticketIsPersistent = false;
break;
case 1:
ticketIsPersistent = true;
break;
default:
return(null); // unexpected value
}
// Step 7: Read the ticket username from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketName = ticketReader.ReadBinaryString();
// Step 8: Read the ticket custom data from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketUserData = ticketReader.ReadBinaryString();
// Step 9: Read the ticket cookie path from the stream.
// LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload)
string ticketCookiePath = ticketReader.ReadBinaryString();
// Step 10: Read the footer from the stream.
// LENGTH: 1 byte
byte footer = ticketReader.ReadByte();
if (footer != 0xff)
{
return(null); // unexpected value
}
// Step 11: Verify that we have consumed the entire payload.
// We don't expect there to be any more information after the footer.
// The caller is responsible for telling us when the actual payload
// is finished, as he may have handed us a byte array that contains
// the payload plus signature as an optimization, and we don't want
// to misinterpet the signature as a continuation of the payload.
if (ticketBlobStream.Position != serializedTicketLength)
{
return(null);
}
// Success.
return(FormsAuthenticationTicket.FromUtc(
ticketVersion /* version */,
ticketName /* name */,
ticketIssueDateUtc /* issueDateUtc */,
ticketExpirationDateUtc /* expirationUtc */,
ticketIsPersistent /* isPersistent */,
ticketUserData /* userData */,
ticketCookiePath /* cookiePath */));
}
}
}
catch {
// If anything goes wrong while parsing the token, just treat the token as invalid.
return(null);
}
}
public FormsAuthenticationCookie Unprotect(string encryptedTicket)
{
var config = ConfigOptions.Value;
switch (config.FormsCompatibilityMode)
{
case FormsCompatibilityModes.Framework20SP1:
break;
default:
throw new UnexpectedSwitchValueException(config.FormsCompatibilityMode);
}
int hashSize;
switch (config.HashAlgorithm)
{
case LegacyFormsAuthenticationHashAlgorithms.SHA1:
hashSize = SHA1_HASH_SIZE;
break;
default:
throw new UnexpectedSwitchValueException(config.HashAlgorithm);
}
SymmetricAlgorithm decryptAlgorithm;
switch (config.CryptographyAlgorithm)
{
case LegacyFormsAuthenticationCryptographyAlgorithms.AES:
decryptAlgorithm = Aes.Create();
break;
case LegacyFormsAuthenticationCryptographyAlgorithms.TripleDES:
decryptAlgorithm = TripleDES.Create();
break;
default:
throw new UnexpectedSwitchValueException(config.CryptographyAlgorithm);
}
;
decryptAlgorithm.Key = HexToBinary(config.DecryptionKey);
decryptAlgorithm.GenerateIV();
decryptAlgorithm.IV = new byte[decryptAlgorithm.IV.Length];
var ivLengthDecryption = (decryptAlgorithm.KeySize / 8) + (((decryptAlgorithm.KeySize & 7) != 0) ? 1 : 0);
var bBlob = HexToBinary(encryptedTicket);
var buf = GetUnHashedData(bBlob, hashSize, config.HashValidationKey);
byte[] paddedData;
using (var st = new MemoryStream())
{
using (var cryptoTransform = decryptAlgorithm.CreateDecryptor())
{
using (var cs = new CryptoStream(st, cryptoTransform, CryptoStreamMode.Write))
{
cs.Write(buf, 0, buf.Length);
cs.FlushFinalBlock();
paddedData = st.ToArray();
}
}
}
// strip IV
var bDataLength = paddedData.Length - ivLengthDecryption;
var bData = new byte[bDataLength];
Buffer.BlockCopy(paddedData, ivLengthDecryption, bData, 0, bDataLength);
using (var st = new MemoryStream(bData))
{
using (var reader = new SerializingBinaryReader(st))
{
var c = new FormsAuthenticationCookie();
var formatVersion = reader.ReadByte();
var version = reader.ReadByte();
var utcTicks = reader.ReadInt64();
c.Issued = new DateTimeOffset(new DateTime(utcTicks, DateTimeKind.Utc));
var spacer = reader.ReadByte();
var expireDateTicks = reader.ReadInt64();
c.Expires = new DateTimeOffset(new DateTime(expireDateTicks, DateTimeKind.Utc));
var persistenceField = reader.ReadByte();
c.UserName = reader.ReadString();
c.UserData = reader.ReadString();
c.CookiePath = reader.ReadString();
var footer = reader.ReadByte();
return(c);
}
}
}
public static FormsAuthenticationTicket Deserialize(byte[] serializedTicket, int serializedTicketLength)
{
FormsAuthenticationTicket ticket;
try
{
using (MemoryStream stream = new MemoryStream(serializedTicket))
{
using (SerializingBinaryReader reader = new SerializingBinaryReader(stream))
{
int num2;
DateTime time;
DateTime time2;
bool flag;
string str;
if (reader.ReadByte() == 1)
{
num2 = reader.ReadByte();
long ticks = reader.ReadInt64();
time = new DateTime(ticks, DateTimeKind.Utc);
time.ToLocalTime();
if (reader.ReadByte() != 0xfe)
{
return null;
}
long num5 = reader.ReadInt64();
time2 = new DateTime(num5, DateTimeKind.Utc);
time2.ToLocalTime();
switch (reader.ReadByte())
{
case 0:
flag = false;
goto Label_00A1;
case 1:
flag = true;
goto Label_00A1;
}
}
return null;
Label_00A1:
str = reader.ReadBinaryString();
string userData = reader.ReadBinaryString();
string cookiePath = reader.ReadBinaryString();
if (reader.ReadByte() != 0xff)
{
return null;
}
if (stream.Position != serializedTicketLength)
{
return null;
}
ticket = FormsAuthenticationTicket.FromUtc(num2, str, time, time2, flag, userData, cookiePath);
}
}
}
catch
{
ticket = null;
}
return ticket;
}
