public object Create (object parent, object context, XmlNode section)
		{
			if (section.HasChildNodes)
				ThrowException ("Child nodes not allowed here", section.FirstChild);

			MachineKeyConfig config = new MachineKeyConfig (parent);

			try {
				config.SetValidationKey (AttValue ("validationKey", section));
			} catch (ArgumentException e) {
				ThrowException (e.Message, section);
			}

			try {
				config.SetDecryptionKey (AttValue ("decryptionKey", section));
			} catch (ArgumentException e) {
				ThrowException (e.Message, section);
			}

			string validation = AttValue ("validation", section);
			MachineKeyValidation valid = 0;
			if (validation == "SHA1")
				valid = MachineKeyValidation.SHA1;
			else if (validation == "MD5")
				valid = MachineKeyValidation.MD5;
			else if (validation == "TripleDES")
				valid = MachineKeyValidation.TripleDES;
			else
				ThrowException ("Invalid 'validation' value", section);

			config.ValidationType = valid;

			if (section.Attributes != null && section.Attributes.Count != 0)
				ThrowException ("Unrecognized attribute", section);

			MachineKeyConfig.MachineKey = config;
			return config;
		}
Example #2
0
            // CTor
            internal MachineKeyConfig(object parentObject, object contextObject, XmlNode node)
            {
                MachineKeyConfig parent = (MachineKeyConfig)parentObject;

                HttpConfigurationContext configContext = contextObject as HttpConfigurationContext;

                if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
                {
                    throw new ConfigurationException(
                              HttpRuntime.FormatResourceString(SR.No_MachineKey_Config_In_subdir),
                              node);
                }

                if (parent != null)
                {
                    _ValidationKey  = parent.ValidationKey;
                    _DecryptionKey  = parent.DecryptionKey;
                    _ValidationMode = parent.ValidationMode;
                    _AutogenKey     = parent.AutogenKey;
                }

                XmlNode vNode = node.Attributes.RemoveNamedItem("validationKey");
                XmlNode dNode = node.Attributes.RemoveNamedItem("decryptionKey");

                int iMode = 0;

                string [] modeStrings = { "SHA1", "MD5", "3DES" };
                XmlNode   mNode       = HandlerBase.GetAndRemoveEnumAttribute(node, "validation", modeStrings, ref iMode);

                if (mNode != null)
                {
                    _ValidationMode = (MachineKeyValidationMode)iMode;
                }
                HandlerBase.CheckForUnrecognizedAttributes(node);
                HandlerBase.CheckForChildNodes(node);

                if (vNode != null && vNode.Value != null)
                {
                    String strKey       = vNode.Value;
                    bool   fAppSpecific = strKey.EndsWith(",IsolateApps");

                    if (fAppSpecific)
                    {
                        strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
                    }

                    if (strKey == "AutoGenerate")   // case sensitive
                    {
                        _ValidationKey = new byte[64];
                        Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 0, _ValidationKey, 0, 64);
                    }
                    else
                    {
                        if (strKey.Length > 128 || strKey.Length < 40)
                        {
                            throw new ConfigurationException(
                                      HttpRuntime.FormatResourceString(
                                          SR.Unable_to_get_cookie_authentication_validation_key, strKey.Length.ToString()),
                                      vNode);
                        }

                        _ValidationKey = HexStringToByteArray(strKey);
                        if (_ValidationKey == null)
                        {
                            throw new ConfigurationException(
                                      HttpRuntime.FormatResourceString(
                                          SR.Invalid_validation_key),
                                      vNode);
                        }
                    }

                    if (fAppSpecific)
                    {
                        int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
                        _ValidationKey[0] = (byte)(dwCode & 0xff);
                        _ValidationKey[1] = (byte)((dwCode & 0xff00) >> 8);
                        _ValidationKey[2] = (byte)((dwCode & 0xff0000) >> 16);
                        _ValidationKey[3] = (byte)((dwCode & 0xff000000) >> 24);
                    }
                }

                if (dNode != null)
                {
                    String strKey       = dNode.Value;
                    bool   fAppSpecific = strKey.EndsWith(",IsolateApps");

                    if (fAppSpecific)
                    {
                        strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
                    }

                    if (strKey == "AutoGenerate")   // case sensitive
                    {
                        _DecryptionKey = new byte[24];
                        Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 64, _DecryptionKey, 0, 24);
                        _AutogenKey = true;
                    }
                    else
                    {
                        _AutogenKey = false;

                        if (strKey.Length == 48)   // Make sure Triple DES is installed
                        {
                            TripleDESCryptoServiceProvider oTemp = null;
                            try {
                                oTemp = new TripleDESCryptoServiceProvider();
                            }
                            catch (Exception) {
                            }
                            if (oTemp == null)
                            {
                                throw new ConfigurationException(
                                          HttpRuntime.FormatResourceString(
                                              SR.cannot_use_Triple_DES),
                                          dNode);
                            }
                        }

                        if (strKey.Length != 48 && strKey.Length != 16)
                        {
                            throw new ConfigurationException(
                                      HttpRuntime.FormatResourceString(
                                          SR.Unable_to_get_cookie_authentication_decryption_key, strKey.Length.ToString()),
                                      dNode);
                        }

                        _DecryptionKey = HexStringToByteArray(strKey);
                        if (_DecryptionKey == null)
                        {
                            throw new ConfigurationException(
                                      HttpRuntime.FormatResourceString(
                                          SR.Invalid_decryption_key),
                                      dNode);
                        }
                    }
                    if (fAppSpecific)
                    {
                        int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
                        _DecryptionKey[0] = (byte)(dwCode & 0xff);
                        _DecryptionKey[1] = (byte)((dwCode & 0xff00) >> 8);
                        _DecryptionKey[2] = (byte)((dwCode & 0xff0000) >> 16);
                        _DecryptionKey[3] = (byte)((dwCode & 0xff000000) >> 24);
                    }
                }
            }