public void SerializeTo(Stream outputStream) { // don't need a 'using' block around this writer SerializingBinaryWriter writer = new SerializingBinaryWriter(outputStream); writer.Write((byte)0x00); // version header writer.Write7BitEncodedInt(_hashes.Count); // number of entries foreach (byte[] entry in _hashes) { writer.Write(entry); } }
/// <summary> /// 序列化防伪数据 /// </summary> /// <param name="token"></param> /// <returns></returns> internal static byte[] Serializer(AntiForgeryData token) { byte[] result; using (MemoryStream memoryStream = new MemoryStream()) { using (SerializingBinaryWriter serializingBinaryWriter = new SerializingBinaryWriter(memoryStream)) { serializingBinaryWriter.WriteBinaryString(token.Salt); serializingBinaryWriter.WriteBinaryString(token.Value); serializingBinaryWriter.Write(token.CreationDate.Ticks); serializingBinaryWriter.WriteBinaryString(token.Username); result = memoryStream.ToArray(); } } return(result); }
public static byte[] ConvertToBytes(FormsAuthenticationCookie data) { using (var ticketBlobStream = new MemoryStream()) using (var ticketWriter = new SerializingBinaryWriter(ticketBlobStream)) { ticketWriter.Write((byte)1); ticketWriter.Write((byte)1); ticketWriter.Write(data.IssuedUtc.Ticks); ticketWriter.Write((byte)0xfe); ticketWriter.Write(data.ExpiresUtc.Ticks); ticketWriter.Write(data.IsPersistent); ticketWriter.WriteBinaryString(data.UserName ?? ""); ticketWriter.WriteBinaryString(data.UserData ?? ""); ticketWriter.WriteBinaryString(data.CookiePath ?? ""); ticketWriter.Write((byte)0xff); return(ticketBlobStream.ToArray()); } }
public static byte[] Serialize(AuthenticationTicket ticket) { using (MemoryStream memoryStream = new MemoryStream()) { using (SerializingBinaryWriter serializingBinaryWriter = new SerializingBinaryWriter((Stream)memoryStream)) { var userBinary = ticket.UserData.BinarySerialize(); //var binaryString = CryptoUtils.BinaryToHex(userBinary); serializingBinaryWriter.Write((byte)1); serializingBinaryWriter.Write((byte)ticket.Version); serializingBinaryWriter.Write(ticket.IssueDateUtc.Ticks); serializingBinaryWriter.Write((byte)254); serializingBinaryWriter.Write(ticket.ExpirationUtc.Ticks); serializingBinaryWriter.WriteBinaryString(ticket.Name); serializingBinaryWriter.Write((int)userBinary.Length); serializingBinaryWriter.Write(userBinary); serializingBinaryWriter.Write(byte.MaxValue); return memoryStream.ToArray(); } } }
public static byte[] Serialize(AuthenticationTicket ticket) { using (MemoryStream memoryStream = new MemoryStream()) { using (SerializingBinaryWriter serializingBinaryWriter = new SerializingBinaryWriter((Stream)memoryStream)) { var userBinary = ticket.UserData.BinarySerialize(); //var binaryString = CryptoUtils.BinaryToHex(userBinary); serializingBinaryWriter.Write((byte)1); serializingBinaryWriter.Write((byte)ticket.Version); serializingBinaryWriter.Write(ticket.IssueDateUtc.Ticks); serializingBinaryWriter.Write((byte)254); serializingBinaryWriter.Write(ticket.ExpirationUtc.Ticks); serializingBinaryWriter.WriteBinaryString(ticket.Name); serializingBinaryWriter.Write((int)userBinary.Length); serializingBinaryWriter.Write(userBinary); serializingBinaryWriter.Write(byte.MaxValue); return(memoryStream.ToArray()); } } }
public static byte[] Serialize(FormsAuthenticationTicket ticket) { byte[] buffer; using (MemoryStream stream = new MemoryStream()) { using (SerializingBinaryWriter writer = new SerializingBinaryWriter(stream)) { writer.Write((byte)1); writer.Write((byte)ticket.Version); writer.Write(ticket.IssueDate.ToUniversalTime().Ticks); writer.Write((byte)0xfe); writer.Write(ticket.Expiration.ToUniversalTime().Ticks); writer.Write(ticket.IsPersistent); writer.WriteBinaryString(ticket.Name); writer.WriteBinaryString(ticket.UserData); writer.WriteBinaryString(ticket.CookiePath); writer.Write((byte)0xff); buffer = stream.ToArray(); } } return(buffer); }
public static byte[] Serialize(FormsAuthenticationTicket ticket) { byte[] buffer; using (MemoryStream stream = new MemoryStream()) { using (SerializingBinaryWriter writer = new SerializingBinaryWriter(stream)) { writer.Write((byte) 1); writer.Write((byte) ticket.Version); writer.Write(ticket.IssueDateUtc.Ticks); writer.Write((byte) 0xfe); writer.Write(ticket.ExpirationUtc.Ticks); writer.Write(ticket.IsPersistent); writer.WriteBinaryString(ticket.Name); writer.WriteBinaryString(ticket.UserData); writer.WriteBinaryString(ticket.CookiePath); writer.Write((byte) 0xff); buffer = stream.ToArray(); } } return buffer; }
private byte[] ConvertToBytes(FormsAuthenticationCookie data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } using (var ticketBlobStream = new MemoryStream()) using (var ticketWriter = new SerializingBinaryWriter(ticketBlobStream)) { ticketWriter.Write((byte)1); ticketWriter.Write((byte)1); ticketWriter.Write(data.IssuedUtc.Ticks); ticketWriter.Write((byte)0xfe); ticketWriter.Write(data.ExpiresUtc.Ticks); ticketWriter.Write(data.IsPersistent); ticketWriter.WriteBinaryString(data.UserName ?? ""); ticketWriter.WriteBinaryString(data.UserData ?? ""); ticketWriter.WriteBinaryString(data.CookiePath ?? ""); ticketWriter.Write((byte)0xff); return(ticketBlobStream.ToArray()); } }
// Turns a FormsAuthenticationTicket into a serialized blob. // The resulting blob is not encrypted or signed. public static byte[] Serialize(FormsAuthenticationTicket ticket) { using (MemoryStream ticketBlobStream = new MemoryStream()) { using (SerializingBinaryWriter ticketWriter = new SerializingBinaryWriter(ticketBlobStream)) { // SECURITY NOTE: // Earlier versions of the serializer (Framework20 / Framework40) wrote out a // random 8-byte header as the first part of the payload. This random header // was used as an IV when the ticket was encrypted, since the early encryption // routines didn't automatically append an IV when encrypting data. However, // the MSRC 10405 (Pythia) patch causes all of our crypto routines to use an // IV automatically, so there's no need for us to include a random IV in the // serialized stream any longer. We can just write out only the data, and the // crypto routines will do the right thing. // Step 1: Write the ticket serialized format version number (currently 0x01) to the stream. // LENGTH: 1 byte ticketWriter.Write(CURRENT_TICKET_SERIALIZED_VERSION); // Step 2: Write the ticket version number to the stream. // This is the developer-specified FormsAuthenticationTicket.Version property, // which is just ticket metadata. Technically it should be stored as a 32-bit // integer instead of just a byte, but we have historically been storing it // as just a single byte forever and nobody has complained. // LENGTH: 1 byte ticketWriter.Write((byte)ticket.Version); // Step 3: Write the ticket issue date to the stream. // We store this value as UTC ticks. We can't use DateTime.ToBinary() since it // isn't compatible with .NET v1.1. // LENGTH: 8 bytes (64-bit little-endian in payload) ticketWriter.Write(ticket.IssueDateUtc.Ticks); // Step 4: Write a one-byte spacer (0xfe) to the stream. // One of the old ticket formats (Framework40) expects the unencrypted payload // to contain 0x000000 (3 null bytes) beginning at position 9 in the stream. // Since we're currently at offset 10 in the serialized stream, we can take // this opportunity to purposely inject a non-null byte at this offset, which // intentionally breaks compatibility with Framework40 mode. // LENGTH: 1 byte Debug.Assert(ticketBlobStream.Position == 10, "Critical that we be at position 10 in the stream at this point."); ticketWriter.Write((byte)0xfe); // Step 5: Write the ticket expiration date to the stream. // We store this value as UTC ticks. // LENGTH: 8 bytes (64-bit little endian in payload) ticketWriter.Write(ticket.ExpirationUtc.Ticks); // Step 6: Write the ticket persistence field to the stream. // LENGTH: 1 byte ticketWriter.Write(ticket.IsPersistent); // Step 7: Write the ticket username to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.Name); // Step 8: Write the ticket custom data to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.UserData); // Step 9: Write the ticket cookie path to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.CookiePath); // Step 10: Write a one-byte footer (0xff) to the stream. // One of the old FormsAuthenticationTicket formats (Framework20) requires // that the payload end in 0x0000 (U+0000). By making the very last byte // of this format non-null, we can guarantee a compatiblity break between // this format and Framework20. // LENGTH: 1 byte ticketWriter.Write((byte)0xff); // Finished. return ticketBlobStream.ToArray(); } } }
// Turns a FormsAuthenticationTicket into a serialized blob. // The resulting blob is not encrypted or signed. public static byte[] Serialize(FormsAuthenticationTicket ticket) { using (MemoryStream ticketBlobStream = new MemoryStream()) { using (SerializingBinaryWriter ticketWriter = new SerializingBinaryWriter(ticketBlobStream)) { // SECURITY NOTE: // Earlier versions of the serializer (Framework20 / Framework40) wrote out a // random 8-byte header as the first part of the payload. This random header // was used as an IV when the ticket was encrypted, since the early encryption // routines didn't automatically append an IV when encrypting data. However, // the MSRC 10405 (Pythia) patch causes all of our crypto routines to use an // IV automatically, so there's no need for us to include a random IV in the // serialized stream any longer. We can just write out only the data, and the // crypto routines will do the right thing. // Step 1: Write the ticket serialized format version number (currently 0x01) to the stream. // LENGTH: 1 byte ticketWriter.Write(CURRENT_TICKET_SERIALIZED_VERSION); // Step 2: Write the ticket version number to the stream. // This is the developer-specified FormsAuthenticationTicket.Version property, // which is just ticket metadata. Technically it should be stored as a 32-bit // integer instead of just a byte, but we have historically been storing it // as just a single byte forever and nobody has complained. // LENGTH: 1 byte ticketWriter.Write((byte)ticket.Version); // Step 3: Write the ticket issue date to the stream. // We store this value as UTC ticks. We can't use DateTime.ToBinary() since it // isn't compatible with .NET v1.1. // LENGTH: 8 bytes (64-bit little-endian in payload) ticketWriter.Write(ticket.IssueDateUtc.Ticks); // Step 4: Write a one-byte spacer (0xfe) to the stream. // One of the old ticket formats (Framework40) expects the unencrypted payload // to contain 0x000000 (3 null bytes) beginning at position 9 in the stream. // Since we're currently at offset 10 in the serialized stream, we can take // this opportunity to purposely inject a non-null byte at this offset, which // intentionally breaks compatibility with Framework40 mode. // LENGTH: 1 byte //Debug.Assert(ticketBlobStream.Position == 10, "Critical that we be at position 10 in the stream at this point."); ticketWriter.Write((byte)0xfe); // Step 5: Write the ticket expiration date to the stream. // We store this value as UTC ticks. // LENGTH: 8 bytes (64-bit little endian in payload) ticketWriter.Write(ticket.ExpirationUtc.Ticks); // Step 6: Write the ticket persistence field to the stream. // LENGTH: 1 byte ticketWriter.Write(ticket.IsPersistent); // Step 7: Write the ticket username to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.Name); // Step 8: Write the ticket custom data to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.UserData); // Step 9: Write the ticket cookie path to the stream. // LENGTH: 1+ bytes (7-bit encoded integer char count + UTF-16LE payload) ticketWriter.WriteBinaryString(ticket.CookiePath); // Step 10: Write a one-byte footer (0xff) to the stream. // One of the old FormsAuthenticationTicket formats (Framework20) requires // that the payload end in 0x0000 (U+0000). By making the very last byte // of this format non-null, we can guarantee a compatiblity break between // this format and Framework20. // LENGTH: 1 byte ticketWriter.Write((byte)0xff); // Finished. return(ticketBlobStream.ToArray()); } } }