public string SerializeToString(byte[] aesKey) { string payloadString = SerializePayload(SecurePayload); byte[] payloadData = Encoding.UTF8.GetBytes(payloadString); DataProtector dataProtector = new DataProtector(aesKey, IV); byte[] encryptedPayloadData = dataProtector.Protect(payloadData); string base64encryptedPayload = EncodingHelper.Base64Encode(encryptedPayloadData); string base64iv = EncodingHelper.Base64Encode(IV); return EncodingHelper.Base64CustomUrlEncode(EncodingHelper.Base64StringsConcat(base64iv, base64encryptedPayload)); }
public static OpaqueSecurityToken Parse(byte[] aesKey, string serializedToken) { try { serializedToken = EncodingHelper.Base64CustomUrlDecode(serializedToken); string[] splittedIVandPayload = EncodingHelper.SplitConcatenatedBase64Strings(serializedToken, 2); byte[] iv = EncodingHelper.Base64Decode(splittedIVandPayload[0]); DataProtector dataProtector = new DataProtector(aesKey, iv); byte[] payloadProtected = EncodingHelper.Base64Decode(splittedIVandPayload[1]); byte[] payloadData = dataProtector.Unprotect(payloadProtected); string payloadString = Encoding.UTF8.GetString(payloadData); Dictionary<string, string> payload = DeserializePayload(payloadString); return new OpaqueSecurityToken(iv, payload); } catch (Exception ex) { throw new SecurityException(string.Format("Unable to parse security key: '{0}'", serializedToken), ex); } }