public void Can_Encrypt_And_Decrypt_Forms_Authentication_Ticket_WithSha512() { // Arrange var issueDateUtc = DateTime.UtcNow; var expiryDateUtc = issueDateUtc.AddHours(1); var formsAuthenticationTicket = new FormsAuthenticationTicket(2, "*****@*****.**", issueDateUtc.ToLocalTime(), expiryDateUtc.ToLocalTime(), false, "custom data", "/"); var encryptor = new LegacyFormsAuthenticationTicketEncryptor(SHA512DecryptionKey, SHA512ValidationKey, ShaVersion.Sha512); // Act // We encrypt the forms auth cookie. var encryptedText = encryptor.Encrypt(formsAuthenticationTicket); Assert.IsNotNull(encryptedText); // We decrypt the encypted text back into a forms auth ticket, and compare it to the original ticket to make sure it // roundtripped successfully. FormsAuthenticationTicket decryptedFormsAuthenticationTicket = encryptor.DecryptCookie(encryptedText); Assert.AreEqual(formsAuthenticationTicket.CookiePath, decryptedFormsAuthenticationTicket.CookiePath); Assert.AreEqual(formsAuthenticationTicket.IsPersistent, decryptedFormsAuthenticationTicket.IsPersistent); Assert.AreEqual(formsAuthenticationTicket.UserData, decryptedFormsAuthenticationTicket.UserData); Assert.AreEqual(formsAuthenticationTicket.Version, decryptedFormsAuthenticationTicket.Version); Assert.AreEqual(formsAuthenticationTicket.Expired, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(formsAuthenticationTicket.IsValid(), decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(false, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(true, decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(formsAuthenticationTicket.Expiration, decryptedFormsAuthenticationTicket.Expiration); Assert.AreEqual(formsAuthenticationTicket.IssueDate, decryptedFormsAuthenticationTicket.IssueDate); }
public void Can_Encrypt_And_Decrypt_Forms_Authentication_Ticket_WithSha256() { // Arrange var issueDateUtc = DateTime.UtcNow; var expiryDateUtc = issueDateUtc.AddHours(1); var formsAuthenticationTicket = new FormsAuthenticationTicket(1, "*****@*****.**", issueDateUtc.ToLocalTime(), expiryDateUtc.ToLocalTime(), false, "*****@*****.**", "/"); var encryptor = new FormsAuthenticationTicketEncryptor( SHA256DecryptionKey, SHA256ValidationKey, DecryptionKeyAlgorithm.Aes, ValidationKeyAlgorithm.Sha256, CompatibilityMode.Framework20SP2); // Act var encryptedText = encryptor.Encrypt(formsAuthenticationTicket); Assert.IsNotNull(encryptedText); // We decrypt the encypted text back into a forms auth ticket, and compare it to the original ticket to make sure it // round tripped successfully. FormsAuthenticationTicket decryptedFormsAuthenticationTicket = encryptor.DecryptCookie(encryptedText); Assert.AreEqual(formsAuthenticationTicket.CookiePath, decryptedFormsAuthenticationTicket.CookiePath); Assert.AreEqual(formsAuthenticationTicket.Expiration, decryptedFormsAuthenticationTicket.Expiration); Assert.AreEqual(formsAuthenticationTicket.Expired, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(formsAuthenticationTicket.IsValid(), decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(formsAuthenticationTicket.IsPersistent, decryptedFormsAuthenticationTicket.IsPersistent); Assert.AreEqual(false, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(true, decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(formsAuthenticationTicket.IssueDate, decryptedFormsAuthenticationTicket.IssueDate); Assert.AreEqual(formsAuthenticationTicket.UserData, decryptedFormsAuthenticationTicket.UserData); Assert.AreEqual(formsAuthenticationTicket.Version, decryptedFormsAuthenticationTicket.Version); }
public void Can_Encrypt_And_Decrypt_Forms_Authentication_Ticket() { // These would come from the asp.net 3.5 applications <machineKey decryption="AES" decryptionKey"" validation="SHA1" validationKey="" /> web.config. // I have made these up for the purposes of this test. string validationKey = "30101052676849B0B494466B7A99656346328E8964748448E422D7344467A45777D972414947271744423422851D6742C9A09A65212C276C7F839157501291C6"; string decryptionKey = "AC7387D7E54B156377D81930CF237888854B5B5B515CF2D6356541255E696144"; // Arrange var issueDateUtc = DateTime.UtcNow; var expiryDateUtc = issueDateUtc.AddHours(1); var formsAuthenticationTicket = new FormsAuthenticationTicket(2, "*****@*****.**", issueDateUtc.ToLocalTime(), expiryDateUtc.ToLocalTime(), false, "custom data", "/"); byte[] decryptionKeyBytes = HexUtils.HexToBinary(decryptionKey); byte[] validationKeyBytes = HexUtils.HexToBinary(validationKey); var legacyFormsAuthenticationTicketEncryptor = new FormsAuthenticationTicketEncryptor( decryptionKeyBytes, validationKeyBytes, DecryptionKeyAlgorithm.Aes, ValidationKeyAlgorithm.Sha1, CompatibilityMode.Framework20SP2); // Act // We encrypt the forms auth cookie. var encryptedText = legacyFormsAuthenticationTicketEncryptor.Encrypt(formsAuthenticationTicket); Assert.IsNotNull(encryptedText); // We decrypt the encypted text back into a forms auth ticket, and compare it to the original ticket to make sure it // roundtripped successfully. FormsAuthenticationTicket decryptedFormsAuthenticationTicket = legacyFormsAuthenticationTicketEncryptor.DecryptCookie(encryptedText); Assert.AreEqual(formsAuthenticationTicket.CookiePath, decryptedFormsAuthenticationTicket.CookiePath); Assert.AreEqual(formsAuthenticationTicket.IsPersistent, decryptedFormsAuthenticationTicket.IsPersistent); Assert.AreEqual(formsAuthenticationTicket.UserData, decryptedFormsAuthenticationTicket.UserData); Assert.AreEqual(formsAuthenticationTicket.Version, decryptedFormsAuthenticationTicket.Version); Assert.AreEqual(false, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(true, decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(formsAuthenticationTicket.Expired, decryptedFormsAuthenticationTicket.Expired); Assert.AreEqual(formsAuthenticationTicket.IsValid(), decryptedFormsAuthenticationTicket.IsValid()); Assert.AreEqual(formsAuthenticationTicket.Expiration, decryptedFormsAuthenticationTicket.Expiration); Assert.AreEqual(formsAuthenticationTicket.IssueDate, decryptedFormsAuthenticationTicket.IssueDate); }