예제 #1
0
        public static FormsAuthenticationTicket Decrypt(string encryptedTicket)
        {
            if (encryptedTicket == null || encryptedTicket == String.Empty)
            {
                throw new ArgumentException("Invalid encrypted ticket", "encryptedTicket");
            }

            Initialize();

            FormsAuthenticationTicket ticket;

#if NET_2_0
            byte [] bytes = MachineKeySectionUtils.GetBytes(encryptedTicket, encryptedTicket.Length);
#else
            byte [] bytes = MachineKeyConfig.GetBytes(encryptedTicket, encryptedTicket.Length);
#endif
            try {
                ticket = Decrypt2(bytes);
            } catch (Exception) {
                ticket = null;
            }

            return(ticket);
        }
예제 #2
0
 public static IMachineKeyDataProtectionBuilder WithMachineKeyConfig(this IMachineKeyDataProtectionBuilder builder, MachineKeyConfig machineKeyConfig)
 {
     return(builder.WithMachineKey(new MachineKey(machineKeyConfig)));
 }
예제 #3
0
        static FormsAuthenticationTicket Decrypt2(byte [] bytes)
        {
            if (protection == FormsProtectionEnum.None)
            {
                return(FormsAuthenticationTicket.FromByteArray(bytes));
            }

#if NET_2_0
            MachineKeySection config = (MachineKeySection)WebConfigurationManager.GetWebApplicationSection(machineKeyConfigPath);
#else
            MachineKeyConfig config = HttpContext.GetAppConfig(machineKeyConfigPath) as MachineKeyConfig;
#endif
            bool all = (protection == FormsProtectionEnum.All);

            byte [] result = bytes;
            if (all || protection == FormsProtectionEnum.Encryption)
            {
                ICryptoTransform decryptor;
                decryptor = TripleDES.Create().CreateDecryptor(GetDecryptionKey(config), init_vector);
                result    = decryptor.TransformFinalBlock(bytes, 0, bytes.Length);
                bytes     = null;
            }

            if (all || protection == FormsProtectionEnum.Validation)
            {
                int count;
                MachineKeyValidation validationType;

#if NET_2_0
                validationType = config.Validation;
#else
                validationType = config.ValidationType;
#endif
                if (validationType == MachineKeyValidation.MD5)
                {
                    count = MD5_hash_size;
                }
                else
                {
                    count = SHA1_hash_size;                     // 3DES and SHA1
                }
#if NET_2_0
                byte [] vk = MachineKeySectionUtils.ValidationKeyBytes(config);
#else
                byte [] vk = config.ValidationKey;
#endif
                byte [] mix = new byte [result.Length - count + vk.Length];
                Buffer.BlockCopy(result, 0, mix, 0, result.Length - count);
                Buffer.BlockCopy(vk, 0, mix, result.Length - count, vk.Length);

                byte [] hash = null;
                switch (validationType)
                {
                case MachineKeyValidation.MD5:
                    hash = MD5.Create().ComputeHash(mix);
                    break;

                // From MS docs: "When 3DES is specified, forms authentication defaults to SHA1"
                case MachineKeyValidation.TripleDES:
                case MachineKeyValidation.SHA1:
                    hash = SHA1.Create().ComputeHash(mix);
                    break;
                }

                if (result.Length < count)
                {
                    throw new ArgumentException("Error validating ticket (length).", "encryptedTicket");
                }

                int i, k;
                for (i = result.Length - count, k = 0; k < count; i++, k++)
                {
                    if (result [i] != hash [k])
                    {
                        throw new ArgumentException("Error validating ticket.", "encryptedTicket");
                    }
                }
            }

            return(FormsAuthenticationTicket.FromByteArray(result));
        }
예제 #4
0
 static byte [] GetDecryptionKey(MachineKeyConfig config)
 {
     return(config.DecryptionKey192Bits);
 }
예제 #5
0
 public MachineKeyCryptoAlgorithmFactory(MachineKeyConfig machineKeyConfig)
 {
     _machineKeyConfig = machineKeyConfig;
 }
예제 #6
0
 public MachineKeyDataProtectorFactory(MachineKeyConfig machineKeySection)
 {
     _machineKeyConfig = machineKeySection;
 }