/// <summary> /// Encode a string using TripleDES with specified password and IV strings. /// </summary> /// <param name="sourceString">The string to encode</param> /// <param name="password">The password string</param> /// <param name="IV">The IV string</param> /// <returns>The encoded string</returns> public string EncodeString(string sourceString, string password, string IV) { if (string.IsNullOrEmpty(password)) throw new ArgumentException("Please specify the password", nameof(password)); if (string.IsNullOrEmpty(IV)) throw new ArgumentException("Please specify the Initialize Vector", nameof(IV)); if (!string.IsNullOrEmpty(sourceString)) { byte[] PSS = GeneratePassword(password); byte[] IVb = GeneratePassword(IV); ICryptoTransform ct = new TripleDESCryptoServiceProvider().CreateEncryptor(PSS, IVb); byte[] input = Encoding.Unicode.GetBytes(sourceString); return Convert.ToBase64String(ct.TransformFinalBlock(input, 0, input.Length)); } else return null; }
static FormsAuthenticationTicket Decrypt2 (byte [] bytes) { if (protection == FormsProtectionEnum.None) return FormsAuthenticationTicket.FromByteArray (bytes); MachineKeyConfig config = HttpContext.GetAppConfig ("system.web/machineKey") as MachineKeyConfig; bool all = (protection == FormsProtectionEnum.All); byte [] result = bytes; if (all || protection == FormsProtectionEnum.Encryption) { ICryptoTransform decryptor; decryptor = new TripleDESCryptoServiceProvider().CreateDecryptor (config.DecryptionKey192Bits, init_vector); result = decryptor.TransformFinalBlock (bytes, 0, bytes.Length); bytes = null; } if (all || protection == FormsProtectionEnum.Validation) { int count; if (config.ValidationType == MachineKeyValidation.MD5) count = MD5_hash_size; else count = SHA1_hash_size; // 3DES and SHA1 byte [] vk = config.ValidationKey; byte [] mix = new byte [result.Length - count + vk.Length]; Buffer.BlockCopy (result, 0, mix, 0, result.Length - count); Buffer.BlockCopy (vk, 0, mix, result.Length - count, vk.Length); byte [] hash = null; switch (config.ValidationType) { case MachineKeyValidation.MD5: hash = MD5.Create ().ComputeHash (mix); break; // From MS docs: "When 3DES is specified, forms authentication defaults to SHA1" case MachineKeyValidation.TripleDES: case MachineKeyValidation.SHA1: hash = SHA1.Create ().ComputeHash (mix); break; } if (result.Length < count) throw new ArgumentException ("Error validating ticket (length).", "encryptedTicket"); int i, k; for (i = result.Length - count, k = 0; k < count; i++, k++) { if (result [i] != hash [k]) throw new ArgumentException ("Error validating ticket.", "encryptedTicket"); } } return FormsAuthenticationTicket.FromByteArray (result); }
public static string Encrypt (FormsAuthenticationTicket ticket) { if (ticket == null) throw new ArgumentNullException ("ticket"); Initialize (); byte [] ticket_bytes = ticket.ToByteArray (); if (protection == FormsProtectionEnum.None) return GetHexString (ticket_bytes); byte [] result = ticket_bytes; MachineKeyConfig config = HttpContext.GetAppConfig ("system.web/machineKey") as MachineKeyConfig; bool all = (protection == FormsProtectionEnum.All); if (all || protection == FormsProtectionEnum.Validation) { byte [] valid_bytes = null; byte [] vk = config.ValidationKey; byte [] mix = new byte [ticket_bytes.Length + vk.Length]; Buffer.BlockCopy (ticket_bytes, 0, mix, 0, ticket_bytes.Length); Buffer.BlockCopy (vk, 0, mix, result.Length, vk.Length); switch (config.ValidationType) { case MachineKeyValidation.MD5: valid_bytes = MD5.Create ().ComputeHash (mix); break; // From MS docs: "When 3DES is specified, forms authentication defaults to SHA1" case MachineKeyValidation.TripleDES: case MachineKeyValidation.SHA1: valid_bytes = SHA1.Create ().ComputeHash (mix); break; } int tlen = ticket_bytes.Length; int vlen = valid_bytes.Length; result = new byte [tlen + vlen]; Buffer.BlockCopy (ticket_bytes, 0, result, 0, tlen); Buffer.BlockCopy (valid_bytes, 0, result, tlen, vlen); } if (all || protection == FormsProtectionEnum.Encryption) { ICryptoTransform encryptor; encryptor = new TripleDESCryptoServiceProvider().CreateEncryptor (config.DecryptionKey192Bits, init_vector); result = encryptor.TransformFinalBlock (result, 0, result.Length); } return GetHexString (result); }