public static FormsAuthenticationTicket Decrypt(string encryptedTicket)
{
if (encryptedTicket == null || encryptedTicket == String.Empty)
{
throw new ArgumentException("Invalid encrypted ticket", "encryptedTicket");
}
Initialize();
FormsAuthenticationTicket ticket;
#if NET_2_0
byte [] bytes = MachineKeySectionUtils.GetBytes(encryptedTicket, encryptedTicket.Length);
#else
byte [] bytes = MachineKeyConfig.GetBytes(encryptedTicket, encryptedTicket.Length);
#endif
try {
ticket = Decrypt2(bytes);
} catch (Exception) {
ticket = null;
}
return(ticket);
}
public static IMachineKeyDataProtectionBuilder WithMachineKeyConfig(this IMachineKeyDataProtectionBuilder builder, MachineKeyConfig machineKeyConfig)
{
return(builder.WithMachineKey(new MachineKey(machineKeyConfig)));
}
static FormsAuthenticationTicket Decrypt2(byte [] bytes)
{
if (protection == FormsProtectionEnum.None)
{
return(FormsAuthenticationTicket.FromByteArray(bytes));
}
#if NET_2_0
MachineKeySection config = (MachineKeySection)WebConfigurationManager.GetWebApplicationSection(machineKeyConfigPath);
#else
MachineKeyConfig config = HttpContext.GetAppConfig(machineKeyConfigPath) as MachineKeyConfig;
#endif
bool all = (protection == FormsProtectionEnum.All);
byte [] result = bytes;
if (all || protection == FormsProtectionEnum.Encryption)
{
ICryptoTransform decryptor;
decryptor = TripleDES.Create().CreateDecryptor(GetDecryptionKey(config), init_vector);
result = decryptor.TransformFinalBlock(bytes, 0, bytes.Length);
bytes = null;
}
if (all || protection == FormsProtectionEnum.Validation)
{
int count;
MachineKeyValidation validationType;
#if NET_2_0
validationType = config.Validation;
#else
validationType = config.ValidationType;
#endif
if (validationType == MachineKeyValidation.MD5)
{
count = MD5_hash_size;
}
else
{
count = SHA1_hash_size; // 3DES and SHA1
}
#if NET_2_0
byte [] vk = MachineKeySectionUtils.ValidationKeyBytes(config);
#else
byte [] vk = config.ValidationKey;
#endif
byte [] mix = new byte [result.Length - count + vk.Length];
Buffer.BlockCopy(result, 0, mix, 0, result.Length - count);
Buffer.BlockCopy(vk, 0, mix, result.Length - count, vk.Length);
byte [] hash = null;
switch (validationType)
{
case MachineKeyValidation.MD5:
hash = MD5.Create().ComputeHash(mix);
break;
// From MS docs: "When 3DES is specified, forms authentication defaults to SHA1"
case MachineKeyValidation.TripleDES:
case MachineKeyValidation.SHA1:
hash = SHA1.Create().ComputeHash(mix);
break;
}
if (result.Length < count)
{
throw new ArgumentException("Error validating ticket (length).", "encryptedTicket");
}
int i, k;
for (i = result.Length - count, k = 0; k < count; i++, k++)
{
if (result [i] != hash [k])
{
throw new ArgumentException("Error validating ticket.", "encryptedTicket");
}
}
}
return(FormsAuthenticationTicket.FromByteArray(result));
}
static byte [] GetDecryptionKey(MachineKeyConfig config)
{
return(config.DecryptionKey192Bits);
}
public MachineKeyCryptoAlgorithmFactory(MachineKeyConfig machineKeyConfig)
{
_machineKeyConfig = machineKeyConfig;
}
public MachineKeyDataProtectorFactory(MachineKeyConfig machineKeySection)
{
_machineKeyConfig = machineKeySection;
}