示例#1
0
        static FormsAuthenticationTicket Decrypt2(byte [] bytes)
        {
            if (protection == FormsProtectionEnum.None)
            {
                return(FormsAuthenticationTicket.FromByteArray(bytes));
            }

            MachineKeySection config = (MachineKeySection)WebConfigurationManager.GetWebApplicationSection(machineKeyConfigPath);

            byte [] result = null;
            if (protection == FormsProtectionEnum.All)
            {
                result = MachineKeySectionUtils.VerifyDecrypt(config, bytes);
            }
            else if (protection == FormsProtectionEnum.Encryption)
            {
                result = MachineKeySectionUtils.Decrypt(config, bytes);
            }
            else if (protection == FormsProtectionEnum.Validation)
            {
                result = MachineKeySectionUtils.Verify(config, bytes);
            }

            return(FormsAuthenticationTicket.FromByteArray(result));
        }
示例#2
0
        static FormsAuthenticationTicket Decrypt2(byte [] bytes)
        {
            if (protection == FormsProtectionEnum.None)
            {
                return(FormsAuthenticationTicket.FromByteArray(bytes));
            }

#if NET_2_0
            MachineKeySection config = (MachineKeySection)WebConfigurationManager.GetWebApplicationSection(machineKeyConfigPath);
#else
            MachineKeyConfig config = HttpContext.GetAppConfig(machineKeyConfigPath) as MachineKeyConfig;
#endif
            bool all = (protection == FormsProtectionEnum.All);

            byte [] result = bytes;
            if (all || protection == FormsProtectionEnum.Encryption)
            {
                ICryptoTransform decryptor;
                decryptor = TripleDES.Create().CreateDecryptor(GetDecryptionKey(config), init_vector);
                result    = decryptor.TransformFinalBlock(bytes, 0, bytes.Length);
                bytes     = null;
            }

            if (all || protection == FormsProtectionEnum.Validation)
            {
                int count;
                MachineKeyValidation validationType;

#if NET_2_0
                validationType = config.Validation;
#else
                validationType = config.ValidationType;
#endif
                if (validationType == MachineKeyValidation.MD5)
                {
                    count = MD5_hash_size;
                }
                else
                {
                    count = SHA1_hash_size;                     // 3DES and SHA1
                }
#if NET_2_0
                byte [] vk = MachineKeySectionUtils.ValidationKeyBytes(config);
#else
                byte [] vk = config.ValidationKey;
#endif
                byte [] mix = new byte [result.Length - count + vk.Length];
                Buffer.BlockCopy(result, 0, mix, 0, result.Length - count);
                Buffer.BlockCopy(vk, 0, mix, result.Length - count, vk.Length);

                byte [] hash = null;
                switch (validationType)
                {
                case MachineKeyValidation.MD5:
                    hash = MD5.Create().ComputeHash(mix);
                    break;

                // From MS docs: "When 3DES is specified, forms authentication defaults to SHA1"
                case MachineKeyValidation.TripleDES:
                case MachineKeyValidation.SHA1:
                    hash = SHA1.Create().ComputeHash(mix);
                    break;
                }

                if (result.Length < count)
                {
                    throw new ArgumentException("Error validating ticket (length).", "encryptedTicket");
                }

                int i, k;
                for (i = result.Length - count, k = 0; k < count; i++, k++)
                {
                    if (result [i] != hash [k])
                    {
                        throw new ArgumentException("Error validating ticket.", "encryptedTicket");
                    }
                }
            }

            return(FormsAuthenticationTicket.FromByteArray(result));
        }