Code:
/ FXUpdate3074 / FXUpdate3074 / 1.1 / DEVDIV / depot / DevDiv / releases / whidbey / QFE / ndp / fx / src / xsp / System / Web / Security / CookieProtection.cs / 1 / CookieProtection.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
namespace System.Web.Security
{
using System.Security.Cryptography;
using System.Web.Configuration;
using System.Web.Management;
public enum CookieProtection
{
None, Validation, Encryption, All
}
internal class CookieProtectionHelper
{
internal static string Encode (CookieProtection cookieProtection, byte [] buf, int count)
{
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Validation)
{
byte[] bMac = MachineKeySection.HashData (buf, null, 0, count);
if (bMac == null || bMac.Length != 20)
return null;
if (buf.Length >= count + 20)
{
Buffer.BlockCopy (bMac, 0, buf, count, 20);
}
else
{
byte[] bTemp = buf;
buf = new byte[count + 20];
Buffer.BlockCopy (bTemp, 0, buf, 0, count);
Buffer.BlockCopy (bMac, 0, buf, count, 20);
}
count += 20;
}
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Encryption)
{
buf = MachineKeySection.EncryptOrDecryptData (true, buf, null, 0, count);
count = buf.Length;
}
if (count < buf.Length)
{
byte[] bTemp = buf;
buf = new byte[count];
Buffer.BlockCopy (bTemp, 0, buf, 0, count);
}
return HttpServerUtility.UrlTokenEncode(buf);
}
internal static byte[] Decode (CookieProtection cookieProtection, string data)
{
byte [] buf = HttpServerUtility.UrlTokenDecode(data);
if (buf == null || cookieProtection == CookieProtection.None)
return buf;
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Encryption)
{
buf = MachineKeySection.EncryptOrDecryptData (false, buf, null, 0, buf.Length);
if (buf == null)
return null;
}
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Validation)
{
//////////////////////////////////////////////////////////////////////
// Step 2: Get the MAC: Last 20 bytes
if (buf.Length <= 20)
return null;
byte[] buf2 = new byte[buf.Length - 20];
Buffer.BlockCopy (buf, 0, buf2, 0, buf2.Length);
byte[] bMac = MachineKeySection.HashData (buf2, null, 0, buf2.Length);
//////////////////////////////////////////////////////////////////////
// Step 3: Make sure the MAC is correct
if (bMac == null || bMac.Length != 20)
return null;
for (int iter = 0; iter < 20; iter++)
if (bMac[iter] != buf[buf2.Length + iter])
return null;
buf = buf2;
}
return buf;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
namespace System.Web.Security
{
using System.Security.Cryptography;
using System.Web.Configuration;
using System.Web.Management;
public enum CookieProtection
{
None, Validation, Encryption, All
}
internal class CookieProtectionHelper
{
internal static string Encode (CookieProtection cookieProtection, byte [] buf, int count)
{
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Validation)
{
byte[] bMac = MachineKeySection.HashData (buf, null, 0, count);
if (bMac == null || bMac.Length != 20)
return null;
if (buf.Length >= count + 20)
{
Buffer.BlockCopy (bMac, 0, buf, count, 20);
}
else
{
byte[] bTemp = buf;
buf = new byte[count + 20];
Buffer.BlockCopy (bTemp, 0, buf, 0, count);
Buffer.BlockCopy (bMac, 0, buf, count, 20);
}
count += 20;
}
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Encryption)
{
buf = MachineKeySection.EncryptOrDecryptData (true, buf, null, 0, count);
count = buf.Length;
}
if (count < buf.Length)
{
byte[] bTemp = buf;
buf = new byte[count];
Buffer.BlockCopy (bTemp, 0, buf, 0, count);
}
return HttpServerUtility.UrlTokenEncode(buf);
}
internal static byte[] Decode (CookieProtection cookieProtection, string data)
{
byte [] buf = HttpServerUtility.UrlTokenDecode(data);
if (buf == null || cookieProtection == CookieProtection.None)
return buf;
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Encryption)
{
buf = MachineKeySection.EncryptOrDecryptData (false, buf, null, 0, buf.Length);
if (buf == null)
return null;
}
if (cookieProtection == CookieProtection.All || cookieProtection == CookieProtection.Validation)
{
//////////////////////////////////////////////////////////////////////
// Step 2: Get the MAC: Last 20 bytes
if (buf.Length <= 20)
return null;
byte[] buf2 = new byte[buf.Length - 20];
Buffer.BlockCopy (buf, 0, buf2, 0, buf2.Length);
byte[] bMac = MachineKeySection.HashData (buf2, null, 0, buf2.Length);
//////////////////////////////////////////////////////////////////////
// Step 3: Make sure the MAC is correct
if (bMac == null || bMac.Length != 20)
return null;
for (int iter = 0; iter < 20; iter++)
if (bMac[iter] != buf[buf2.Length + iter])
return null;
buf = buf2;
}
return buf;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- PersonalizationAdministration.cs
- CodeObjectCreateExpression.cs
- tooltip.cs
- EntityWithChangeTrackerStrategy.cs
- VisualBrush.cs
- MultiByteCodec.cs
- ContactManager.cs
- SerializerWriterEventHandlers.cs
- MULTI_QI.cs
- PatternMatcher.cs
- CodeSubDirectoriesCollection.cs
- ClassImporter.cs
- DataPagerField.cs
- PropertyPath.cs
- XmlDigitalSignatureProcessor.cs
- WindowsListViewGroupHelper.cs
- WindowsFormsHostAutomationPeer.cs
- WebPartChrome.cs
- TextServicesCompartmentEventSink.cs
- MetaDataInfo.cs
- OleDbConnectionPoolGroupProviderInfo.cs
- PageHandlerFactory.cs
- ConfigurationValidatorAttribute.cs
- ProgressBarHighlightConverter.cs
- Oid.cs
- ExchangeUtilities.cs
- Send.cs
- ConnectionPoint.cs
- SmiEventSink.cs
- StructuredProperty.cs
- BinaryParser.cs
- XamlGridLengthSerializer.cs
- TextRunProperties.cs
- DbCommandTree.cs
- printdlgexmarshaler.cs
- XsdDateTime.cs
- StorageMappingItemLoader.cs
- TraceContext.cs
- Matrix.cs
- ImageField.cs
- EventItfInfo.cs
- RegexCharClass.cs
- ListSourceHelper.cs
- MinimizableAttributeTypeConverter.cs
- BamlLocalizerErrorNotifyEventArgs.cs
- FrameSecurityDescriptor.cs
- StrongNameKeyPair.cs
- ObjectContext.cs
- ConnectionStringsExpressionBuilder.cs
- FrameworkTemplate.cs
- AnonymousIdentificationSection.cs
- oledbmetadatacollectionnames.cs
- List.cs
- IISUnsafeMethods.cs
- DoubleAnimationBase.cs
- StreamReader.cs
- WebPartMovingEventArgs.cs
- Point3DAnimationUsingKeyFrames.cs
- InheritedPropertyChangedEventArgs.cs
- ObjectResult.cs
- XPathException.cs
- TargetControlTypeAttribute.cs
- DbTypeMap.cs
- SystemWebSectionGroup.cs
- RenderTargetBitmap.cs
- HttpException.cs
- RTLAwareMessageBox.cs
- ResourceCategoryAttribute.cs
- MediaEntryAttribute.cs
- IndexedEnumerable.cs
- SqlGenericUtil.cs
- ZipIOEndOfCentralDirectoryBlock.cs
- FormViewInsertedEventArgs.cs
- RenderDataDrawingContext.cs
- RuntimeCompatibilityAttribute.cs
- HtmlWindowCollection.cs
- JsonReaderDelegator.cs
- FileAuthorizationModule.cs
- StyleCollection.cs
- XmlSerializerVersionAttribute.cs
- ScriptServiceAttribute.cs
- HttpCacheVaryByContentEncodings.cs
- ToolStripProgressBar.cs
- Scene3D.cs
- EFAssociationProvider.cs
- EntityDataSourceDataSelection.cs
- SspiSafeHandles.cs
- BlockUIContainer.cs
- TcpWorkerProcess.cs
- mongolianshape.cs
- Vector3DKeyFrameCollection.cs
- EntityDataSourceConfigureObjectContext.cs
- TextParagraph.cs
- ExcCanonicalXml.cs
- PageThemeCodeDomTreeGenerator.cs
- ToolBar.cs
- DnsEndpointIdentity.cs
- GenericUriParser.cs
- OleDbReferenceCollection.cs
- ExternalDataExchangeService.cs