Solved

Validating a cookie against a machine key

Posted on 2012-03-29
5
303 Views
Last Modified: 2012-04-02
Can someone help me with some code to decrypt a cookie against a machine key stored in my web config.

Thanks.
0
Comment
Question by:sherbug1015
  • 2
  • 2
5 Comments
 
LVL 21

Expert Comment

by:masterpass
ID: 37785172
Here is an example of how to encrypt/decrypt using the MachineKey

Public Class Crypto
        Public Function Encrypt(plainText As String) As String
            Dim plaintextBytes = Encoding.UTF8.GetBytes(plainText)
            Return MachineKey.Encode(plaintextBytes, MachineKeyProtection.All)
        End Function

        Public Function Decrypt(encryptedValue As String) As String
            Dim decryptedBytes = MachineKey.Decode(encryptedValue, MachineKeyProtection.All)
            Return Encoding.UTF8.GetString(decryptedBytes)
        End Function
    End Class

Open in new window


Hope this helps!
0
 

Author Comment

by:sherbug1015
ID: 37787000
I don't seem to be able to use MachineKey.  I looked it up and it only works in 4.0 or better?  Do you have any code samples that would work in earlier frameworks.

Thanks.
0
 
LVL 83

Accepted Solution

by:
CodeCruiser earned 500 total points
ID: 37787986
0
 

Author Comment

by:sherbug1015
ID: 37788715
CodeCruiser:

I have a machine key tag in my web.config that has a validation key, a decryption key and
validation="SHA1" decryption="AES"

A third party is creating an application and will send me a cookie when the user logs into their site and clicks on the link to my website.  The cookie will have username and password encrypted using the machine key located in my web.config.

I must decrypt the cookie, read the information in the cookie and pass it along to be authenticated.  

I don't know how to decrypt the cookie and am looking for help.  

Anything you can share would be appreciated.
0
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 37795709
As you have asked another question on the same issue now, I think you should delete this one.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s quite interesting for me as I worked with Excel using vb.net for some time. Here are some topics which I know want to share with others whom this might help. First of all if you are working with Excel then you need to Download the Following …
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now