Robin Sun
Reputation: 1618
How to unprotect ASP.NET FormAuthentication cookie
Our asp.net website is using FormAuthentication. I want to decrpty the authentication cookie. Here is the code.
string ticket = Request.Cookies[".ASPXAUTH_xxx"].Value.ToString();
// Format Cookie to be converted
ticket = ticket.Replace('-', '+').Replace('_', '/');
var padding = 3 - ((ticket.Length + 3) % 4);
if (padding != 0)
ticket = ticket + new string('=', padding);
var bytes = Convert.FromBase64String(ticket);
// Decrypt
bytes = System.Web.Security.MachineKey.Unprotect(bytes,
"Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware",
"ApplicationCookie", "v1");
It always throws out System.Security.Cryptography.CryptographicException. I guess some parameters of System.Web.Security.MachineKey.Unprotect is wrong. Our project is old asp.net webform website, and is not using Owin. So I guess Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware is not appliable here.
What are the correct parameters to unprotect the data?
Upvotes: 0
Views: 48
Answers (0)
Related Questions
- How do I remedy "The breakpoint will not currently be hit. No symbols have been loaded for this document." warning?
- How to enumerate an enum?
- What is a NullReferenceException, and how do I fix it?
- How do I calculate someone's age based on a DateTime type birthday?
- How do I create an Excel (.XLS and .XLSX) file in C# without installing Microsoft Office?
- How do I cast int to enum in C#?
- How do I generate a random integer in C#?
- How do I get a consistent byte representation of strings in C# without manually specifying an encoding?