如何以及在何处设置Bullet Proof Cookies代码的RSA密钥 [英] how and where to set RSA keys for Bullet Proof Cookies code
本文介绍了如何以及在何处设置Bullet Proof Cookies代码的RSA密钥的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在rsa.FromXmlString(xmlKey);行中发生异常第1行的语法无效".
OP更新:
防弹饼干 [
at line rsa.FromXmlString(xmlKey); exception occure "Invalid syntax on line 1."
UPDATE from OP:
Bullet Proof Cookies[^]
At Line 81 rsa.FromXmlString(xmlKey); following exception occure "Invalid syntax on line 1." .
using System;
2 using System.IO;
3 using System.Xml;
4 using System.Web;
5 using System.Text;
6 using System.Collections.Specialized;
7 using System.Security.Cryptography;
8
9 namespace BulletProofCookiesArticle
10 {
11 /// <summary>
12 /// Summary description for CHelperMethods.
13 /// </summary>
14 public class CHelperMethods
15 {
16 // you should properly create your own keys and ivs
17 private static byte[] key_192 = new byte[]
18 {10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
19 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10};
20
21 private static byte[] iv_128= new byte[]
22 {10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
23 10, 10, 10, 10};
24
25 public static string EncryptRijndaelManaged(string value)
26 {
27 if (value == "")
28 return "";
29
30 RijndaelManaged crypto = new RijndaelManaged();
31 MemoryStream ms = new MemoryStream();
32 CryptoStream cs = new CryptoStream(ms, crypto.CreateEncryptor(key_192, iv_128),
33 CryptoStreamMode.Write);
34
35 StreamWriter sw = new StreamWriter(cs);
36
37 sw.Write(value);
38 sw.Flush();
39 cs.FlushFinalBlock();
40 ms.Flush();
41
42 return Convert.ToBase64String(ms.GetBuffer(), 0, (int) ms.Length);
43 }
44
45 public static string DecryptRijndaelManaged(string value)
46 {
47 if (value == "")
48 return "";
49
50 RijndaelManaged crypto = new RijndaelManaged();
51 MemoryStream ms = new MemoryStream(Convert.FromBase64String(value));
52 CryptoStream cs = new CryptoStream(ms, crypto.CreateDecryptor(key_192, iv_128),
53 CryptoStreamMode.Read);
54
55 StreamReader sw = new StreamReader(cs);
56
57 return sw.ReadToEnd();
58 }
59
60 public static string SignAndSecureData(string value)
61 {
62 return SignAndSecureData(new string[] {value});
63 }
64
65 public static string SignAndSecureData(string[] values)
66 {
67 throw new Exception("Please set your own XML RSA Key before you can run this sample");
68 string xmlKey = "";
69 return SignAndSecureData(xmlKey, values);
70 }
71
72 public static string SignAndSecureData(string xmlKey, string[] values)
73 {
74 XmlDocument xmlDoc = new XmlDocument();
75 xmlDoc.LoadXml("<x></x>");
76
77 for (int i = 0; i < values.Length; i++)
78 _AddNode(xmlDoc, "v" + i.ToString(), values[i]);
79
80 RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
81 rsa.FromXmlString(xmlKey);
82
83 byte[] signature = rsa.SignData(Encoding.ASCII.GetBytes(xmlDoc.InnerXml),
84 "SHA1");
85
86 _AddNode(xmlDoc, "s", Convert.ToBase64String(signature, 0, signature.Length));
87 return EncryptRijndaelManaged(xmlDoc.InnerXml);
88 }
89
90 public static bool DecryptAndVerifyData(string input, out string[] values)
91 {
92 throw new Exception("Please set your own XML RSA Key before you can run this sample");
93 string xmlKey = "";
94 return DecryptAndVerifyData(xmlKey, input, out values);
95 }
96
97 public static bool DecryptAndVerifyData(string xmlKey, string input, out string[] values)
98 {
99 string xml = DecryptRijndaelManaged(input);
100
101 XmlDocument xmlDoc = new XmlDocument();
102 xmlDoc.LoadXml(xml);
103
104 values = null;
105
106 XmlNode node = xmlDoc.GetElementsByTagName("s")[0];
107 node.ParentNode.RemoveChild(node);
108
109 // verify
110 RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
111 rsa.FromXmlString(xmlKey);
112
113 byte[] signature = Convert.FromBase64String(node.InnerText);
114
115 byte[] data = Encoding.ASCII.GetBytes(xmlDoc.InnerXml);
116 if (!rsa.VerifyData(data, "SHA1", signature))
117 return false;
118
119 // count values
120 int count;
121 for (count = 0; count < 100; count++)
122 {
123 if (xmlDoc.GetElementsByTagName("v" + count.ToString())[0] == null)
124 break;
125 }
126
127 values = new string[count];
128
129 for (int i = 0; i < count; i++)
130 values[i] = xmlDoc.GetElementsByTagName("v" + i.ToString())[0].InnerText;
131
132 return true;
133 }
134
135
136 public static void SignAndSecureCookie(HttpCookie cookie, NameValueCollection serverVariables)
137 {
138 if (cookie.HasKeys)
139 throw (new Exception("Does not support cookies with sub keys"));
140
141 if (cookie.Expires != DateTime.MinValue) // has an expiry date
142 {
143 cookie.Value = SignAndSecureData(new string[]
144 {
145 cookie.Value,
146 serverVariables["REMOTE_ADDR"],
147 cookie.Expires.ToString()});
148 }
149 else
150 {
151 cookie.Value = SignAndSecureData(new string[]
152 {cookie.Value, serverVariables["REMOTE_ADDR"]});
153 }
154 }
155
156 public static string DecryptAndVerifyCookie(HttpCookie cookie, NameValueCollection serverVariables)
157 {
158 if (cookie == null)
159 return null;
160
161 string[] values;
162
163 if (!DecryptAndVerifyData(cookie.Value, out values))
164 return null;
165
166 if (values.Length == 3) // 3 values, has an expiry date
167 {
168 DateTime expireDate = DateTime.Parse(values[2]);
169 if (expireDate < DateTime.Now)
170 return null;
171 }
172
173 if (values[1] != serverVariables["REMOTE_ADDR"])
174 return null;
175
176 return values[0];
177 }
178
179 private static void _AddNode(XmlDocument xmlDoc, string name, string content)
180 {
181 XmlElement elem = xmlDoc.CreateElement(name);
182 XmlText text = xmlDoc.CreateTextNode(content);
183 xmlDoc.DocumentElement.AppendChild(elem);
184 xmlDoc.DocumentElement.LastChild.AppendChild(text);
185 }
186 }
187 }
通过查看与本文相关的下载内容,您同意使用条款和本文的许可证.
如果您要查看的文件未突出显示,
By viewing downloads associated with this article you agree to the Terms of use and the article''s licence.
If a file you wish to view isn''t highlighted,
推荐答案
您不必发布所有这些代码...该错误意味着您的XML该行尝试读取的不是有效的XML格式.
You didn''t have to post all of this code... That error means your XML that the line is trying to read isn''t in valid XML format.
这篇关于如何以及在何处设置Bullet Proof Cookies代码的RSA密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
