是窗体身份验证票解密可能用PHP？ [英] Is Forms Authentication Ticket Decryption possible with PHP?

问题描述

我是一个PHP开发谁知道几乎一无所知.NET。我一直在问的.NET家伙在工作中翻译.NET code表示解密的身份验证票证到PHP使PHP的code可以再设置相应的会话变量对我的应用程序运行。这甚至可能吗？我盯着code和它莫名其妙我。我会继续努力，如果有人能告诉我这是不是由于某种原因，我甚至不知道浪费时间。感谢您的帮助！

I'm a PHP developer who knows almost nothing about .NET. I've been asked by the .NET guys at work to translate .NET code that decrypts an authentication ticket into PHP so that the PHP code can then set the appropriate session variables for my application to run. Is this even possible? I'm staring at the code and it's baffling me. I'll keep trying if someone can tell me it's not a waste of time for some reason I don't even know. Thanks for any help!

附加信息：我可以连抢用PHP票摆在首位？

Additional info: Can I even grab the ticket with PHP in the first place?

推荐答案

正如甘博说，你必须考虑到所涉及的算法。在asp.net身份验证票证使用：

As Gumbo said, you need to take into account the algorithms involved. The asp.net authentication ticket uses:

1. 创建一个序列化的形式 身份验证票证。一个字节数组 重的罚单presentation是 创建。
2. 登录窗体身份验证 票。消息认证 code（MAC）值的字节数组 是通过使用算法计算的 并通过确认键指定 和的validationKey的属性 machineKey中的元素。默认情况下， SHA1算法。
3. 在加密表单身份验证票证。 第二个字节数组已经 创建是通过使用加密 的加密方法 FormsAuthentication类。该 加密方法在内部使用 由指定的算法和密钥 解密和decryptionKey 在将machineKey属性 元件。 ASP.NET 1.1版应用 3DES算法默认。 ASP.NET 2.0版本使用 默认情况下Rinjdael（AES）算法。

1. Create a serialized forms authentication ticket. A byte array representation of the ticket is created.
2. Sign the forms authentication ticket. The message authentication code (MAC) value for the byte array is computed by using the algorithm and key specified by the validation and validationKey attributes of the machineKey element. By default, the SHA1 algorithm is used.
3. Encrypt forms authentication ticket. The second byte array that has been created is encrypted by using the Encrypt method of the FormsAuthentication class. The Encrypt method internally uses the algorithm and key specified by the decryption and decryptionKey attributes on the machineKey element. ASP.NET version 1.1 uses the 3DES algorithm by default. ASP.NET version 2.0 uses the Rinjdael (AES) algorithm by default.

这篇关于是窗体身份验证票解密可能用PHP？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！