Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version
Go to top

HttpSecureCookie, A Way to Encrypt Cookies with ASP.NET 2.0

, 3 Apr 2006
Discussing how to encode and tamper-proof text and cookies using the MachineKey, by using reflection.
httpsecurecookie_demo.zip
Bin
AdamTibi.Web.Security.dll
httpsecurecookie_src.zip
Release
AdamTibi.Web.Security.dll
Properties
using System;
using System.Web;
using System.Web.Security;
using System.Reflection;

namespace AdamTibi.Web.Security {

    /// <summary>
    /// A wrapper arroud System.Web.Security.CookieProtectionHelper internal class
    /// </summary>
    public static class CookieProtectionHelperWrapper {

        private static MethodInfo _encode;
        private static MethodInfo _decode;

        /// <summary>
        /// Constructor
        /// </summary>
        static CookieProtectionHelperWrapper() {
            // obtaining a reference to System.Web assembly
            Assembly systemWeb = typeof(HttpContext).Assembly;
            if (systemWeb == null) {
                throw new InvalidOperationException("Unable to load System.Web.");
            }
            // obtaining a reference to the internal class CookieProtectionHelper
            Type cookieProtectionHelper = systemWeb.GetType("System.Web.Security.CookieProtectionHelper");
            if (cookieProtectionHelper == null) {
                throw new InvalidOperationException("Unable to get the internal class System.Web.Security.CookieProtectionHelper.");
            }
            // obtaining references to the methods of CookieProtectionHelper class
            _encode = cookieProtectionHelper.GetMethod("Encode", BindingFlags.NonPublic | BindingFlags.Static);
            _decode = cookieProtectionHelper.GetMethod("Decode", BindingFlags.NonPublic | BindingFlags.Static);

            if (_encode == null || _decode == null) {
                throw new InvalidOperationException("Unable to get the methods to invoke.");
            }
        }

        /// <summary>
        /// Wrapper arround CookieProtectionHelper.Encode
        /// </summary>
        /// <param name="cookieProtection">Protection Type</param>
        /// <param name="buf">Bytes buffer to encode</param>
        /// <param name="count">The number of bytes in the buffer</param>
        /// <returns>Encoded text</returns>
        public static string Encode(CookieProtection cookieProtection, byte[] buf, int count) {
            return (string)_encode.Invoke(null, new object[] { cookieProtection, buf, count });
        }

        /// <summary>
        /// Wrapper arround CookieProtectionHelper.Decode
        /// </summary>
        /// <param name="cookieProtection">Protection Type</param>
        /// <param name="data">String to decode</param>
        /// <returns>Decoded bytes</returns>
        public static byte[] Decode(CookieProtection cookieProtection, string data) {
            return (byte[])_decode.Invoke(null, new object[] { cookieProtection, data });
        }

    }

}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

Adam Tibi
Architect
United Kingdom United Kingdom
Passionate about refining software practices, promoting self-motivated teams and orchestrating agile projects that hit the deadline.
Lives in London, UK and works as a .NET architect consultant in the City.
 
Need a pro service to help your organisation? Contact me via my website www.AdamTibi.net.
Follow on   Twitter

| Advertise | Privacy | Mobile
Web03 | 2.8.140905.1 | Last Updated 3 Apr 2006
Article Copyright 2006 by Adam Tibi
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid