如何访问 .NET 用于 ViewState 签名和加密的底层库
我需要通过客户端线程化状态,但仅限于特定的获取请求(也称为链接)。因此,我不想将此状态添加到客户端的 ViewState 中,从而使其变得混乱。状态需要加密。如何创建一个新的类似 ViewState 的字典,并使用 machine.config 中 MachineKey 的密钥和设置对其进行加密?如果字典组件没有公开,我如何使用 machine.config 中的密钥来加密/解密字符串。我不想添加更多必须在我们的服务器场中复制以复制现有功能的配置。
I need to thread state through the client, but only for particular get requests (aka links). As such, I don't want to add this state to the client's ViewState, cluttering it up. The state needs to be encrypted. How can I create a new ViewState-like dictionary and encrypt it with the key and settings from MachineKey in machine.config? If the dictionary component isn't exposed, how can I encrpyt/decrypt strings using the key from machine.config. I don't want to add more configuration that must be replicated across our server farm to duplicate existing functionality.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
机器密钥配置可以通过 System.Web.Configuration.MachineKeySection 访问,除了构造函数和 Reset 之外,它没有公共方法。
字符串的解密是通过以下方法处理的:
其中调用
这些都是私有的;加密/解密功能未公开。通过构造 HttpContext,可以通过 System.Web.IHttpHandler 的实现来访问解密,但我不确定可以去哪里调用加密功能。
The machine key configuration is accessible through System.Web.Configuration.MachineKeySection which has no public methods besides a constructor and Reset.
Decryption of strings is handled by the following method:
Which calls
These are both private; the encryption/decryption functionality isn't exposed. It might be possible to access decryption through implementations of System.Web.IHttpHandler by constructing an HttpContext, though I'm not sure where one could go to call the encryption functionality.