2

I have 2 application one in MVC 5 and another on asp.net core 2.2

I have added Machine Key On MVC 5 under system.web like below

<machineKey
 validationKey="0C0D6B2776BE432EE3B1554D5C8F88C168944B7E9B7A0FFC885DDE9E9AFA093A"
 decryptionKey="09CCCB69B54D74DB1C2379AB13371EA3D6743227BE6E0092EA3FB762D53668A6"
 validation="SHA1"
 decryption="AES"
 />

I want to apply the same key for .net core. I found some link to use data protection but I failed to add these keys to that.

Is there any way we can apply the key to the asp.net core

bhagirathi
  • 521
  • 6
  • 23

2 Answers2

0

I want to apply the same key for .net core. I found some link to use data protection but I failed to add these keys to that.

ASP.NET Core doesn't use web.config, and even if it did, it doesn't use machine keys either. Cryptography is handled via the Data Protection, which stores and generates keys in an entirely different way.

If you need to share things like cookies between ASP.NET and ASP.NET Core, you have to work in the opposite way and plug in the Data Protection API into your ASP.NET apps, so that they use the same system as ASP.NET Core.

Reference:

https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-3.1

Rena
  • 30,832
  • 6
  • 37
  • 72
  • Thanks for sharing, Do you know any data protection API which I can use. My Main problem is I am using load balancing and Redis + SignalR for sharing data and I have disbaled sticky Session so I read that I have to same the machine key so I planned to implement liek above. My Asp.Net Signalr application working fine for multiple server but when I tried to send the message to asp.net core it doesnot work. Please suggest any good way to implement his – bhagirathi Jul 03 '20 at 12:14
0

Do you know any data protection API which I can use. My Main problem is I am using load balancing and Redis + SignalR for sharing data and I have disbaled sticky Session so I read that I have to same the machine key so I planned to implement liek above. My Asp.Net Signalr application working fine for multiple server but when I tried to send the message to asp.net core it doesnot work. Please suggest any good way to implement his

It seems that you encrypted the message from a MVC 5, and want to decrypt the message from Asp.Net Core 2.2 application which is deploy on another machine. The MachineKey is only supported under .NET Framework.

To encrypt/decrypt data cross the application framework, you need to use class which support both under .NET Framework and .Net Core. And you can refer it from .NET Standard(eg. System.Security.Cryptography). Below is an demo to use Aes crossing the console apps between .NET Framework and .Net Core:

.Net Framework, console app encrypt data

    static void Main(string[] args)
    {
        string original = "Here is some data to encrypt!";

        // Create a new instance of the Aes
        // class.  This generates a new key and initialization
        // vector (IV).
        using (Aes myAes = Aes.Create())
        {
            File.WriteAllBytes("key.data", myAes.Key);
            File.WriteAllBytes("IV.data", myAes.IV);
            // Encrypt the string to an array of bytes.
            byte[] encrypted = EncryptStringToBytes_Aes(original, myAes.Key, myAes.IV);
            File.WriteAllBytes("encrypted.data", encrypted);
            Console.WriteLine("Original:   {0}", original);
        }

        return;
    }

   

    static byte[] EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV)
    {
        // Check arguments.
        if (plainText == null || plainText.Length <= 0)
            throw new ArgumentNullException("plainText");
        if (Key == null || Key.Length <= 0)
            throw new ArgumentNullException("Key");
        if (IV == null || IV.Length <= 0)
            throw new ArgumentNullException("IV");
        byte[] encrypted;

        // Create an Aes object
        // with the specified key and IV.
        using (Aes aesAlg = Aes.Create())
        {
            aesAlg.Key = Key;
            aesAlg.IV = IV;

            // Create an encryptor to perform the stream transform.
            ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

            // Create the streams used for encryption.
            using (MemoryStream msEncrypt = new MemoryStream())
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {
                        //Write all data to the stream.
                        swEncrypt.Write(plainText);
                    }
                    encrypted = msEncrypt.ToArray();
                }
            }
        }

        // Return the encrypted bytes from the memory stream.
        return encrypted;
    }

.Net core console app, decrypt data

    static void Main(string[] args)
    {
        // Decrypt the bytes to a string.
        //string roundtrip = DecryptStringFromBytes_Aes(encrypted, myAes.Key, myAes.IV);
   
        var key = File.ReadAllBytes("key.data");
        var iv = File.ReadAllBytes("IV.data");
        var encryptedData= File.ReadAllBytes("encrypted.data");
        // Decrypt the bytes to a string.
        string roundtrip = DecryptStringFromBytes_Aes(encryptedData, key, iv);
 
        Console.WriteLine("Round Trip: {0}", roundtrip);
    }



    static string DecryptStringFromBytes_Aes(byte[] cipherText, byte[] Key, byte[] IV)
    {
        // Check arguments.
        if (cipherText == null || cipherText.Length <= 0)
            throw new ArgumentNullException("cipherText");
        if (Key == null || Key.Length <= 0)
            throw new ArgumentNullException("Key");
        if (IV == null || IV.Length <= 0)
            throw new ArgumentNullException("IV");

        // Declare the string used to hold
        // the decrypted text.
        string plaintext = null;

        // Create an Aes object
        // with the specified key and IV.
        using (Aes aesAlg = Aes.Create())
        {
            aesAlg.Key = Key;
            aesAlg.IV = IV;

            // Create a decryptor to perform the stream transform.
            ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);

            // Create the streams used for decryption.
            using (MemoryStream msDecrypt = new MemoryStream(cipherText))
            {
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                    {

                        // Read the decrypted bytes from the decrypting stream
                        // and place them in a string.
                        plaintext = srDecrypt.ReadToEnd();
                    }
                }
            }
        }

        return plaintext;
    }

And you can also refer to the link below for the details about target framework.

Target frameworks in SDK-style projects

Fei Xue
  • 14,369
  • 1
  • 19
  • 27