Migrating asp.net MachineKey to asp.net Core Data Protection

Question

I have an old library built using asp.net 4.8 which uses the MachineKey functions to protect sensitive data before saving it onto the database.

I'm looking to upgrade the whole solution to .net 6 from the ground up (as in rewriting all the existing source code and using whatever can be reused) but want to keep using the same database.

This database has fields which have data protected by .net 4.8's MachineKey protection.

Is there any way to either

Implement a solution to use the new Data Protection API to encrypt and decrypt using the existing MachineKey keys - that is NOT using AspNetTicketBridge

or

Update all existing data on the database to use new encrypted values created by the Data Protection APIs?

Ideally would like to go with approach 2, but haven't been able to find anything related to this. - Or even if it's possible to do using SQL scripts so the initial data can be updated and then going forwards the new Data Protection API can be used to encrypt the data?

What solution did you find on this topic? – Ventsislav Petrov Jul 27 '22 at 21:38 — Ventsislav Petrov, Jul 27 '22 at 21:38

score 0 · Answer 1 · answered Dec 24 '21 at 05:57

0

I know you want to use function like MachineKey.UnProtect in .net core. And the Data Protection function is different between .netframework and .netcore. So if you want use it in .net core, you need to analysis the source in .net framework.

The good news is I find a good repo for you. Thanks for dmarlow's effort.

The repo address: Decrypts MachineKey protected AuthenticationTicket objects created by ASP.NET to be used in ASP.NET Core.

Related Post Using machine keys for IDataProtector - ASP.NET CORE

answered Dec 24 '21 at 05:57

Jason Pan

15,263
1
14
29

thanks for the answer Jason, as I've mentioned in my question, I'd prefer not to use AspNetTicketBridge which is the first link that you've sent across. I am currently using that library already for a temporary transition project, but would like to move away from any "old" .net technology going forwards and use .net core (6) to the fullest. Have you done anything similar to this before? I've been searching for the past month but can not find a good answer of migrating existing encrypted solutions to new methods. Or maybe I'm seeing them but not understanding the process correctly? – intrepidexplorer Dec 24 '21 at 09:57

Migrating asp.net MachineKey to asp.net Core Data Protection

1 Answers1