Getting current MachineKey, or equivilent, for HMAC (in web-farm)

橙三吉。 提交于 2019-12-01 05:27:16

问题


I am using HMACSHA256 for message authentication in a web-farm environment.

Within the web-farm each machine has the same machine key, so the ViewState will work across machines, however, I need to do HMAC message authentication which will work across machines, so I figured that since all machines use the same machine key, there should be a way to derive a key from that to use as the HMAC key.

I notice that as of .NET 4.0 there is the MachineKey class, however, I am stuck with using .NET 3.5, and this is unavailable to me.

Is there a way to get some sort key that is the same on all machines without generating my own, for use in an ASP.NET 3.5 environment?

Edit

I don't actually need the machine key itself, just the validation key that is derived from the machine key (or equivalent).


回答1:


You can read the machine key from the web.config. This link shows how to do so: http://aspnetresources.com/blog/how_to_read_auto_generated_machinekey

Keep in mind, that the author of the article reads the generated machine key - so you have to do some changes in the code.

I just read the article a little bit more and saw, that it uses reflection, which isn't neccessary, if you store the machine key inside the web.config. Essentially it breaks down to this line:

MachineKeySection section = (MachineKeySection) 
  ConfigurationManager.GetSection ("system.web/machineKey");


来源:https://stackoverflow.com/questions/14141066/getting-current-machinekey-or-equivilent-for-hmac-in-web-farm

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!