堆栈内存溢出
  简体   繁体   English

如何在Node.js中解密owin cookie

[英]How to decrypt an owin cookie in Node.js

 原文  2016-08-05 10:16:06       node.js/ encryption/ owin

问题描述

I'm working in a node.js application where I'need to decrypt cookies . 我在需要解密cookie的node.js应用程序中工作。 for cookie enceyption use owin . 对于cookie密码使用owin。 plz tell me how to decrypt owin cookie in node.js .it save in browser . 请告诉我如何在node.js中解密owin cookie。保存在浏览器中。
thx in advance . 提前。

1 个解决方案

解决方案1
 0  2017-07-14 15:10:58

I'm not even sure if this is something you can/should do(from a security perspective) since you would need to know the machine encryption configuration. 我什至不确定这是否是您可以/应该做的事情(从安全角度来看),因为您将需要知道机器加密的配置。 I'd suggest considering if this is something really necessary to do. 我建议考虑是否真的需要这样做。

To do this you need to understand how to Decrypt the Cookie on ASP.NET side, and then "port" this to node. 为此,您需要了解如何在ASP.NET端解密Cookie,然后将其“移植”到节点。 You can check this link: 您可以检查此链接:

https://lbadri.wordpress.com/2014/11/23/reading-katana-cookie-authentication-middlewares-cookie-from-formsauthenticationmodule/ https://lbadri.wordpress.com/2014/11/23/reading-katana-cookie-authentication-middlewares-cookie-from-formsauthenticationmodule/

The critical part will the decryption part. 关键部分将是解密部分。 You can decrypt using the MachineProtect.UnProtect method to do this by loading the underlying "encryption" configuration for the machine. 您可以使用MachineProtect.UnProtect方法解密,方法是为计算机加载基础的“加密”配置。 Maybe you could try setting a specific machineKey configuration with keys and algorithms and then try unencrypting with those setting from Node.js. 也许您可以尝试使用密钥和算法设置特定的machineKey配置,然后尝试使用Node.js中的设置进行解密。 However you will need to know how to include the correct "purposes" in the decryption process. 但是,您将需要知道如何在解密过程中包括正确的“目的”。

To understand better how Unprotect works check this out: https://github.com/Microsoft/referencesource/blob/master/System.Web/Security/MachineKey.cs#L190 为了更好地了解Unprotect的工作原理,请查看以下内容: https : //github.com/Microsoft/referencesource/blob/master/System.Web/Security/MachineKey.cs#L190

You can browse the reference and see if you can make any sense out of it. 您可以浏览参考,看看是否可以理解参考。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何解密Node.js中的加密密码 - How to Decrypt an encrypted Password in Node.js 如何在cookie中使用node.js / geddy - How to use node.js/geddy with cookie 你将如何在 Node.js 中加密/解密数字? - How would you encrypt/decrypt numbers in Node.js? Node.js / SAML:如何解密RequestedSecurityToken的内容 - Node.js / SAML: How to decrypt contents of RequestedSecurityToken 如何在Node.Js中解密来自phpseclib的密码AES - How to decrypt cipher AES from phpseclib in Node.Js 如何解密用Rijndael-256加密的node.js中的消息? - How to decrypt a message in node.js that was encrypted with Rijndael-256? cookie node.js表达 - cookie node.js express 发送cookie到Node.js - Sending cookie to Node.js 加密iOS和Decrypt Node.js AES - Encrypt iOS and Decrypt Node.js AES 用Java加密,用node.js解密 - Encrypt in java, decrypt in node.js
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM