How to obtain a randomly generated cookie encryption and authentication key in asp.net

asp.net|cookie| Encryption | random

This article is a supplement to the cookie problem to be considered from Asp.ne T 1.1 to ASP.net 2.0, which demonstrates how to obtain a randomly generated cookie encryption and authentication key through reflection in ASP.net 1.1 and asp.net 2.0.
asp.net 1.1 Sample code:
Object machinekeyconfig = HttpContext.Current.GetConfig ("System.web/machinekey");
To get an instance of System.web.configuration.machinekey+machinekeyconfig, Machinekeyconfig is a nested class of MachineKey

Type Machinekeytype = Machinekeyconfig.gettype (). Assembly.GetType ("System.Web.Configuration.MachineKey");
Get System.Web.Configuration.MachineKey Type

BindingFlags bf = BindingFlags.NonPublic | bindingflags.static;
Set binding Flags

MethodInfo bytearraytohexstring = Machinekeytype.getmethod ("bytearraytohexstring", BF);
Gets the Bytearraytohexstring method in machinekey by reflection, which converts a byte array to a string of 16 binary representations

Byte[] validationkey = (byte[]) Machinekeytype.getfield ("S_validationkey", BF). GetValue (Machinekeyconfig);
Get validation key byte array
SymmetricAlgorithm algorithm = (symmetricalgorithm) Machinekeytype.getfield ("S_odes", BF). GetValue (Machinekeyconfig);
byte[] decryptionkey = algorithm. Key;
Get an encryption key byte array
String validationkey = (string) bytearraytohexstring.invoke (Null,new object[]{validationkey,validationkey.length});
Converts a validation key byte array to a 16-binary-represented string
String decryptionkey = (string) bytearraytohexstring.invoke (Null,new object[]{decryptionkey,decryptionkey.length});
Converts a cryptographic key byte array to a 16-binary-represented string
asp.net 2.0 Sample code:
System.Web.Configuration.MachineKeySection machinekeysection = new System.Web.Configuration.MachineKeySection ();
Directly creating an instance of Machinekeysection, ASP.net 2.0 replaces machinekey in asp.net 1.1 with machinekeysection, and can be accessed directly without being internal protected.
Type type = typeof (System.Web.Configuration.MachineKeySection);//or Machinekeysection.gettype ();

PropertyInfo PropertyInfo = type. GetProperty ("Validationkeyinternal", BindingFlags.NonPublic | BindingFlags.Instance);
Byte[] Validationkeyarray = (byte[]) propertyinfo.getvalue (machinekeysection, NULL);
Gets a randomly generated validation key byte array

PropertyInfo = type. GetProperty ("Decryptionkeyinternal", BindingFlags.NonPublic | BindingFlags.Instance);
Byte[] Decryptionkeyarray = (byte[]) propertyinfo.getvalue (machinekeysection, NULL);
Gets a randomly generated cryptographic key byte array

MethodInfo bytearraytohexstring = type. GetMethod ("bytearraytohexstring", BindingFlags.Static | BindingFlags.NonPublic);
Gets the Bytearraytohexstring method in Machinekeysection by reflection, which converts a byte array to a string of 16 binary representations
String validationkey = (string) Bytearraytohexstring.invoke (null, new object[] {validationkeyarray, Validationkeyarray.length});
Converts a validation key byte array to a 16-binary-represented string
String decryptionkey = (string) Bytearraytohexstring.invoke (null, new object[] {decryptionkeyarray, Decryptionkeyarray.length});
Converts a cryptographic key byte array to a 16-binary-represented string