MachineKeyValidation Enum

Definition

Specifies the hashing algorithm that ASP.NET uses for forms authentication and for validating view state data, and for out-of-process session state identification.

public enum MachineKeyValidation
Inheritance
MachineKeyValidation

Fields

Name Value Description
MD5 0

Specifies that ASP.NET uses the Message Digest 5 (MD5) hashing algorithm, which is a hashing algorithm that generates a 128-bit hash value. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required.

SHA1 1

Specifies that ASP.NET uses the HMACSHA1 hash algorithm, which is a hashing algorithm that generates a 160-bit hash value. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required.

TripleDES 2

Specifies that ASP.NET uses the TripleDES (3DES) encryption algorithm, which is an encryption algorithm that is used only if you specify that view state is encrypted. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required.

AES 3

Specifies that ASP.NET uses the AES encryption algorithm. Choose this option if you want to encrypt view state in your Web application.

If you choose this option, the DecryptionKey property will be used for encryption and decryption, and the HMACSHA1 hash algorithm will be used with the ValidationKey property for validation.

HMACSHA256 4

Specifies that ASP.NET uses the HMACSHA256 hashing algorithm, which is an SHA2 hashing algorithm that generates a 256-bit hash code. This is the default value.

HMACSHA384 5

Specifies that ASP.NET uses the HMACSHA384 hashing algorithm, which is an SHA2 hashing algorithm that generates a 384-bit hash code. This option is available for applications that require stronger security than provided by the HMACSHA256 algorithm.

HMACSHA512 6

Specifies that ASP.NET uses the HMACSHA512 hashing algorithm, which is an SHA2 hashing algorithm that generates a 512-bit hash code. This option is available for applications that require stronger security than provided by the >HMACSHA384 algorithm.

Custom 7

Specifies that ASP.NET uses a custom hashing algorithm. The custom hashing algorithm can be implemented in any class that derives from KeyedHashAlgorithm.

The custom algorithm is typically specified declaratively in the validation attribute of the machineKey element, in the format alg:`*algorithm_name*. For information about how to specify a custom algorithm in code, see the ValidationAlgorithm property.

Examples

The following code example shows how to use the MachineKeyValidation enumeration. In the example, configSection is an instance of MachineKeySection. This code example is part of a larger example provided for the MachineKeySection class.

// Set Validation property.
configSection.Validation = MachineKeyValidation.HMACSHA256;

Remarks

ASP.NET uses a hash-based message authentication code (HMAC) to help detect whether data that is used for forms authentication or view state has been tampered with. The HMAC is generated when view state content is created, and the HMAC is checked on subsequent requests. The HMAC helps ASP.NET determine whether someone has changed data that is sent between the server and the client, but the data can be read by anyone as it travels through the Internet unless it is also encrypted. By default, view state is validated but not encrypted. For more information, see ViewStateEncryptionMode and RegisterRequiresViewStateEncryption.

The MachineKeyValidation enumeration lets you specify the algorithm that ASP.NET uses to create the HMAC. The default value is HMACSHA256. ASP.NET uses the value of the ValidationKey property with the selected algorithm to generate the HMAC.

Applies to

Product Versions
.NET Framework 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1

See also