asp.net DES加密解密,接口或数据验证合法性

用时间及字符串加密

加密:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using BLL;
using Model;
using Newtonsoft.Json;

private void toLogin()
{
	int code = 1;
	string strresult = "";
	string sj = Convert.ToString(Request["sj"]);//2020-06-25 14:05:30
	string strcode = "abcd$007$" + sj;//随机码$工号$时间
	strresult = DES_Encrypt(strcode, "a1s^df*asd)f5Adf097adfa8s6dgf");

	//"https://localhost:44399/CommonWeb.aspx?code="+strresult
	var rsp_obj = new
	{
		code = code,
		result = strresult.ToString()
	};
	Response.Write(JsonConvert.SerializeObject(rsp_obj));//将rsp_obj转化为json并输出
	Response.End();
}

#region DES加密
/// <summary> 
/// DES加密 
/// </summary> 
/// <param name="Text"></param> 
/// <param name="sKey"></param> 
/// <returns></returns> 
public static string DES_Encrypt(string Text, string sKey)
{
	DESCryptoServiceProvider des = new DESCryptoServiceProvider();
	byte[] inputByteArray;
	inputByteArray = Encoding.Default.GetBytes(Text);
	des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
	des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
	System.IO.MemoryStream ms = new System.IO.MemoryStream();
	CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
	cs.Write(inputByteArray, 0, inputByteArray.Length);
	cs.FlushFinalBlock();
	StringBuilder ret = new StringBuilder();
	foreach (byte b in ms.ToArray())
	{
		ret.AppendFormat("{0:X2}", b);
	}
	return ret.ToString();
}
#endregion

解密:

using System;
using System.Security.Cryptography;
using System.Text;
using DAL;


protected override void OnInit(EventArgs e)
{

	string code = "";
	bool ispass = false;
	if (!string.IsNullOrEmpty(Request["code"]))
	{
		code = Request.QueryString["code"];
		//解密登录参数
		string tempInfo = DES_Decrypt(code, "a1s^df*asd)f5Adf097adfa8s6dgf");
		//string tempInfo = "abcd$007$2020-06-25 10:48:50";
		string[] loginInfoArr = tempInfo.Split('$');
		DateTime reDT = Convert.ToDateTime(loginInfoArr[2]);
		DateTime myDT = Convert.ToDateTime(DateTime.Now.ToString());
		TimeSpan span = myDT.Subtract(reDT);
		int iDiff = span.Seconds;
		//Common.CreateWebLog("BasePage比较时间", "myDT="+ myDT + "\n reDT=" + reDT + "\n iDiff=" + iDiff);
		if (iDiff >= 0 && iDiff < 10)//如果访问时间和服务器当前时间差10秒,
		{
			ispass = true;
			Session["ispass"] = "1";
		}

	}
	else
	{
		//如果没有传CODE,则判断session
		if (Session["ispass"]!=null)
		{
			string reispass = Convert.ToString(Session["ispass"]);
			if (reispass=="1")
			{
				ispass = true;
			}
		}
		
	}
	if (ispass == false)
	{
		Response.Redirect("ErrorPage.aspx");
	}

}

/// <summary> 
/// DES解密
/// </summary> 
/// <param name="Text"></param> 
/// <param name="sKey"></param> 
/// <returns></returns> 
public static string DES_Decrypt(string Text, string sKey)
{
	DESCryptoServiceProvider des = new DESCryptoServiceProvider();
	int len;
	len = Text.Length / 2;
	byte[] inputByteArray = new byte[len];
	int x, i;
	for (x = 0; x < len; x++)
	{
		i = Convert.ToInt32(Text.Substring(x * 2, 2), 16);
		inputByteArray[x] = (byte)i;
	}
	des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
	des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
	System.IO.MemoryStream ms = new System.IO.MemoryStream();
	CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);
	cs.Write(inputByteArray, 0, inputByteArray.Length);
	cs.FlushFinalBlock();
	return Encoding.Default.GetString(ms.ToArray());
}

 

posted @ 2020-06-25 16:15  离。  阅读(41)  评论(0编辑  收藏