关于传递字符串加密的问题
页面跳转时我想把用户ID做为参数传递,通过URL的方式,但是我不希望用户能看到,想对字符串进行加密,找到很多加密方法有的不会用有的不好用,有人能给一个简单点的并且好用的方法吗?谢谢了!
[解决办法]
既然这样,干脆用Session传递好了。
[解决办法]
不想看到你可以用Post方式何必这么麻烦呢
实在要这样你可以自己写个可逆的算法就行
[解决办法]
/// <summary>
/// 将指定字符串进行Base64编码。
/// </summary>
/// <param name= "codeType "> </param>
/// <param name= "code "> </param>
/// <returns> </returns>
public static string EncodeBase64(string codeType, string code)
{
string encode = " ";
byte[] bytes = Encoding.GetEncoding(codeType).GetBytes(code);
encode = Convert.ToBase64String(bytes);
return encode;
}
/// <summary>
/// 将指定字符串进行Base64解码。
/// </summary>
/// <param name= "codeType "> </param>
/// <param name= "code "> </param>
/// <returns> </returns>
public static string DecodeBase64(string codeType, string code)
{
string decode = " ";
byte[] bytes = Convert.FromBase64String(code);
decode = Encoding.GetEncoding(codeType).GetString(bytes);
return decode;
}
codeType可以用 "utf-8 "
code为你要加/解 密的内容
[解决办法]
类似
string strTest= "123 ";
strTest=EncodeBase64( "utf-8 ",strTest);
//strTest : STLz
strTest=DecodeBase64( "utf-8 ",strTest);
//strTest: 123
[解决办法]
楼上的偶赞同
不过还有种方法
public class Md5
{
/// <summary>
/// md5加密方法
/// </summary>
/// <param name= "str "> 需要加密的字符传 </param>
/// <returns> 加密后的字符传 </returns>
public static string Encrypt(string str)
{
return System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(str, "MD5 ");
}
}
[解决办法]
将数字进行MD5加密没有什么意义,人家要是想知道的话从1到N一个一个去进行MD5加密,再跟传递的参数进行比较不就知道实际ID了。
[解决办法]
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
namespace MDcode
{
/// <summary>
/// Rijndael 的摘要说明。
/// </summary>
public class Rijndael
{
private System.Security.Cryptography.SymmetricAlgorithm sa;
private string key;
private string IV;
public Rijndael()
{
sa = new RijndaelManaged();
key = "!w@o#s$h%i^s&j*f(z)x_womenzuihao "; // "2S(a5%aE9&$820blOF*!ao43KplpPTq82%ggj(ai18*afkv3AfghKO28vs9favi(jFf*Fdja98w8JIlfo3v0f%lfjOi3jIf9*2jNv!eq ";//这个自己可以改掉
IV = "1011[{shuyu733}] "; // "v%fjh1aaG&94r8fi*fyh4afg0ir3QYgjOi0fatj3iV5Y(jkg6e!fg0r3f7GVR9gmrn(0ogEnJ6q%gjir30h(T530hbw!gmKeq2g*(n0j ";//这个也可以改掉
}
private byte[] getKey()
{
string gKey = this.key;
sa.GenerateKey();
byte[] bTemp = sa.Key;
int keyLength = bTemp.Length;
if(this.key.Length > keyLength)
{
gKey = gKey.Substring(0, keyLength);
}
else
{
gKey = gKey.PadRight(keyLength, ' ');
}
return ASCIIEncoding.ASCII.GetBytes(gKey);
}
private byte[] getIV()
{
string gIV = this.IV;
sa.GenerateIV();
byte[] bTemp = sa.IV;
int IVLength = bTemp.Length;
if(this.IV.Length > IVLength)
{
gIV = gIV.Substring(0, IVLength);
}
else
{
gIV = gIV.PadRight(IVLength, ' ');
}
return ASCIIEncoding.ASCII.GetBytes(gIV);
}
public string RijndaelEncrypt(string re)
{
byte[] reIn = UTF8Encoding.UTF8.GetBytes(re);
MemoryStream ms = new MemoryStream();
sa.Key = this.getKey();
sa.IV = this.getIV();
System.Security.Cryptography.ICryptoTransform it = sa.CreateEncryptor();
System.Security.Cryptography.CryptoStream cs = new CryptoStream(ms, it, System.Security.Cryptography.CryptoStreamMode.Write);
cs.Write(reIn, 0, reIn.Length);
cs.FlushFinalBlock();
byte[] reOut=ms.ToArray();
ms.Close();
cs.Close();
return Convert.ToBase64String(reOut);
}
public string RijndaelDencrypt(string rd)
{
byte[] rdIn = Convert.FromBase64String(rd);
MemoryStream ms = new MemoryStream(rdIn, 0, rdIn.Length);
sa.Key = this.getKey();
sa.IV = this.getIV();
System.Security.Cryptography.ICryptoTransform it = sa.CreateDecryptor();
System.Security.Cryptography.CryptoStream cs = new CryptoStream(ms, it, System.Security.Cryptography.CryptoStreamMode.Read);
StreamReader sr = new StreamReader(cs);
string str = sr.ReadToEnd();
ms.Close();
cs.Close();
return str;
}
}
}
[解决办法]
实例化Rijndael对象
RijndaelEncrypt为加密方法
RijndaelDencrypt为解密方法
传递的时候别忘了Server.UrlEncode一下!
如果你BOSS没特意要求你必须通过URL传
那就不用这么麻烦了
[解决办法]
Http协议本身限定了它是不安全的,不论POST or GET,它都以明文传输。
提供一个3DES加密方法,希望对楼主有所帮助:
/// <summary>
/// 3DES加密
/// </summary>
/// <param name= "Value "> 待加密字符串 </param>
/// <param name= "sKey "> 密钥 </param>
/// <param name= "sIV "> 矢量 </param>
/// <returns> 加密后字符串 </returns>
private static string encryptString(string Value, string sKey, string sIV)
{
//构造对称算法
SymmetricAlgorithm mCSP = new TripleDESCryptoServiceProvider();
ICryptoTransform ct;
MemoryStream ms;
CryptoStream cs;
byte[] byt;
mCSP.Key = Convert.FromBase64String(sKey);
mCSP.IV = Convert.FromBase64String(sIV);
//指定加密的运算模式
mCSP.Mode = System.Security.Cryptography.CipherMode.ECB;
//获取或设置加密算法的填充模式
mCSP.Padding = System.Security.Cryptography.PaddingMode.PKCS7;
ct = mCSP.CreateEncryptor(mCSP.Key, mCSP.IV);
byt = Encoding.UTF8.GetBytes(Value);
ms = new MemoryStream();
cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);
cs.Write(byt, 0, byt.Length);
cs.FlushFinalBlock();
cs.Close();
return Convert.ToBase64String(ms.ToArray());
}
/// <summary>
/// 3DES解密
/// </summary>
/// <param name= "Value "> 待解密字符串 </param>
/// <param name= "sKey "> 密钥 </param>
/// <param name= "sIV "> 矢量 </param>
/// <returns> 解密后字符串 </returns>
private static string decryptString(string Value, string sKey, string sIV)
{
//构造对称算法
SymmetricAlgorithm mCSP = new TripleDESCryptoServiceProvider();
ICryptoTransform ct;
MemoryStream ms;
CryptoStream cs;
byte[] byt;
mCSP.Key = Convert.FromBase64String(sKey);
mCSP.IV = Convert.FromBase64String(sIV);
mCSP.Mode = System.Security.Cryptography.CipherMode.ECB;
mCSP.Padding = System.Security.Cryptography.PaddingMode.PKCS7;
ct = mCSP.CreateDecryptor(mCSP.Key, mCSP.IV);
byt = Convert.FromBase64String(Value);
ms = new MemoryStream();
cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);
cs.Write(byt, 0, byt.Length);
cs.FlushFinalBlock();
cs.Close();
return Encoding.UTF8.GetString(ms.ToArray());
}
