|
该用户从未签到
|
|
登录协同工作平台安全解决方案 8 ?+ q1 W) H# ~% o" P
[摘要]公司领导说登录验证的安全性如何保证,建议采用UKEY验证类似网银解决,调用第三方YT公司产品。 解决方案:
5 v3 c4 L4 c0 x0 L/ V
前端页面: - <embed id="s_simnew61" type="application/npsyunew6-plugin" hidden="true"> </embed><!--创建firefox,chrome等插件-->; T, _6 p& B, z* B! j
- <script type="text/javascript" language="javascript" >
1 O4 L# d2 [* T' G" S# M - //加载皮肤; v9 H1 ^5 ^5 c% H8 n2 z
- var setTheme = function () {
5 ~+ B c# D5 S1 Y2 r# T/ t" G - Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), {' X6 v' ?8 S9 K
- success: function (result) {
7 D( n( m/ o5 m) v5 s - Ext.net.ResourceMgr.setTheme(result);
: ?1 |5 M2 Z G! L% m - }: K- Y: Z) _2 m8 g
- });3 H$ A9 {( n* E o# r
- };
: V) M2 u4 N L( L - //回车出发& `9 }0 j. K6 Y {7 `2 F
- document.onkeydown = function (event) {
8 ~. N+ m) K! P6 x: M - e = event ? event : (window.event ? window.event : null);8 ~+ _! W; b- z6 `7 G8 J' U
- if (e.keyCode == 13) {
: N: W8 A& a9 z3 W4 a - //执行的方法
- j9 O1 S4 i+ o k - //alert('回车检测到了');
* @1 I" R1 H) k, K, } - //Ext.net.DirectMethods.Login();
& z$ p% F. m5 q/ g5 T - login(); c5 t! e. A% d
- }
0 } L0 c6 @3 U' i5 O - }% D" O. H' `6 v) P# t
- l/ m+ L w$ ^0 b) U/ Y7 @
- var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
% e/ r; H+ l+ A* O7 G3 Z - function toHex(n) {
" B. I( R' C& [! n - var result = ''' Y; d4 X) r0 H; z* m
- var start = true;! p& L6 f' l2 p. K! I7 v) H
- for (var i = 32; i > 0; ) {
) ^0 x0 q' z' q - i -= 4; B/ v* H/ k4 b, e4 a7 F$ `
- var digit = (n >> i) & 0xf;
: H6 l- O3 Z# K9 X - / Y A: w- w6 Y' v' [/ N! m: W4 e
- if (!start || digit != 0) {
) F& J+ p/ T7 s& E - start = false;
1 K, l8 k; X; S' U0 P - result += digitArray[digit];
8 p4 X/ p F2 k7 j& U: e. ` - }7 Y5 M% F7 _) { z9 C3 N
- }( j1 X8 o* m$ Y% u- }
- return (result == '' ? '0' : result);( j) {( Z. `* a" x7 E7 ?( _
- }
& b+ W2 D: q# h8 }. |+ p
2 X) a3 O+ t' S- @2 B$ D8 m- var login = function () {
6 q9 \ ?# I9 R6 V8 c - var IsCheck = 'N';
( B" c$ e+ o+ _& v, V0 s - if (window.location.host == "localhost:23111") {" w# s' @' _$ G6 j/ u) E8 D
- var DevicePath, ret, n, mylen;
8 G1 T1 f7 V1 Y6 H [ - try {# B1 Q. f! e* S8 v
- //建立操作我们的锁的控件对象,用于操作我们的锁
! Y3 A1 @4 R/ k; ]: s - var s_simnew61;
7 |5 p! Y- ~ V4 k6 I; K
1 Z7 ?1 c. F; G, T* W+ I+ b3 B- //创建插件或控件! s+ `/ u6 @" R% J
- if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) {
! ^% H+ [6 {7 X4 A$ Z! G; E - s_simnew61 = new ActiveXObject("Syunew6A.s_simnew6");& |+ ~, ]2 d. O. I8 i) U/ V
- }
2 J: L2 C$ W' @5 |% O' o - else {
- T, N% C S9 R! J" e - s_simnew61 = document.getElementById('s_simnew61');
# G" o# a+ }/ V% L3 r: f - }
+ q' r; T! f. K/ ] U" F
+ D1 Y2 {2 M& R4 E
6 }' H% g/ H" [9 r8 k$ b- //查找是否存在锁,这里使用了FindPort函数0 s0 ^! j, y1 [# V4 Q
- DevicePath = s_simnew61.FindPort(0);9 e8 o' G" Y- o* q8 S2 I
- if (s_simnew61.LastError != 0) {5 \0 v0 [# h! Q6 J; s/ c
- window.alert("没有找到Ukey ,请插入UKey");; X Q( Z( ^+ a/ |& A9 I
- //window.location.href = "err.html";! B8 A; Z u3 ]
- return;5 K7 B9 i" n# J0 e; w
- }0 R5 O. @+ c$ a) Z' M, v$ {
- 9 X+ o+ T) Z3 O7 T
- //这里返回对随机数的HASH结果3 t5 a( P% A( K" b5 D
- frmlogin.return_EncData.value = s_simnew61.EncString(frmlogin.rnd.value, DevicePath);
) l# w4 ^$ B+ N. `. d4 ^$ u - if (s_simnew61.LastError != 0) {) r4 e2 s$ ^' P- W4 A
- window.alert("Err to StrEnc,ErrCode is:" + s_simnew61.LastError.toString());7 @: p6 z! t9 b2 b
- return;+ w- Z; ?. f$ ]
- }
5 j3 `3 G( t% g8 J0 M7 K - IsCheck = 'Y';5 A7 ?8 \! Y. f3 q: @; N- L6 \
- ; Y+ r3 M% g+ \% ^2 c
- Ext.net.DirectMethods.Login(IsCheck);. `5 U* {/ i% l
- & l# ^) @" K1 U) ?. u v
- } catch (e) {
; B9 T" Y3 t2 ]3 N e - alert("您在使用外网访问:" + e.name + ": " + e.message + "。可能是没有安装相应的控件或插件");& p# E: L6 v# V9 p
- }- e$ @) G. M5 |
- } else {
7 L! W/ ` X V8 @ - Ext.net.DirectMethods.Login(IsCheck);' X% z7 Y% d4 q, ?
- }
* L0 u2 T% I: G) x* g - , j3 A) c5 n! j
- };
! }! \# Q ^ u( L; E+ T - </script>
6 q! {* {3 J4 g; x3 R9 A8 p- h1 g - <script type="text/javascript" language="javascript">
$ B6 q9 R+ M9 Q" I/ [ - function reloadCode() {
0 Z: ~* k" P8 N/ O! v' `1 t - var obj = document.getElementById('imgCode');
8 {; N. A z1 ]- O9 I - obj.src = "VerifyCode.aspx?";
' M' |; {: j5 U. A O! x4 O8 {* M - }6 P" k" Y) e2 T6 p2 s: ~) a- o
. f* V' G/ t' R! q0 O2 l7 J, F- </script> q( U D+ Q' A8 B. \
- CS代码:
6 o+ O: L/ ~9 I. | - SoftKey2K ytsoftkey;
4 n& O3 o f6 l) H - String KeyPath;
1 K( x) X) G i3 @- M1 a( \ - private string _randomcode; z/ q9 _& h* y# M( B: ]
- /// <summary>
& t; j# u4 V h5 { - /// 随机数# ]6 C' H0 H2 ^; o% |, K8 l
- /// </summary>
/ X' e0 K# f# W5 n( k7 B A - public string Randomcode9 I0 T" U$ Y# [; |7 y( e0 \6 m0 t
- {0 m1 w" V7 x! U' \3 j7 J7 s
- get { return _randomcode; }, n- C$ I' N# k9 J7 Q
- set { _randomcode = value; }& g8 b) c, H1 M# V* T) p+ f
- } h4 Q7 N: t3 _6 J4 c0 B& Q
- protected void Page_Load(object sender, EventArgs e)
! Z% Q; C% t9 G) E0 Y0 z2 g - {- L5 d. k/ K* C9 L' r9 l
- if (!IsPostBack)
0 X1 q5 D6 |. G& h7 w - {- |7 u0 h$ i2 t
- System.Random random = new System.Random();
1 F: c% q( \1 e1 Q& c6 x - Session["rnd"] = rnd.Value = random.Next(0, 2147483646).ToString();( q) M& v0 M' J
- Response.Cookies.Add(new HttpCookie("CheckCode", ""));1 I+ H X2 _2 p% m
- }/ I U j1 k# T V5 S7 o8 s
- }4 @ l. X r5 Q) i, g" u
1 w' D5 O( K' m2 z8 B: k5 t2 p ~-
/ [4 ?- Z5 S2 {6 G; h - [DirectMethod]
+ N0 S0 E9 R2 \4 E - public void Login(string IsCheck)
' Q7 y& u$ u! F8 q - {
$ @( l4 o+ z) E. ~. \ - Check(IsCheck) ;
% P/ W( Z1 V9 X3 d -
9 `! `) _" _ P, G7 @1 o1 {$ r - }2 D) T9 V& k/ b5 i: Y2 W& Y8 s# A
- /// <summary>/ i4 o v2 h$ a9 p
- /// 登录验证
* ]) g( {% m/ }) s, R+ M( h5 s# P - /// </summary>
8 w* q% `+ I0 M6 H' d; ]" m - /// <param name="IsCheck"></param>
, E: Z% D' B8 e' i- D& E - private void Check(string IsCheck) 6 E6 p5 I5 i; |! `$ N+ @4 }
- {
1 p( Y& b, B7 P* Y6 }5 P# m9 | - if (Request.Cookies["CheckCode"] == null)
8 P2 c- p& {, n9 q } - {
/ _* k4 W# _5 V+ a- d - + |9 B% r0 Y/ q+ ]0 ~+ {7 H. I
- Notification.Show(new NotificationConfig b$ T, ]" q4 H! i2 _; j
- {
9 {% s: _( J- v: U - Title = "提醒",4 c. q. i8 t/ l/ N8 e& Q) Q5 Z
- Icon = Icon.Information,
7 W' b' K7 |2 ~1 } - Html = "<font style='color:red;'>您的浏览器设置已被禁用 Cookies,您必须设置浏览器允许使用 Cookies 选项后才能使用本系统。</font>"" k* s! I& ]% A; F6 r- Z1 v
- });
. s/ U; t* u+ j" A - return;
' a) p7 n7 i( R* } - }; g! A0 ^0 r& Z9 J/ r
- //验证码比较/ i- K, W$ O8 Z( x$ m8 d. C$ v6 ]) ]' _
- if (String.Compare(Request.Cookies["CheckCode"].Value.ToUpper(), this.txtVerifyCode.Text.ToString().Trim().ToUpper(), true) != 0)2 W, T. `% W/ f, G9 X! u( ~0 }
- {
3 _& K4 ?) s- J: @. K& y( g2 ? - this.txtVerifyCode.SetValue("");" j( |6 r' N8 U; j0 g
- Notification.Show(new NotificationConfig
$ v9 m4 E3 j1 M& c- _) K$ D( T - {
0 e7 D* Q; y4 I3 i - Title = "提醒",
3 V( [2 r. s! l4 ? - Icon = Icon.Information,/ N9 ^; y. N2 ~1 [# g- n
- Html = "<font style='color:red;'>验证码错误,请重新输入</font>"4 } _, D9 T8 o- Y
- });8 p: h' i2 \7 P( ^& t4 a
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");1 m; z6 F2 }9 _! ]/ C* X
- return;$ g* x& u P' W" \( r% b! b
- , P' f8 G' h ^! v. N1 }0 W
- ( _- P( m' M" z" J
- }% _: t" g5 N; i% Y: U
- else
7 ]- E. D' O. {! e* x }3 p - {
4 n- j, V6 W$ h& v) N! |. U7 U - Utility.MD5 md5 = new Utility.MD5();
* J7 y4 j8 I8 k; \; A - DzPlatForm.Model.Users user = new Model.Users();
; Z* h1 [! @/ U7 _& M) ] - user.USERNAME = Utility.Baseclass.SqlFilter(txtUserName.Text.Trim());//过滤危险字符
( C( g& K6 G. n& _: Q4 b' p) t - user.PASSWORD = md5.MD5Encrypt(txtPassWord.Text.Trim());// md5.MD5Encrypt(Utility.Baseclass.SqlFilter(txtPassWord.Text.Trim()));//密码进行加密
7 Y: G X1 Y# S5 ^ - x8 O! V/ F6 C( s" ]5 U% F) b$ u
- string sql = "select * from [users] where id=1";
N0 F( A O, L- }( t. _, ]: F' _ - DataTable dt = DbHelperSQL.Query(sql, null).Tables[0];
; s4 q* G# W# l- X- ? a4 E2 s, V
! s2 d( z9 S. x5 S [: M- DzPlatForm.BLL.UserBLL usermgr = new DzPlatForm.BLL.UserBLL();
/ k8 [9 [. _4 I b4 z/ n' g' @% Y - string UserId = usermgr.LoginCheck(user);$ t) R9 v1 Q9 Q, G4 M7 s+ O
- 5 z" v( q! z/ I3 L% Y! e
- if (UserId != "")/ H( u, w& g* z- x+ f# z: u: b8 ~
- {6 D! n) y/ v, z9 L7 A0 c# U
- & |- S7 T) A4 ~* h" E T" @: ~
- Model.LoginLog lg = new Model.LoginLog();9 c' d0 q8 c( g6 q/ g6 N
- lg.Name = txtUserName.Text.Trim();
$ `% L0 @' `- S% y: I - lg.Browser = Utility.IpBrowserHelper.getBrowser();
. m4 u, V" w' B# v( ]+ N1 e - lg.Ip = Utility.IpBrowserHelper.getIP();0 M A& h, p% l2 o0 N
- lg.System = Utility.IpBrowserHelper.SystemCheck();
1 U; X% }( u" C5 B7 ] - BLL.LoginBLL logmgr = new BLL.LoginBLL();
; E* j* z; }0 h# d - logmgr.LoginInfor(lg);' X6 M* p* ~2 z) Y
- usermgr.Record();
2 S9 a ~ i9 X x: z4 R. x
8 ?+ ^. x& ^! p- Model.Indentify idf = new Model.Indentify(); q8 _4 @% b0 q+ S ]
- idf.Userid = int.Parse(UserId);, {' F. }/ _, ]( ^9 R- }
- BLL.IndentifyBLL idmgr = new BLL.IndentifyBLL();
* c( w/ A N W, {# W/ P6 K! d - idmgr.GetIndentify(idf);1 b d0 C$ o: e2 T
- Session["userid"] = UserId;
- f8 M$ m5 x% D& J8 M1 U/ G8 S - Session["UserCode"] = txtUserName.Text.Trim();
a- O% }2 k, `% g. r- H2 y- j3 m - Session["UserName"] = idf.Name;
v- l8 r2 [. Q6 ?5 { - Session["utype"] = idf.IsSystem;
% Z8 x# D! e- K0 u1 Y: P: \1 a/ H& a - Session["uip"] = lg.Ip;
. ? p; u t/ f- L - : y% P+ c* t1 y; k
- # [9 s" c$ G8 j
- //X.Msg.Show(new MessageBoxConfig9 D r' R4 v& h( y; e1 \
- //{! E( E ^+ R$ f, C5 v1 b# A" I
- // Title = "请等待",9 y' s7 C- b% Y& P* G! R4 r. }4 M# w8 h
- // Message = "正在加载项",4 o [+ r# m, D( T! W1 `# F
- // ProgressText = "初始化中...",/ z7 t) |% T* Y# X
- // Width = 300," E9 M9 j( a t: W3 X0 j9 ^
- // Progress = true,
9 D0 w2 q5 d/ l+ f5 Z - // Closable = false,% g! V, D3 U4 K) l3 p2 `, H
- // AnimEl = this.btnlogin.ClientID
1 Y# t6 N, y' J- p7 c - //});: Y4 {, _" f8 `/ J3 }7 s3 z
- & |1 w; f0 g* ]. x
- //this.StartLongAction();) h5 F* @) a/ q) }, y
- String strData, m_StrEnc, Key, Flag;% t+ R. J: B& a( d" w
- ) C* I3 l+ n6 s! B9 ]/ {' z
- Flag = IsCheck;% {4 }, Q/ T% Z0 ^1 @
- //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致3 Q& |# |7 z3 w0 f. m3 T/ [5 u
- //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值
$ _! ?6 P) t$ R - // Key = "1234567890ABCDEF1234567890ABCDEF";
! ?+ K! G" c- U8 x/ w - Key = idf.UkeyCode;& t. j8 ^- w* B/ W( Z) `' _) N, D, {
- //strData:要进行加密的数据
2 d. K+ Q& ~% U. T- M4 @ - strData = rnd.Value.Trim();//Session["rnd"].ToString();& ^2 }" v2 T9 b$ Y
- //'在服务器端对数据进行加密运算
: k; Y) s" B5 R2 [ - m_StrEnc = Global.m_softkey.StrEnc(strData, Key);: D8 ^% h* D; @0 n0 W+ x
- //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证6 }7 |0 y" f1 X! l
- if (Flag == "N")//内网不需要比对$ }' D; M& U9 d/ g8 P! O: A: ^* ]- e
- {
5 c9 o$ h) A+ x+ }. B: T3 |1 ? - Response.Redirect("Index.aspx");0 K) M+ B3 n+ @5 J
- }
: E. u0 W \3 O* y - else% D7 S. a: @- g' v' F: W+ p
- {) G/ ~5 s- `2 E4 T6 m' M
- if (m_StrEnc == return_EncData.Value)
. r9 a9 h, p% S3 v% a - {8 s7 N9 q9 d% L% P* E7 ^
- ( R- @; e, `1 p0 _
- Response.Redirect("Index.aspx");
7 o. i$ Y+ p' Z; Y0 d6 G - }
7 \% y4 M. V5 }5 j7 y' A- x- ^ - else
) t w$ o% G; B4 [, o - {
# W* h1 `2 R" L8 H# N - Notification.Show(new NotificationConfig0 z0 k0 K8 q; \% u4 `7 c; I3 L
- {
; C Y! S* y: b: l - Title = "提醒",4 v, n4 t+ v4 X6 K
- Icon = Icon.Information,3 K" [7 v; ]. Y8 G" o1 X
- Html = "<font style='color:red;'>该用户不是合法用户!</font>"
: c& F* l( N0 Y# O+ _% v8 F - });! e( c$ C& U- c; g
- }7 f, s) K( {/ w7 l# Y, [
- , [! J$ y! d: j1 W
- }. i( f* p# \) x' ~
9 X+ [8 O N( n+ C% G' k, I- }2 x* ?, T# n* m" n9 S1 `2 O. |
- else
4 {3 g! F4 C. h. h! S - {
% w/ N) K& e7 ]2 b - $ Q5 E- t$ c ?- Z0 G: p9 r) B
- Notification.Show(new NotificationConfig) a" G4 A0 X9 `$ l
- {
" {* O: {5 ~# s/ {. o- I: n - Title = "提醒",# O' p/ j6 G. j- R! {. A! u
- Icon = Icon.Information,
$ Y2 D0 e5 R- J: ?7 i, x. p5 ^" [ - Html = "<font style='color:red;'>帐号或者密码有误,请重新输入!</font>"( A' A; S5 ~& U0 G* c
7 w$ N, ~2 w9 k% T* [- });
l2 O3 a: x9 t- R$ X6 ^7 P - X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
9 P/ [# j" B$ w. R7 W - }
h5 P+ h; ]! q2 W1 [% J - * h) y* c8 m K) Z! S& j, B {3 j. D
- } ~9 d! o' _ m
- } d! J; M( a9 c( w4 @" f, c$ J- }/ N
- /// <summary>( f9 W5 O" k7 Q+ F8 P
- /// 开始计算任务
7 y0 o$ y0 d1 D6 V - /// </summary>
" c$ b6 j9 q( l$ C - private void StartLongAction(), z7 [7 Z& q1 Q4 ]
- {9 H2 e9 t# n7 |5 J9 ?7 p( T2 ]+ g
- this.Session["Task1"] = 0; G( {$ d' V6 l1 ~6 ~
- ThreadPool.QueueUserWorkItem(LongAction);
2 Y+ {# e& ?$ h( y; i' T0 ], v - . R+ u8 W& Z! P( V' t; `
- this.TaskManager1.StartTask("Task1");
; N& u) l0 d Z) d+ p - }6 k( J' ^/ |* {$ t% K: s0 {( d
- /// <summary>
; J( G4 k+ F" V& ~8 b - /// 计时器5 \; R8 I- k1 T, d* @* R* y. {
- /// </summary>
& P* L* J& Z9 ?5 r - /// <param name="state"></param>) @# G2 D4 V0 Y% d
- private void LongAction(object state)
f/ g. l h) k9 f - {
; d5 i" Z. }( U0 ^9 e* h6 \ - for (int i = 0; i < 100; i++)5 Y9 }1 v; U ?8 u7 m! x. l8 Q
- {+ m' l# B! a0 I! X0 |$ `2 D
- Thread.Sleep(10);! @- C( H7 s r# o" ^. `( K& z
- this.Session["Task1"] = i + 1;
1 x; v& N% ^' N$ p% y" Q - }
& \# }) i2 l7 Y% w" O' Y - this.Session.Remove("Task1");
6 P# |1 @) }' V! I+ ^0 d& r - }! \/ V" S O- I& \6 g
- /// <summary>5 ~9 p2 \. [3 Q8 i
- /// 刷新进度条
6 Y& T* D4 `2 f - /// </summary>9 V$ l& E1 g' m
- /// <param name="sender"></param>$ r9 i( k) [$ S/ [
- /// <param name="e"></param>
7 }" k' y* f: J) K1 q! [2 V - protected void RefreshProgress(object sender, DirectEventArgs e)
" ~7 S9 G. V0 t0 \% j/ b n - {( \& z5 l1 H I5 V2 y/ t
- object progress = this.Session["Task1"];
5 x- e' Z6 j% V) o7 h - if (progress != null)
" d3 U: W$ u/ R% `# u- r$ } - {
1 T# a' S0 c) G7 c( e( G - X.Msg.UpdateProgress(((int)progress) / 100f, string.Format(" {0} % {1}", progress.ToString(), 100));
8 i1 C+ P- y2 d4 Q4 C0 j - }
2 v7 I* i# N! y* l7 ~* { - else. {% a6 l9 W9 p3 x$ j9 a) b
- {3 l( {6 O% s2 y3 C
- this.TaskManager1.StopTask("Task1");+ Z y: a+ G% K2 s4 n! U
- X.MessageBox.Hide();
" N% `7 T5 o5 P7 V; ~+ o - Response.Redirect("Index.aspx");
: w' H/ n/ O& Y" D E" S- A5 i - }, `% G ]1 A+ ^2 k
- }# d; `; P$ y& O* D
- /// <summary>
1 F7 B6 R, s, P - /// 更换皮肤5 U% t7 s/ v3 f8 O4 S/ M# K
- /// </summary>
3 f3 X: \# D+ R; L$ [ - /// <param name="theme"></param>, F) C0 l, d6 V. A( _( ]; _& V/ l8 v
- /// <returns></returns>
( N0 e( ^8 W7 X( Z4 r9 L4 z - public string GetThemeUrl(string theme)8 b" M0 W' C3 J" e) L' T7 C# i
- {4 H% h' T: Z3 P2 \
- Theme temp = (Theme)Enum.Parse(typeof(Theme), theme);* @3 I p4 t8 |5 ~
- this.Session["Ext.Net.Theme"] = temp;* B1 Q/ w$ U4 Q, z
- return (temp == Ext.Net.Theme.Default) ? "Default" : X.ResourceManager.GetThemeUrl(temp);
7 H& r, T, @& n* l& w# J - }
$ U" u: ]1 D7 A; L0 ]: x6 R
! r/ T$ u* r+ j* p1 A$ D! i- }6 ^7 j" j: ^: K; {% a- |& K
- " Q- k2 i! \. c8 i( o8 V( y
- 服务端代码:Global.asax$ j, s. R/ w' z% s+ k m
- public class SoftKey4 r6 ? y$ `9 `7 F0 V" v2 t, h
- {
' | x' i3 n$ j5 }, f - [DllImport("kernel32.dll")]
# J, t x! \- y1 S3 p - public static extern int lstrlenA(string InString);
) m# b! k6 T# A/ R - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]
& X) W7 k( [: c8 p, S - public static extern void CopyStringToByte(byte[] pDest, string pSourceg, int ByteLenr);, A' Z; o w/ K4 O8 {+ @7 e% i
- [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]+ `+ F8 k2 \. ^) t E4 Z T
- public static extern void CopyByteToString(StringBuilder pDest, byte[] pSource, int ByteLenr);3 M, |, \& Z3 I+ p# M; p3 C" n
- * O9 J# B! z# g$ a3 }' I8 Z! G
- //以下用于将16进制字符串转化为无符号长整型
; f7 a2 g" k- b6 o8 m# W! t - private uint HexToInt(string s): G- s, F% s5 {8 |, c( O4 i4 e" W
- {
H8 L* P+ f/ o" b; T p/ R4 g" u - string[] hexch = { "0", "1", "2", "3", "4", "5", "6", "7",
; B1 a7 J4 b) E5 r1 O - "8", "9", "A", "B", "C", "D", "E", "F"};+ ~% B& ^& O3 y9 _; Y1 `
- s = s.ToUpper();' @! `+ m. W5 ?' a% i9 g* s
- int i, j;
/ [) }5 z, P: K0 g1 J6 r - int r, n, k;9 a/ }2 g4 [% a3 ]6 h2 [8 R) ^" d
- string ch;
4 g9 w7 P4 b: L9 A, K - 9 t. }* X# l6 H/ Z/ i2 @
- k = 1; r = 0;
3 Q+ H0 A1 X0 M' @( K$ p - for (i = s.Length; i > 0; i--)
) F W+ \. {/ _% G' U9 [, O - {
6 E" F& D, Z- }9 `& g - ch = s.Substring(i - 1, 1);+ y2 d; Z4 ^$ e0 f4 G$ o
- n = 0;
1 k7 M G# b4 w: V m8 Z% ?- K) N - for (j = 0; j < 16; j++)' B( @3 m3 M3 `# t8 K* |" j
- if (ch == hexch[j])
( j# L8 H8 n; D+ n7 ~. Y9 i9 O - n = j;! X1 _( t* o( [! x: d/ h$ J
- r += (n * k);, d% _7 l. Z2 E
- k *= 16;0 f' i3 [4 q( i2 r: l( h
- }
1 s( b' v( ]$ H3 ? - return unchecked((uint)r);
9 x: r% d1 Y a% K* s9 I2 s8 } - }
* ]: j8 g: C0 q* n
1 W: l: g5 ] g U6 z! Z1 O& I5 U, w0 E
# Q! O8 r2 n- w7 r. M- public void EnCode(byte[] inb, byte[] outb, string Key)
O( x7 T7 i; ?: d E' H7 i: k - {* B9 _1 L( m6 m8 U/ f
- / J% x* N. G5 d. x4 z
- UInt32 cnDelta, y, z, a, b, c, d, temp_2;
; G5 d. P" U9 u6 Z2 Q+ { - UInt32[] buf = new UInt32[16];; a: [. f/ A7 j, E+ F
- int n, i, nlen;. L/ Q7 e& T; n
- UInt32 sum;8 k. I) A" I+ f4 F; k4 D( E* |
- //UInt32 temp, temp_1;
% z0 a. q0 A _% d - string temp_string;/ |) x! y$ e1 Q: ]2 h6 N3 H* k
8 C* J# a0 L2 ?+ ~; i8 |
, N9 b5 L& _! r& _- cnDelta = 2654435769;, H' u. g; l( }# C$ G, \
- sum = 0;
5 w* |# L+ U5 q" W' [% ^* ~+ a - & Y+ c# y& ]' G! a! y9 }
- nlen = Key.Length;
! i, L0 A3 g$ y" F8 d7 x - i = 0;( k- p/ J: R6 L' k
- for (n = 1; n <= nlen; n = n + 2)
3 J# n. N0 G, W7 k# t, \% { - {& z1 x! C3 d& e, p% Q* P
- temp_string = Key.Substring(n - 1, 2);8 q# e! {- l' a4 g+ z& D6 Z
- buf[i] = HexToInt(temp_string);
5 X; i0 u; c* T% E - i = i + 1;) Q3 l; v4 z! ]7 \% ]; S+ a
- }5 a5 J1 M+ v+ A$ l2 M! i& j) X
- a = 0; b = 0; c = 0; d = 0;5 j F+ I4 h: C
- for (n = 0; n <= 3; n++)
4 w C3 P6 \# W! U$ | - {
% V" k- C% l# V - a = (buf[n] << (n * 8)) | a;
4 `+ [" K/ Q- T+ P0 ?6 m - b = (buf[n + 4] << (n * 8)) | b;
+ X8 V- g" j% P+ i0 ? - c = (buf[n + 4 + 4] << (n * 8)) | c;
1 x, F6 w, q) x# o - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
% Q. X" e9 Q$ T1 ]; i1 `' v. ~+ g - }
( Z6 O, P" J% N& I5 `8 t - 6 Y- o/ q7 y& x$ o6 y) L6 `# h. }
2 R/ F1 A: s% P6 }. n- E7 n, {3 H3 R* H( ^
- y = 0;
" F( a4 g/ p! a& u. j6 K4 [ - z = 0;0 f1 v$ i; k( A e+ H: j0 z; g7 L9 U
- for (n = 0; n <= 3; n++)7 }* ~0 E( b7 D2 b" v ~8 C2 S% g
- {+ G, j. j4 o$ l9 ?, y
- temp_2 = inb[n];
+ E# j6 t( b! w' Q7 o - y = (temp_2 << (n * 8)) | y;
, i( Z" x+ d' S! E - temp_2 = inb[n + 4];
0 }5 `8 M) O/ v, r( I* Y& g - z = (temp_2 << (n * 8)) | z;
! f0 |! K0 y5 ~8 t - }1 P# h k3 u, U' S" E! d7 i" n
; h$ e$ v" @ t" ?0 Z8 \8 D- A h
( ~5 B7 Y: Z; v. r' |% E5 K" J- n = 32;
$ M' q$ g4 ?/ m: i - , ~7 M# y" l; u( m; t* S
- while (n > 0)1 F& t4 t0 _0 \8 ]9 d* p$ L- R
- {$ ^+ y! k7 G+ i
- sum = cnDelta + sum;- ?4 x6 {5 b: Y6 z* x
* s" j+ w! W5 h6 Z- d. d8 A- /*temp = (z << 4) & 0xFFFFFFFF;
$ x6 V9 L( b) v% f9 ] - temp = (temp + a) & 0xFFFFFFFF;" N6 j' Z) k" b- i2 C4 }
- temp_1 = (z + sum) & 0xFFFFFFFF;
, _" m1 U0 P# O9 @8 D" d - temp = (temp ^ temp_1) & 0xFFFFFFFF;
; F. }0 C% v0 u% O7 @ - temp_1 = (z >> 5) & 0xFFFFFFFF;
" s5 j Z6 `* u% P( X( @ - temp_1 = (temp_1 + b) & 0xFFFFFFFF;5 ?( x1 N t/ H9 [' f$ I/ s
- temp = (temp ^ temp_1) & 0xFFFFFFFF;. W7 ?0 z# l7 i( z3 Y" a
- temp = (temp + y) & 0xFFFFFFFF;& r: C2 L7 n- y: j& W( b
- y = temp & 0xFFFFFFFF;*/; c9 U5 c/ w7 P: E6 a, w
- y += ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);5 h( ^! O: _' `" b3 R x
) P6 v$ g0 K* P. t7 m3 e5 v- /*temp = (y << 4) & 0xFFFFFFFF;3 N9 H% r2 D% z5 ?7 Z4 d
- temp = (temp + c) & 0xFFFFFFFF;2 \. C1 d2 m. k1 p9 l! H2 ?& p
- temp_1 = (y + sum) & 0xFFFFFFFF;$ @: _# G7 s" U0 P- W+ @
- temp = (temp ^ temp_1) & 0xFFFFFFFF;- f3 w4 T" r& S2 L
- temp_1 = (y >> 5) & 0xFFFFFFFF;
, y+ ]3 u; g7 h* O' b2 [. |* n! ~: x - temp_1 = (temp_1 + d) & 0xFFFFFFFF;
5 r# Q8 P7 i# W2 r - temp = (temp ^ temp_1) & 0xFFFFFFFF;
# G" q" |' i/ R6 {4 h) d - temp = (z + temp) & 0xFFFFFFFF;
~% Q. H; E4 J! `- }/ Q; w - z = temp & 0xFFFFFFFF;*/ B7 C+ u9 l% A4 V% }0 ]
- z += ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);2 Q& \% j$ i- B y
- n = n - 1;
/ c4 ]; L, {! O: G2 S: \# @+ a7 i
: I0 _2 @$ |( \4 k3 W g- S- }
5 a, N) v3 R+ O6 L - $ B7 v3 U+ i: i: v# X/ o0 v
- for (n = 0; n <= 3; n++)3 X. [4 _3 K b8 _3 s0 ]& O
- {
' M1 _2 @! Q0 g: D0 A: D3 X - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);, B! A% u5 [0 K7 E
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
+ W; J% }3 G% {# r8 {0 M - }( ^, ~, T$ w& ~3 S: q
|3 z* w( v# j. D- }* Y' S0 E# }( K$ e
- " |/ i2 @3 |: h: I4 \3 J% P( |
- public void DeCode(byte[] inb, byte[] outb, string Key)
( x4 \5 N2 }6 C1 K* ^2 C - {
7 U7 n! ~8 o; U7 \ `
3 m, s! B) @8 J0 K- UInt32 cnDelta, y, z, a, b, c, d, temp_2;
8 s+ G K- L! n M - UInt32[] buf = new UInt32[16];) @+ J9 D: @& V0 t$ P; a
- int n, i, nlen;
1 J4 T! S3 p( h4 K# P( Q# e$ g - UInt32 sum;2 W: J: f, {) j
- //UInt32 temp, temp_1;
4 F3 x1 O: u0 E. b k% }3 O- A; q - string temp_string;" l# f% I$ D4 ?8 _3 l1 l3 n
% H. L/ ]+ N/ H3 x" y; C
; J5 r. T- F0 l3 [- cnDelta = 2654435769;7 a1 q. h# m- p6 |# p- ]+ M
- sum = 0xC6EF3720;+ K4 r5 I. y8 x4 H
. G' c1 M( x9 p, }2 S2 f- nlen = Key.Length;# J3 `1 E' [3 S" D( ?) m) m2 |) G
- i = 0;, s( c- R* `; \; H3 Q
- for (n = 1; n <= nlen; n = n + 2)
! g/ K; a+ Z" {9 K( b! _. T - {
5 H3 l5 Y1 a6 ? - temp_string = Key.Substring(n - 1, 2);
+ z6 z8 v7 A( V - buf[i] = HexToInt(temp_string);
/ B/ o/ q6 X$ d5 i: i - i = i + 1;
8 @ `1 L0 u. e9 i9 W - }( G7 K: z# g5 _. a) z" a3 U/ |+ f
- a = 0; b = 0; c = 0; d = 0;" _- i8 k: Z" `% W, Z# N
- for (n = 0; n <= 3; n++)" U3 [7 n+ w6 U5 P3 b& Q% ~) Q
- {; z' u) C- ?& K8 X. }; H3 w
- a = (buf[n] << (n * 8)) | a;
7 d' D, _1 ] ~! m - b = (buf[n + 4] << (n * 8)) | b;
8 |( o& J" V3 f) L4 `# [ - c = (buf[n + 4 + 4] << (n * 8)) | c;
7 e8 y, J, d& f z6 Q6 y3 n* o" ` - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
7 p% L8 B3 L/ @+ a1 {( d - }: [; Q; |$ W8 v. k8 R5 F
6 [) {$ c. V6 A: y
( Z* J' D- T u7 \- 7 D$ R z; k# ?2 E9 C" n1 c# U* `
- y = 0;
/ s! p+ ^6 D- A4 Z - z = 0; ], k o% [% O+ D7 z v
- for (n = 0; n <= 3; n++)# v! u" m1 n. }
- {
$ y0 Q0 ^- b& K( `5 s) {7 ~ - temp_2 = inb[n];& f* N4 e. v. x: m
- y = (temp_2 << (n * 8)) | y;
6 h" A4 @ \- O$ x. [' f - temp_2 = inb[n + 4];
0 ?4 ~* @! R" m; R6 ? - z = (temp_2 << (n * 8)) | z;1 z3 ~0 m9 U0 M! m; b Q" @
- }
! m/ c g T2 S$ @+ Q
' C; f. o7 G- m# R6 s2 w+ K- 4 ]7 I1 q# ], p" o9 _$ c
- n = 32;0 P3 L! l) {. k! V' w, [8 E* A
- - _ b: P: P) q, G$ z" X0 h
- while (n-- > 0) |8 b: \4 i4 j" u7 s# P% s
- {) P. v' `! i/ h5 ?4 k
- z -= ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);! Y( I/ [. E" T6 t: ~ _
- y -= ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
7 e9 ?7 z: T1 J7 [7 p - sum -= cnDelta;
% g/ m* j. c* [
% ^# e b7 @# O0 @; q- }) }/ _/ S. G: R+ V5 t4 w
- 2 M4 X# j+ O6 t0 P3 [2 ]
- for (n = 0; n <= 3; n++)
Z" S# @5 l. t - {
% h1 A0 b' p( x# K9 j! ]8 F - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255); d: Y) u: i2 P/ W* K( s
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
' X- V2 u: p c$ T. q& U5 T7 Q - }1 \' M* e+ _& R
- - N0 M( A; j) Y# q+ e6 c& K
- }1 ?+ q: s" ~# b2 ]8 y
3 A: I% z# F0 g9 k9 s0 Z3 @ S5 F
7 q6 d1 s: v3 ?: j# N- public string StrEnc(string InString, string Key)//使用增强算法,加密字符串
" U, Z; H9 n4 Z9 o2 @- ] - {
' o% U! p& G* x, X" j4 Z - . A) m# f7 V D$ r3 z
- byte[] b, outb;3 t; p. p; P8 S9 j8 }3 y
- byte[] temp = new byte[8], outtemp = new byte[8]; `3 C- `* C" l9 s
- int n, i, nlen, outlen;% p0 `. o" \3 k* |+ V! E
- string outstring;& t O. d7 I0 q; L7 h# u2 r
- 6 s2 ]* {# y* }# P. ? R
- 9 C: K. P2 N/ C' K0 Q6 P+ x
- nlen = lstrlenA(InString) + 1;
% [! o8 W# r7 ]7 E+ {5 N - if (nlen < 8)
3 z# X# T" b8 w - outlen = 8;) ?$ p& E6 s( q* `1 N9 J
- else% h; V- \2 V$ M
- outlen = nlen;
$ {# j' H& i& a9 D9 `: W3 \; w - b = new byte[outlen];9 I+ S. Y `2 I; a
- outb = new byte[outlen];; j( S2 O$ B4 m0 t0 i9 ]; f# Z1 u- ?
- 3 a$ p$ w( q4 j. O: f6 y+ d* J: B
- CopyStringToByte(b, InString, nlen);3 Y) b) p7 ?% v) c: ~8 _
1 x5 P$ ^/ d: D* o& J5 ?- b.CopyTo(outb, 0);) {9 c, p# x9 y! E7 C5 S3 L
1 q9 J' Q4 q% B* M1 R- for (n = 0; n <= outlen - 8; n = n + 8)1 p8 r. @* c2 e, W
- {
, ]; O& q2 s; N9 i - for (i = 0; i < 8; i++) temp[i] = b[i + n];% x% w8 U5 @" k8 Y+ y
- EnCode(temp, outtemp, Key);+ q8 V& U! `+ Q5 k% I S
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];
4 t- j2 {5 B$ h+ I - }
& D& W% W- _! A. Q. l - 3 D8 C: w' k8 b; v3 g! E5 p
- outstring = "";9 f3 [, P' W6 g+ U# A4 H7 E" f* m
- for (n = 0; n <= outlen - 1; n++)
$ _3 y' b c' j6 m5 U M; s - { r: {; H- T B. j: Z/ ^
- outstring = outstring + outb[n].ToString("X2");
! \% o$ |6 ~1 v) | - }
, [- X. A4 F8 R0 t - return outstring;
$ s; `- P9 z: _- z A+ O- t' D% L1 H - }
: T) Q: Y# F. ^" H+ d' q% h6 ]8 X9 P - public string StrDec(string InString, string Key) //使用增强算法,加密字符串
0 o' O# g! t& x, b5 J# D - {- d4 A6 a8 \" ?
- byte[] b, outb;
|: g8 _5 Y! y* ]$ i% z" I - byte[] temp = new byte[8], outtemp = new byte[8];
! B+ ?+ o1 V- ?; Y9 o' V - int n, i, nlen, outlen;
. c, b }$ @6 s) S+ L4 f - string temp_string;
1 U9 t' s4 d6 O' L2 Q - StringBuilder c_str;; s1 y$ M! ^; `0 n: p
- # c* }1 C! i( Z6 M% a
- ) A& n3 z8 _: q
- nlen = InString.Length;
* F# y" f8 G0 S: J: k7 Q% Y - if (nlen < 16) outlen = 16;
; O2 g( W* ^7 i - outlen = nlen / 2;
' P$ W# a: i9 S* F6 z5 b1 M# J - b = new byte[outlen];
( C+ \( @2 |7 a/ h; F$ W - outb = new byte[outlen];
4 F6 ^* `) \0 O! I' ~
6 y- L. j4 i8 c+ |9 D/ D- i = 0;6 z, \6 S6 n$ a
- for (n = 1; n <= nlen; n = n + 2)
2 c ?% g* t4 p# q' @ - {' q& R4 w% Q% r- k! w P9 A( G B
- temp_string = InString.Substring(n - 1, 2);
; J8 d# \- r+ S2 g& h - b[i] = System.Convert.ToByte(HexToInt(temp_string));0 Z6 X: B. l9 y0 a3 F. v0 {, |$ k& B
- i = i + 1;
. y) m9 O% o$ q- ~6 N9 @. _7 Y4 }; L - }
j3 S( J4 e9 A - ) H% X9 q9 {3 b; l
- b.CopyTo(outb, 0);: E3 E4 J5 i9 W9 A* `
- # u* Q V8 f& U- L$ T- w
- for (n = 0; n <= outlen - 8; n = n + 8)
; { @' G' w; E. J% y - {1 M7 s h# A/ T
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
9 ^; W* n0 g& R+ s; q% m' Q) P7 g - DeCode(temp, outtemp, Key);3 K4 k# x4 {, U5 P8 K! z& G
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];! c0 z {, o4 y" ?8 ~
- }2 W% H3 @1 i2 N3 `- b" s' J
- 0 f2 V, X6 F6 }0 u0 i- {6 J4 o; q0 X" D
- c_str = new StringBuilder("", outlen);
3 @/ s6 j; n6 ^" L6 S2 c. A - CopyByteToString(c_str, outb, outlen);
. i% r5 f4 X5 |/ G0 }; Y" \ - return c_str.ToString();
6 \) D% u r5 n D2 |
1 V& K; H: Z% f8 A" }5 S1 D2 m- }
' c5 ]" }8 e% z, g
1 j# L! }( _1 o% \6 y- 3 N. l2 Q4 _9 H* [9 i
- }
' g/ @, a1 G# t3 Z# C$ I" S5 n2 U* H+ k6 q d& ?/ h, r
唯一锁写入Ukey: 3 B0 j: j4 k9 e$ C
; d! a# Q5 [0 x7 A2 P0 R
公网客户端:安装插件
" n! o- H7 ^9 M" e% u) X7 O& O 多文件安装版+需要先插入UKEY
G9 [( U6 _+ ~6 Q2 l 插入UKEY
8 J$ c& H8 K2 X! R
登录成功! ' l0 U) y' N, }! }2 ^2 Q$ J9 y
|
|
/1 
|Archiver|手机版|小黑屋|科帮网
( 鲁ICP备19059327号-2 ) 
窥视卡
雷达卡
发表于 2014-09-05 15:32:16
转播
淘帖
分享
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡