|
该用户从未签到
|
|
登录协同工作平台安全解决方案 ; g0 Q2 O1 O9 `# w0 j O1 Z
[摘要]公司领导说登录验证的安全性如何保证,建议采用UKEY验证类似网银解决,调用第三方YT公司产品。 解决方案:
9 `5 _ b; m+ @$ e! K! |& [1 \
前端页面: - <embed id="s_simnew61" type="application/npsyunew6-plugin" hidden="true"> </embed><!--创建firefox,chrome等插件-->* Q9 c p6 c$ E* } Z( D
- <script type="text/javascript" language="javascript" >2 X$ `$ ^( m$ o6 f' d
- //加载皮肤
# F" T P6 b, t+ e/ F, ] - var setTheme = function () {2 }' q5 W$ p" W4 |# l2 T) S
- Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), {
) T+ @6 H. {8 B1 t2 k - success: function (result) {
' M: c0 W, _0 w0 E/ i( ]0 A0 f - Ext.net.ResourceMgr.setTheme(result);
; ]: p) c: H1 O4 l/ L) E% U - }
' e& p) Y- @; a/ v+ g/ ~3 [ - });# V4 b5 Y/ U" ]
- };! l7 Q5 M% r+ a# [ r. ~
- //回车出发
. \' c3 h4 _& Y9 u( [ - document.onkeydown = function (event) {, ^! Y, r8 y" x( p# _% W6 ^& q
- e = event ? event : (window.event ? window.event : null);2 W0 W* E5 n" ?7 Q0 H [
- if (e.keyCode == 13) {0 g+ a' k1 k* e" [
- //执行的方法
& b9 [0 _4 \( _+ E2 B2 k7 I$ V* c - //alert('回车检测到了');5 Q8 ]4 O; o Z: b% B6 W# S
- //Ext.net.DirectMethods.Login();2 c) J# Z6 w9 \. q
- login();
; \2 L# Z; V# F3 I: T% \& R- h - }
d, C$ e6 [0 J/ \1 p - }! [# F" k4 d9 i
- 2 n, b: |% S) d. v
- var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');5 n) D; ^+ Z" N8 L+ B% y; [
- function toHex(n) {
. O' A) j9 H$ t9 M) @ - var result = ''8 R# d& Q& M; R: U1 U/ L& W) w8 {
- var start = true;6 F D* V8 ^3 h, @
- for (var i = 32; i > 0; ) {4 V( e2 t, D8 m1 `1 |+ Y
- i -= 4;' O, O; w. Q! u0 k$ F
- var digit = (n >> i) & 0xf;/ w# t( r1 [( W. L
5 s& B$ v5 I" V9 E" t5 n- if (!start || digit != 0) {$ Y. f! J8 w) S' x+ {
- start = false;
: p* j8 j B3 P8 \* { - result += digitArray[digit];
0 C( d. H* H/ W6 t- e - }+ r @( w/ P$ w# Y
- }
X2 I; A @& n9 Q ~3 w - return (result == '' ? '0' : result);
% L7 w0 S* A5 q& [5 p0 r \5 R - } l! a* T5 ^! l/ Z) a4 e
- * G9 T5 L U2 I L
- var login = function () {% w5 P) k6 A, P" l% w
- var IsCheck = 'N';
* D8 R9 o; R" R/ c$ I" l4 @ - if (window.location.host == "localhost:23111") {
0 R( m+ }% j; z5 D - var DevicePath, ret, n, mylen;
6 s% j5 {$ m6 g# ^0 p - try {4 Y1 z% [+ I/ Q9 l3 S3 e/ P8 g+ F
- //建立操作我们的锁的控件对象,用于操作我们的锁; q- l2 L; v( L' G8 d# z
- var s_simnew61;, y- \8 L3 y( j. X: {' ~
6 N8 x' V- a3 }3 J) r) R( f3 w/ o {- //创建插件或控件
! y; |' O7 r0 r* P - if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) {3 n( ?0 u7 v8 ~% V& }4 `
- s_simnew61 = new ActiveXObject("Syunew6A.s_simnew6");: r+ Y# J3 S: f* m* T. {3 g
- }
1 d l2 I& H0 t$ b8 a. m - else {( X2 b, m4 X6 U5 B
- s_simnew61 = document.getElementById('s_simnew61');" E f* g4 h, H# _
- }6 i" ^+ F, t5 l0 w
& _8 M* p4 I. m2 m6 b" r' j
9 T1 v0 L; r9 I5 q: C4 }3 E% B- //查找是否存在锁,这里使用了FindPort函数
& f1 v2 N6 W2 y% P - DevicePath = s_simnew61.FindPort(0);6 N4 J! z2 V% ^+ U6 S( U! J! q
- if (s_simnew61.LastError != 0) {6 N0 j" z- A0 a' ^) o" u
- window.alert("没有找到Ukey ,请插入UKey");* h$ S8 D q' R( i! n+ A3 _) F
- //window.location.href = "err.html";+ V7 g( D% W: D/ w6 k, L
- return;8 x( E! E7 o2 k% r
- }$ R( K3 S( Q% i, {6 B
- 2 h& |! Q* u$ L! i1 w, |
- //这里返回对随机数的HASH结果' W3 V9 ~& X3 I! P+ v
- frmlogin.return_EncData.value = s_simnew61.EncString(frmlogin.rnd.value, DevicePath);! o1 o1 V; N' y6 X
- if (s_simnew61.LastError != 0) {
/ k5 q: ? k2 E; _ - window.alert("Err to StrEnc,ErrCode is:" + s_simnew61.LastError.toString());
/ Z* i4 D6 c# M& p% d - return;
: d/ G* I- g# @8 q* u - }
) Z8 w3 N( b* g8 J3 u. O - IsCheck = 'Y';- t( F( n9 J& N2 q+ t; A
- # J2 e9 V* O% x+ A/ J& M- p
- Ext.net.DirectMethods.Login(IsCheck);2 |, T5 T3 N: `! E
0 |, s: ~8 Z- _2 S9 ~- } catch (e) {! K# |5 n4 n" j, K+ u7 [& C
- alert("您在使用外网访问:" + e.name + ": " + e.message + "。可能是没有安装相应的控件或插件");/ u& h9 e% Y; M$ b2 w' p
- }* u3 z/ N% e8 j/ `6 s% a6 v
- } else {" N a3 y& p+ W7 O/ G X
- Ext.net.DirectMethods.Login(IsCheck);8 a! p! R/ d$ g3 m" H3 q, B+ O
- }: I- a+ {* K+ Y5 B
8 q+ h8 g& Q' J9 \3 e; T1 J. W- };4 h/ i( k9 q% y$ [
- </script>
$ s8 P6 c: M4 f - <script type="text/javascript" language="javascript">5 H* q% t1 _! C: p% `- P
- function reloadCode() {
, g& _/ C3 \ F4 Y - var obj = document.getElementById('imgCode');. y; x9 n, ?/ ?: g1 T/ }: S# _8 e
- obj.src = "VerifyCode.aspx?";5 W! ^! A- J( `* _1 ~
- }1 ^# }0 s2 b8 x- t# c
- ; e8 @+ m! l. ~' t8 H. R3 |
- </script>" u6 B; |" e9 T) v% C) i- _
- CS代码:
) K l O3 J3 m9 S& V - SoftKey2K ytsoftkey;
W! U& c M V- e% @ - String KeyPath;& u. I2 L; [ M3 P0 A* _0 e
- private string _randomcode;
8 K6 f! n7 l9 K - /// <summary>0 \1 P6 G! {7 Q
- /// 随机数% _) e6 v5 I! L) B- |( t
- /// </summary>+ o6 `6 `$ R& m* \* y$ W
- public string Randomcode1 R5 u* ]6 D/ K% v2 H8 R
- {
- N2 j8 D# f8 Z, O! `3 e - get { return _randomcode; }
" l. _& Q- b# A \ \* Y2 y2 X* q - set { _randomcode = value; }
8 L5 t' _3 x' a' A! v - }2 M+ l# D% R- x, }
- protected void Page_Load(object sender, EventArgs e)
" R* ]: ?2 F E - {
. P* A! {+ L+ Z+ s- A$ q; g2 m: ~4 J6 T - if (!IsPostBack)1 C3 w# p7 i" E& p! w# H5 N
- {
! V @- B( q6 `2 W - System.Random random = new System.Random();
2 s c# s3 Y1 K, Q! ]- g0 Y# q - Session["rnd"] = rnd.Value = random.Next(0, 2147483646).ToString();
$ V( k* l0 o' Z2 k( T - Response.Cookies.Add(new HttpCookie("CheckCode", ""));9 u3 l2 q6 E- x/ B" y
- }" h+ H1 `, a" |- [1 Z+ W+ a
- } F5 k$ l' `" b. a. l; Y
4 j! v' k/ [) r& I; \5 I- 6 w7 ?% u9 m( o. W
- [DirectMethod]
( P7 `( k% F5 L7 ] - public void Login(string IsCheck), O; M8 q. v; h- ^3 O o
- {
- G! Q) [2 l4 y5 d; Q% V) B( f - Check(IsCheck) ;3 S: G* y6 c# T% s3 k8 k/ Y
- 8 J8 Z6 g ~( B( g. M
- }/ x3 @, E6 [! D+ b7 e' A! Z4 S, m
- /// <summary>0 ~ c' @6 y" Q! P: p
- /// 登录验证) t9 K6 N8 g9 I" [
- /// </summary>, }- f' s% I6 A. L+ G/ U9 Z
- /// <param name="IsCheck"></param>
- V' a$ p" z9 o! r - private void Check(string IsCheck) $ z7 i+ ~5 S$ i' @! d
- {
; Y! D8 c/ L8 ?- u1 D - if (Request.Cookies["CheckCode"] == null)9 W4 r7 K* y, m: {: L# B/ Y+ n, t, k4 Q
- {
' B* P- h/ Q) ?! ^- K
8 l& v4 Q, O/ ?- Notification.Show(new NotificationConfig
. ?( I9 a7 w2 O) v3 U& ]0 l - {. Y3 x" }2 |0 t( O
- Title = "提醒",
2 B! d, P2 ]/ @9 {. b - Icon = Icon.Information,
! z3 n/ J; t) y& ? - Html = "<font style='color:red;'>您的浏览器设置已被禁用 Cookies,您必须设置浏览器允许使用 Cookies 选项后才能使用本系统。</font>"
3 e* s! B) X, N - });
$ ^8 o% e8 l4 t6 l6 s( i/ O - return;' w$ y! O1 i U! X7 K6 A' {2 M) Y
- }0 n5 I" O! A: w
- //验证码比较
. W# ]$ f: G& m. x- b c - if (String.Compare(Request.Cookies["CheckCode"].Value.ToUpper(), this.txtVerifyCode.Text.ToString().Trim().ToUpper(), true) != 0)
# @% x% g3 I' w: q1 Y x1 u - {1 C, q; F* ]. c( |4 g
- this.txtVerifyCode.SetValue(""); k9 {$ o8 i* z- D7 f) G
- Notification.Show(new NotificationConfig
# ]7 E& C) }- {. q8 f - {3 Z, ~* e. F0 t
- Title = "提醒",
1 I6 {7 t: Y+ r2 v* t0 s W6 g+ K - Icon = Icon.Information,( o y* @' y3 x7 Y% L/ y
- Html = "<font style='color:red;'>验证码错误,请重新输入</font>"
* k# U5 N4 d. J$ d- i - });
1 H7 Q4 a( X4 Y6 M7 r; M5 ] i+ u - X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
6 n# P$ i5 l9 L+ Y: J - return;
3 G/ C2 C8 y6 v7 H o - 7 {: [; k0 r5 R% n2 X
- 9 F8 z& b( q' B
- }
9 y* `5 t) ` \: d( R& [7 g4 c% B - else" _7 V/ I" v/ A( f
- {
5 Y1 U9 D0 z: g5 }# z - Utility.MD5 md5 = new Utility.MD5();
! y7 `) x' e6 j8 Z& @ - DzPlatForm.Model.Users user = new Model.Users();; w, B. u" D; a0 q2 O. s4 W9 { _
- user.USERNAME = Utility.Baseclass.SqlFilter(txtUserName.Text.Trim());//过滤危险字符
" ~6 B) S" U. Z3 f! J! h1 B, ~ - user.PASSWORD = md5.MD5Encrypt(txtPassWord.Text.Trim());// md5.MD5Encrypt(Utility.Baseclass.SqlFilter(txtPassWord.Text.Trim()));//密码进行加密
( k& `( H+ }, w0 M0 ^8 V - # h' o2 g3 D7 m; G
- string sql = "select * from [users] where id=1";4 _- c0 j9 p# _0 q4 E! R2 D
- DataTable dt = DbHelperSQL.Query(sql, null).Tables[0];+ y( k7 t% L' Q4 C7 h
2 s6 c# R, F# F! ^6 z- DzPlatForm.BLL.UserBLL usermgr = new DzPlatForm.BLL.UserBLL();- s* f) {8 ~' o. Y, ^! Y/ ^
- string UserId = usermgr.LoginCheck(user);
) P/ M- j* c7 _! c! t
; f% D+ H) k( W1 P \- if (UserId != "")) G6 | c" }3 P, q. n+ u
- {
* `6 O W( n4 K- U/ Q: l
, L1 B: o4 o$ z2 j+ o" h- j- Model.LoginLog lg = new Model.LoginLog();
" U; h, p& ^9 Q+ ` i' a - lg.Name = txtUserName.Text.Trim();* B' s: f" d% |5 m0 l
- lg.Browser = Utility.IpBrowserHelper.getBrowser();: ~5 v; c0 Y- P+ u; [3 c, B
- lg.Ip = Utility.IpBrowserHelper.getIP();6 c/ P) p: a3 ~/ r
- lg.System = Utility.IpBrowserHelper.SystemCheck();
, W) @# Y/ k/ K% Q - BLL.LoginBLL logmgr = new BLL.LoginBLL();
9 F5 h/ x- K, }- S% e - logmgr.LoginInfor(lg);" l0 b# b u; ]2 Z1 \! m7 C6 a; {
- usermgr.Record();) Z5 I0 P) X% A8 W' H( `3 t/ p
, D' d( J( X6 ?1 l# W; u' {- Model.Indentify idf = new Model.Indentify();; p& [( a5 Y( z+ h {
- idf.Userid = int.Parse(UserId);2 M9 X5 ^1 d- e
- BLL.IndentifyBLL idmgr = new BLL.IndentifyBLL();
3 D* I% {& L6 ?& A - idmgr.GetIndentify(idf);( d5 V4 d. U7 j1 p | G
- Session["userid"] = UserId;
) `7 N; c: N0 E$ y. V- q E - Session["UserCode"] = txtUserName.Text.Trim();
2 |# e+ r% j- D1 | - Session["UserName"] = idf.Name;
+ G9 }& `0 O1 s2 N4 P" k - Session["utype"] = idf.IsSystem;2 z5 G+ ]3 i5 j% s9 o
- Session["uip"] = lg.Ip;: d5 e: O; ]4 H" ~5 b1 m
6 F( k: V H8 e7 v E& |9 d
. ~0 I. B$ W* H8 N& @- //X.Msg.Show(new MessageBoxConfig
8 ?9 ~1 {; G/ H% i6 ~ - //{( [9 q1 \: ], y& g
- // Title = "请等待",4 N9 b1 Q2 `+ B, C" D- W9 j+ I! F
- // Message = "正在加载项",
9 u' p1 q! h; V* j; y) u - // ProgressText = "初始化中...",
2 @5 z1 o; w) y* r - // Width = 300,
4 Z$ c& @/ K+ \. m$ |4 o: P4 B+ X: @ - // Progress = true,
$ z; J0 x1 M# z0 a& W; U9 y! n - // Closable = false,
/ o8 \' B2 M+ o0 k% J; S - // AnimEl = this.btnlogin.ClientID$ y% W9 s5 o0 ^7 @; c4 Z0 s, F
- //});
) H1 C4 d0 L# \' y- i5 z - ( \( x9 z8 B& G9 @
- //this.StartLongAction();
# g: ]- f+ S0 Z2 H: {7 t; s - String strData, m_StrEnc, Key, Flag;7 u- |+ b3 p; v3 I
- 7 H1 W9 E- b' R7 r6 q" u
- Flag = IsCheck;
- q5 ~: F. y% N4 M* J - //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致
" F0 B7 M& h5 ?$ Q' j% {* o - //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值
" n1 I& D7 Y3 @) S/ o - // Key = "1234567890ABCDEF1234567890ABCDEF";
2 ~, {* K" n4 G8 G - Key = idf.UkeyCode;
+ n( R5 O- E3 P5 C1 O - //strData:要进行加密的数据
' g* s- x) y2 d7 F - strData = rnd.Value.Trim();//Session["rnd"].ToString();4 C: k! b; g- d5 N- @. g* N/ q' I4 [
- //'在服务器端对数据进行加密运算
( {2 k, m" d- m6 s - m_StrEnc = Global.m_softkey.StrEnc(strData, Key);
' t4 H' `3 d( c- |. M - //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证4 `1 l( j0 a4 Z5 g2 J( \4 {/ ?
- if (Flag == "N")//内网不需要比对
9 D* H2 Y6 @; O" y( g5 p% c - {
+ i# C* x' u) t( h, } - Response.Redirect("Index.aspx");$ S8 _9 u* a' E1 _) Y& T
- }! M' I! |% r" k7 m
- else; Q' p4 m7 O; f9 t. x# d, F0 H
- {
7 Y. H- Q* Y6 W; h5 A& G; ? - if (m_StrEnc == return_EncData.Value)0 w9 g A, m# p4 a3 c1 j; ?0 s5 m5 Y
- {& Z1 |2 q* c" w C( a- L& E
- ( C( L( g% q2 e% @1 v, h+ `7 C
- Response.Redirect("Index.aspx");3 M# @; p2 I" i& G8 e$ o& U& g
- }
% E4 f& S2 Y- _. n - else: O% A1 D; [ p, ~5 S r/ _
- {, X) U. X7 f" ]. _
- Notification.Show(new NotificationConfig; i- e8 D* W/ z; P/ T; i; R
- {
8 }, S2 g" S. e' Q - Title = "提醒",
% t0 M5 d, d. ^' ]7 m - Icon = Icon.Information,
7 V( ]# W% K: W8 R3 p1 } - Html = "<font style='color:red;'>该用户不是合法用户!</font>"& }2 g% y5 r5 p, M, c! s* Q1 A
- });2 r8 j! f) c* m" t" P
- }
" y5 _- J+ s9 A/ q) E* p - " e) ]8 \( {3 s$ p4 _( g
- }
2 m( _8 d" l. {6 n7 l$ u
2 m; L, ~6 |4 J; g& B5 Y- }
7 X( L- i9 q* Y8 j k* C - else6 b9 R7 \1 @1 H: G
- {5 X o+ e, s0 t; A B
- : O( Q- W* ]: V9 }+ g! O
- Notification.Show(new NotificationConfig
/ w2 o* g6 E# b6 {9 R1 i - {. D& ]( P% W% z9 u+ O) s/ [
- Title = "提醒",3 i% \3 a, ~: }$ r& R% ~' c2 z0 {
- Icon = Icon.Information,) p! i8 E. P3 x H% D
- Html = "<font style='color:red;'>帐号或者密码有误,请重新输入!</font>"
* s2 w! z$ S, w
1 q, M3 p" P% Z( b: o0 i+ a- });- R" J0 S: x. k" n/ Z5 P! \4 D
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
) J" R; Q8 w0 Q1 J; f0 @: K$ R& D - }
2 n6 _' Q% v9 b- ~ - : w8 D' r r4 _- v. P/ ` f% K5 w
- }
! a: n$ Q( m' _' s( j - }
G& f3 o6 s7 `" ]& Z/ r7 g - /// <summary>
/ T3 A8 d% v3 @' A+ W$ \/ p7 p9 p - /// 开始计算任务
6 K) l# P" q' J* t - /// </summary>
- S+ e8 a: E+ R( x# u, W1 G4 o8 l - private void StartLongAction()
2 L3 a8 D* @8 {3 r - {
+ k9 q( g) V) y2 B+ y - this.Session["Task1"] = 0;
: i! J, P' c4 N - ThreadPool.QueueUserWorkItem(LongAction);2 P6 q: [9 f' ]6 }
- 2 r; Z5 t/ t; ]7 m" A9 v9 j
- this.TaskManager1.StartTask("Task1");
3 Q$ {1 B0 `! G - }
: l7 I, j0 O, [# s8 i* f( p0 x - /// <summary>
' A8 `$ w! a5 e3 A( u2 z - /// 计时器, ` x6 X( Y4 T- M
- /// </summary>5 p" ]1 P% w$ N8 D T+ U, Z
- /// <param name="state"></param>
% r2 T9 z$ c0 q- C1 U - private void LongAction(object state)
8 m* {# O- w) Z5 D+ v: L# N - {+ H0 c6 M; W1 M! {. Z8 H! f
- for (int i = 0; i < 100; i++)" M4 B4 ], [ v
- {
, i1 b8 T3 n* ^! ] - Thread.Sleep(10);8 i3 L* V/ Z7 G- r0 p1 h" p
- this.Session["Task1"] = i + 1;
b# F- w& F' y9 t5 p3 R, W/ m - }
7 P- K8 D- g# M1 @ - this.Session.Remove("Task1");8 ^( ^0 U. C4 w& c+ }4 f. G1 B
- }
- d9 h4 x" X; }1 O3 T0 } - /// <summary>
% l" F \6 `2 \! C - /// 刷新进度条2 K- g# s- @, u7 F2 Y
- /// </summary>
$ _, Z! c9 Z9 ~( D" p) |3 V+ ^ - /// <param name="sender"></param>' e0 `* F7 v$ `5 M8 q: O2 q2 [
- /// <param name="e"></param>. M/ u, l8 _6 b4 n. s! P( h
- protected void RefreshProgress(object sender, DirectEventArgs e)
1 \* g8 p1 Y0 u- L! O - {9 G; z9 i) l! b; B4 D, L; }5 x3 J" ]
- object progress = this.Session["Task1"];9 s7 e. u# ~6 Z, A3 ^7 O
- if (progress != null)
6 C' Q9 s1 \; E1 M2 Y5 r9 f2 K - {
. E( _9 l4 ?6 a% t - X.Msg.UpdateProgress(((int)progress) / 100f, string.Format(" {0} % {1}", progress.ToString(), 100));+ U1 b" `0 Q: o5 e" c% H$ W
- }
! j& R' \3 Y8 V4 W$ K, B - else
7 Z! ^& R6 f/ E4 Y5 w! I - {/ [' ?# [7 b5 h4 J2 Y
- this.TaskManager1.StopTask("Task1");
! ]3 T( @9 S! W$ r - X.MessageBox.Hide();
/ ] V; p# T" ~( C e- w - Response.Redirect("Index.aspx");7 x+ J) m" H2 r1 A' N( K
- }
) M( |) t0 T% c* a4 S - }6 z( ^1 @4 V& i* `1 ]) P3 ?
- /// <summary>6 o; \6 w5 Y0 u0 I! m A
- /// 更换皮肤
( C9 f; E3 z9 k0 N E R9 P - /// </summary>
) Z) R9 L0 c0 z1 x - /// <param name="theme"></param>
7 C* C3 H5 T4 r$ R' | - /// <returns></returns>" V2 C3 K4 i9 N( q
- public string GetThemeUrl(string theme)2 y, O# V: [5 s
- {6 [* Q9 d6 T D" J. Y! N
- Theme temp = (Theme)Enum.Parse(typeof(Theme), theme);9 O5 C' O+ X3 R6 I; w2 G
- this.Session["Ext.Net.Theme"] = temp;
$ z# U( k( L# f - return (temp == Ext.Net.Theme.Default) ? "Default" : X.ResourceManager.GetThemeUrl(temp);
# s9 N7 ]( ]) a( x - }
* H# N+ ]3 S: T1 {' L
E; s, J4 {/ h$ z/ n% ?- }) L+ {: ~. v- x1 A
7 x8 V% _7 S" [$ b' ?- 服务端代码:Global.asax
8 {( z" _: W% y7 U5 F- P - public class SoftKey
: E' `, D" q- x1 H+ d8 E0 x% ]& @" { - { m# `0 D3 H" Q
- [DllImport("kernel32.dll")]
: k# r4 ^. u) X- J* r: j0 M2 X; e4 | - public static extern int lstrlenA(string InString);
3 g5 U; [' a0 `0 v/ f$ w+ t - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]
2 W5 g% j% M0 p& X - public static extern void CopyStringToByte(byte[] pDest, string pSourceg, int ByteLenr);
I# j( j. r; e) I d+ g - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]1 t8 ]3 O+ H# n- H! Q1 q
- public static extern void CopyByteToString(StringBuilder pDest, byte[] pSource, int ByteLenr);
% P" W! Y; o L! n7 ? - & i% }! B7 U$ y0 {* n
- //以下用于将16进制字符串转化为无符号长整型3 ~7 ^ l% j. O6 s9 {
- private uint HexToInt(string s)
0 u2 u# u: W' o w2 ?/ ~* d* u; f" U - {( c$ o0 R$ B$ ~7 _3 f
- string[] hexch = { "0", "1", "2", "3", "4", "5", "6", "7",
' M1 _2 F) Q& w+ e7 T, n! p8 E - "8", "9", "A", "B", "C", "D", "E", "F"};
( }% a* p2 y4 U& L1 M# z& A - s = s.ToUpper();$ L, M3 ?( c8 r9 C5 b6 e
- int i, j;' k* e* {4 }2 y) R
- int r, n, k;
8 |* ~- ~; Q6 }5 D - string ch;" K) x, H" l% `" v# V
- * _4 @8 s. ~, h2 D; {( w3 y0 D' ]$ T$ p
- k = 1; r = 0;% C; P% ~: N& `, w! ?2 }! l* J
- for (i = s.Length; i > 0; i--) S6 ~* H* U6 n
- {
9 Q4 k5 P$ J: y* O8 [ - ch = s.Substring(i - 1, 1);" O( v' M2 J$ F- k
- n = 0;( N7 F) W3 Y) n6 O: B0 X( V
- for (j = 0; j < 16; j++)
$ Z9 y& x: X z5 z - if (ch == hexch[j])8 L1 G3 {% w* c* G& f9 d
- n = j;3 k/ @& E. s! O4 ?, N ^( X8 a7 r
- r += (n * k);
9 I" Z: ?( i' W _; ~: C5 P - k *= 16;
- ~8 t( X0 F" Q+ r - }
0 B# `5 F9 u/ B& ^9 j$ ]# O; u - return unchecked((uint)r);, k: R1 }% L: E+ t: N
- }
6 b- F& R4 b6 y
* n& O# B# E2 P4 M+ O- - H6 ~/ T- [ \0 l$ J
- public void EnCode(byte[] inb, byte[] outb, string Key)
9 K4 x* Z$ Y- P! F o+ Y+ A - {
- C5 T( Y/ `# z3 C2 i0 v - + g3 j! g5 E# m: m2 D* z
- UInt32 cnDelta, y, z, a, b, c, d, temp_2;9 c& T' a! B2 ]' s5 M- ~0 X
- UInt32[] buf = new UInt32[16];
5 s: m2 }% A3 k4 _" u/ ~( k7 ~! T - int n, i, nlen;
2 Q6 }/ {% p h8 y - UInt32 sum;: `3 q, k0 h2 Y, N
- //UInt32 temp, temp_1;
7 L5 E3 Z9 x$ Z$ T6 T- d - string temp_string;! V6 L5 i0 E" _2 q' \9 B& I
; T2 E8 U& E6 V+ ~/ H" J& D
3 A$ d# [% ]$ U) o0 Z! R* s- cnDelta = 2654435769;5 R( }% o; W+ G
- sum = 0;
7 B7 e" M! Y$ t; b - . H: Y a; I( o& _# [- _6 k, b
- nlen = Key.Length;
/ j0 v- Z1 E. Y# X- V' q - i = 0;
/ y7 G" z) _. N1 S# v' _ - for (n = 1; n <= nlen; n = n + 2)
% {& s/ \" }5 s - {, }& q \, }3 e! u5 _
- temp_string = Key.Substring(n - 1, 2);: f$ W: z5 \( A* S) a
- buf[i] = HexToInt(temp_string);- |- i; P/ S0 n
- i = i + 1;& f( h4 i3 v1 s J# n- f
- }; H, r& Q! y" c( v+ V
- a = 0; b = 0; c = 0; d = 0;* ^5 ^0 H5 O0 x& o) g
- for (n = 0; n <= 3; n++)
, a/ E1 q! {6 ~ |/ n, n8 i - {
$ y9 _' O7 O) d5 b; Z# |" v$ n# c - a = (buf[n] << (n * 8)) | a;; w6 M' W6 k& x u' U6 B
- b = (buf[n + 4] << (n * 8)) | b;$ \2 B/ V: ?" g' d" Q' }9 l
- c = (buf[n + 4 + 4] << (n * 8)) | c;
+ x& `4 P0 S& C3 v. I3 M - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
, ?- _4 ?7 ^" x - }
: ]! z. u* D0 X7 E6 S. Z, l6 p
6 _; R, T- X3 ^% o! S- + d) F5 R! m6 u( }; e" K
) u8 F( M; L9 o- A- j- y = 0;; }7 G7 ~% G) B/ ^$ K
- z = 0;
% ~, t( }! K. R( X" N. X4 B6 f - for (n = 0; n <= 3; n++)
; m! q4 `* K) U+ m! j - {# Q* A( W! H) A: `. Q% {
- temp_2 = inb[n];; o. {; }) O o
- y = (temp_2 << (n * 8)) | y;, I9 I& V2 l- b# }
- temp_2 = inb[n + 4];
% U( Q4 @: K+ @/ q7 L9 b - z = (temp_2 << (n * 8)) | z;
; V6 e8 v. g, v& [6 _ - }
( w q6 a& G& Y) f! c R. d$ E - 4 ?1 v" ~2 v: o1 a! u9 U9 g
- / w- b) K; C" s- a" |& @: V
- n = 32;7 T$ V: ~- H, i- ?+ x
- 4 s! p4 ^0 D6 ]$ k3 ]
- while (n > 0)2 i, T9 Y$ _) ^$ S C# M2 d, u* ~
- {
& ?& x' V! }5 s8 G& F3 D - sum = cnDelta + sum;7 W7 q% B" Q3 `4 y' A/ `( O
1 U/ e7 \$ N1 o9 I5 X- /*temp = (z << 4) & 0xFFFFFFFF;
" e" O7 o9 Y: t. B9 y' Z, q1 ^6 F) p - temp = (temp + a) & 0xFFFFFFFF;( g) c7 n$ s) l$ \: j7 O2 U
- temp_1 = (z + sum) & 0xFFFFFFFF;
! O+ P7 v! q) b; u2 E - temp = (temp ^ temp_1) & 0xFFFFFFFF;, c m/ Y2 ]8 j; L
- temp_1 = (z >> 5) & 0xFFFFFFFF;, i i8 `7 t3 } z
- temp_1 = (temp_1 + b) & 0xFFFFFFFF;
) W8 o! @' o% h& ~( h - temp = (temp ^ temp_1) & 0xFFFFFFFF;
: ^+ X; D+ x) G! { - temp = (temp + y) & 0xFFFFFFFF;
. A4 r- r8 X6 W- A' s/ D4 }9 |4 ] - y = temp & 0xFFFFFFFF;*/7 P9 B7 ]2 J `( ^: ~% `; ]( P
- y += ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
0 r- E9 z4 }- ^ Q
4 i6 F* ?/ [% R; m+ u+ i ^; \2 p- /*temp = (y << 4) & 0xFFFFFFFF;
# `* U# }, P4 G% a: ~ - temp = (temp + c) & 0xFFFFFFFF;
, S8 ^5 `& z: Q0 D4 W3 ^9 f8 ]. r - temp_1 = (y + sum) & 0xFFFFFFFF;
3 S C( V/ @9 I+ t& j8 u8 L" K/ ~. ?7 t - temp = (temp ^ temp_1) & 0xFFFFFFFF;5 E# c! [% h+ d/ f6 s
- temp_1 = (y >> 5) & 0xFFFFFFFF;
- [2 e% ~9 c$ A- j$ _; G+ y2 { - temp_1 = (temp_1 + d) & 0xFFFFFFFF;
* |0 h( f V |3 C9 E - temp = (temp ^ temp_1) & 0xFFFFFFFF;
" j2 C: F, H: `& _3 W% W - temp = (z + temp) & 0xFFFFFFFF;/ ]8 `9 k( M3 J$ U
- z = temp & 0xFFFFFFFF;*/! M3 i; H# f/ A& ? J: @6 ^
- z += ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);% ]( A4 w$ R p! y1 o
- n = n - 1;- c9 D1 N" E- O. D& O5 F
- D4 ^9 H( s9 ~9 }" o
- }
2 W3 x; |1 v1 p* j. G - 1 x9 q! o a( Y* p, u
- for (n = 0; n <= 3; n++)- _- x) ^# l6 d- C6 C1 r- x3 |3 ^2 B- Q
- {$ p D' u5 X' f5 s
- outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);
3 b2 w/ F' D, K* a - outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);1 q" u& f' _7 f7 h
- }- R9 f' ?( A- a7 H9 C, Q- a
- + Q8 T6 e1 U; U$ W7 Y/ E. M
- } u# @! V+ l w. a( j0 o& ]
. L) O* j0 W3 M2 R: a- public void DeCode(byte[] inb, byte[] outb, string Key)$ p; |0 l9 X' `
- {
" H) X( ^- \3 a4 T/ N( x: ] - 9 Y; K" }% w. [
- UInt32 cnDelta, y, z, a, b, c, d, temp_2;
* @) w' P7 r4 _ - UInt32[] buf = new UInt32[16];" m" r/ R' n3 O% I- m
- int n, i, nlen;' O) a2 o: G* v$ y- J/ O7 X5 N
- UInt32 sum;
# s7 y) n" e. w* d' u/ x' | - //UInt32 temp, temp_1;; W4 e, a6 @+ |0 v; F
- string temp_string;
+ L4 @6 v N3 j5 B" ?2 G1 [. [ - 9 K$ ]8 G: q8 t' ?
7 w) i; k2 U- V5 |! a" c1 Q4 B- cnDelta = 2654435769;
6 a# {/ U& V# H m; r6 @6 D - sum = 0xC6EF3720;
9 E6 Z3 h% D( e" f: @# D
/ I* L. F3 ?2 @8 i& h3 I$ y( i$ E- i- nlen = Key.Length;! @% x: P2 W9 b& L$ {: z; U# A E" Z
- i = 0;
1 R2 X, A1 w! o/ f# a! c* k. ? - for (n = 1; n <= nlen; n = n + 2)
) E8 Y5 n- `* \5 P - {) U$ u6 k u; J7 u. ^
- temp_string = Key.Substring(n - 1, 2);* E& }' R+ ?5 g7 N( l+ G
- buf[i] = HexToInt(temp_string);" N( W+ U$ ^' q2 g- B# c
- i = i + 1;
9 Z! j+ M# _; N! ?3 a - } } S- a6 D3 E* |
- a = 0; b = 0; c = 0; d = 0;
, a1 O, s5 O1 M$ F - for (n = 0; n <= 3; n++)
+ {$ T' ?6 f0 {; d - {
" G2 E5 g* j1 R5 f - a = (buf[n] << (n * 8)) | a;0 R4 n. o/ O: s3 r' _3 ~ T; ]7 X- w
- b = (buf[n + 4] << (n * 8)) | b;
* k2 \6 l5 S, h/ @ |* H0 E - c = (buf[n + 4 + 4] << (n * 8)) | c;
' p4 U2 B4 z3 w- v4 M - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
6 _# ?- z% b! m" c5 H* {5 q - }
5 C3 _2 [# }. u1 d% U, a - % M& J" H/ K6 q3 C2 H/ m" |; W
- # g6 `9 y' i# A
- $ }9 X4 I% i- V n) P, v
- y = 0;
" g! c! p1 ]( o/ A z. a - z = 0;' P v7 l1 v9 p$ I/ K
- for (n = 0; n <= 3; n++)* v) M. f& `( b8 ~. R
- {/ V$ A( X2 f R- p
- temp_2 = inb[n];
4 x, C- W& W. z" Q - y = (temp_2 << (n * 8)) | y;" {: @1 l" s1 q: y; Q
- temp_2 = inb[n + 4];
! a! Z* H+ B* i6 h" v% \+ U - z = (temp_2 << (n * 8)) | z;
+ C. `0 o6 t3 q7 \+ I - }
; b' a# g+ T' N, U+ x8 o - 0 b! }# H: n/ \! \; y) v
- # n2 ~) x: V! ]
- n = 32;
+ ` m+ A! a$ d$ J5 `6 K0 L - - G" W: J2 u* S+ ^: P! i
- while (n-- > 0)2 i$ [! i$ W* F) m
- {; Z1 B+ e$ O) `) X& K/ I% r2 m! H
- z -= ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);: Q$ ~8 J8 g4 Y$ E0 Y6 q
- y -= ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);4 Z1 J) f. B v/ b! P$ G
- sum -= cnDelta;5 G" o) y \, O8 g( E
- : X. a O* q- K9 s5 H
- }) z' Z, U/ ~: V6 _- c
- 1 A4 f0 ]4 P* B( V2 M
- for (n = 0; n <= 3; n++)
# q; O: I9 N6 A+ e1 d2 v - {
7 x, n$ H2 m/ T) \+ n - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);8 F/ a9 I+ g3 W9 s
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
) l4 L& V) t; C. V4 m - }
' y* A$ ]: h# m, r& C. U/ `
7 f7 W! i0 }: w2 g- }+ p1 }$ B4 C7 g# r$ K
- ( k- P6 P$ R% V2 T% Q6 J
( T' c7 z: O( @+ J. r# p) `- public string StrEnc(string InString, string Key)//使用增强算法,加密字符串 b9 y( M9 T; c4 y
- {
7 ~& _, B" ?9 e; }7 [- [: d, ` - * L6 V5 E5 C4 ]
- byte[] b, outb;
4 ]; x4 R; h* k, i - byte[] temp = new byte[8], outtemp = new byte[8];
' h" l. W6 ~$ Q - int n, i, nlen, outlen;
9 V2 b; Z7 x% H; v) f$ q - string outstring;. q9 C" p; E* n0 ~. ~3 T3 ~* G
- 9 _, b1 k* [( j* |+ l {
5 p; C8 Y8 H! i# {. R9 }- nlen = lstrlenA(InString) + 1; i6 M0 }: c/ X3 j% u. U
- if (nlen < 8)
8 _; n6 P' e, E H - outlen = 8;/ U1 _9 J! [1 ?* |/ J) R
- else
r6 o' ?8 S; V4 [# m - outlen = nlen;( B& q& B# \* D2 A9 z) j0 W# D
- b = new byte[outlen];& o! Z0 D( ` {1 S) F2 s
- outb = new byte[outlen];
{5 a6 p. D. A - 2 t' Y8 b7 C) I, ?. H
- CopyStringToByte(b, InString, nlen);4 K6 L$ i: l7 l( W
- 0 y; r w! j% s0 _ w& D+ S! j
- b.CopyTo(outb, 0);
% f* e& b1 |& {' t P - / O, F. D" S F
- for (n = 0; n <= outlen - 8; n = n + 8)% e# I+ e2 H4 L3 B, M& E
- {
) h2 B9 x3 ?0 v* f8 Z - for (i = 0; i < 8; i++) temp[i] = b[i + n];) O! u' l- S- V9 _& }
- EnCode(temp, outtemp, Key);# |* |9 B& c4 U4 X5 L/ e/ `' X
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];+ |2 H0 f |$ k$ z6 H; A6 T
- }
( s8 ~+ r. e- y, l5 B
# I3 k. \. `, j! S1 {+ q, ~- outstring = "";: f* ~# X* L7 z, l: |; |* {6 j
- for (n = 0; n <= outlen - 1; n++)
. a; v j3 P% @- L i @- z - {
3 T/ z$ ]% m L; K1 m) T$ B - outstring = outstring + outb[n].ToString("X2");
8 O @5 \) y8 |/ v0 {) n( g - }7 a, A5 U1 {( g* j4 W; U0 e
- return outstring;8 w) j/ d! I1 `3 G
- }0 O, a- g* e* h" d9 y
- public string StrDec(string InString, string Key) //使用增强算法,加密字符串" s1 Q/ k' g, Z, \% C
- {
, U+ K) E7 m6 o3 g; y( g& U* w - byte[] b, outb;' Y, i+ Z2 {$ Z+ m6 Y* ]& O
- byte[] temp = new byte[8], outtemp = new byte[8];
& x i8 y6 m; j7 l$ h - int n, i, nlen, outlen;2 s; u% W3 V* M1 t0 L; R
- string temp_string;
& ~; L, [4 Q8 i# m: z - StringBuilder c_str;& p* p. A- C5 [+ J- R$ I; B
- - G/ P/ g/ F7 O! U$ }" G$ e" W
- ) S' q6 J: j% o5 Y
- nlen = InString.Length;
( c; K( |" {' K9 a k. Q1 }2 O - if (nlen < 16) outlen = 16;+ Z, x$ M' J3 i
- outlen = nlen / 2;$ C9 o/ _6 }3 p* _4 Z' m
- b = new byte[outlen];$ E p, d/ V& j9 p
- outb = new byte[outlen];
% \1 E. r6 Q8 i8 _6 x0 e5 w2 K
, \0 c# |7 c7 J- i = 0;* {1 L( T0 D& w2 r9 M, @. w
- for (n = 1; n <= nlen; n = n + 2)
% `/ c9 b- X, f5 `" g9 V - {/ W4 `& C5 @, `1 k
- temp_string = InString.Substring(n - 1, 2);
4 g* M1 I! \- E: I: } - b[i] = System.Convert.ToByte(HexToInt(temp_string));% d( C- R4 t6 @/ R* I
- i = i + 1;
2 P5 f! A& i9 O3 j1 X1 Y - }
$ {& `; L8 e: y' V) T; F
9 `( \0 i0 H- s+ r- b.CopyTo(outb, 0);# a: }3 L8 ~0 `3 {* X) {# [) Q
- ' @1 x) B1 r) ^* Y' ] r
- for (n = 0; n <= outlen - 8; n = n + 8). P( J9 b; O% F F' c; N/ ]! I& Y
- {# I! v r1 q9 Q2 T2 t
- for (i = 0; i < 8; i++) temp[i] = b[i + n];8 `$ {; M- f# [8 m
- DeCode(temp, outtemp, Key);
1 A% J* T# G. ]" d# I( ~/ F; z - for (i = 0; i < 8; i++) outb[i] = outtemp[i];
. A. d& e4 z( D9 B0 ^ - }4 [/ g; c, v* g7 Y( F8 q: s" {" L0 A
- ! @" m$ x) k `, M! u
- c_str = new StringBuilder("", outlen);
}# v: D: }( D5 z. P: |! o - CopyByteToString(c_str, outb, outlen);2 X& I5 |& B6 n+ ~
- return c_str.ToString();
# K7 W9 b p. ^9 i( `/ Z4 h - 9 a) L" T" `6 G# p
- }
) s5 }3 s$ d' W2 m7 I
( [; ?. Q6 A+ ~0 J1 k* c" U2 \
# X3 e1 J3 N1 p; S$ U. h- }
+ ]: x! o9 ~+ d* W唯一锁写入Ukey:
( E* Q" f8 x' U, N& v! x
2 W2 t& h; u/ Y8 c- Z0 m/ W* R; x
公网客户端:安装插件
9 _3 P% V% ~" m' D3 v' K 多文件安装版+需要先插入UKEY
0 r; N8 Y3 ]! Y1 c+ m/ V8 {: r 插入UKEY
% T' s$ g/ |1 H* `$ Z0 E3 c4 A
登录成功!
1 X8 p$ k5 y* L1 P. q |
|
/1 
|Archiver|手机版|小黑屋|科帮网
( 鲁ICP备19059327号-2 ) 
窥视卡
雷达卡
发表于 2014-09-05 15:32:16
转播
淘帖
分享
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡