|
该用户从未签到
|
|
登录协同工作平台安全解决方案 % }# r3 J `# u* {! B8 \1 q, V
[摘要]公司领导说登录验证的安全性如何保证,建议采用UKEY验证类似网银解决,调用第三方YT公司产品。 解决方案:
# [# i& J. J5 d9 ^1 J
前端页面: - <embed id="s_simnew61" type="application/npsyunew6-plugin" hidden="true"> </embed><!--创建firefox,chrome等插件-->
S# J j8 M5 [$ I1 ?5 H - <script type="text/javascript" language="javascript" >
- G$ v" b6 E1 O0 z) I5 b5 R - //加载皮肤 S+ c. B! \# ~
- var setTheme = function () {9 G8 {. O( }+ {; |
- Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), {' z5 K! |0 R3 v% v
- success: function (result) {& n; \9 C% g1 C: V
- Ext.net.ResourceMgr.setTheme(result);
! Z8 }, z0 z% q% e - }
# u3 Q3 C _$ q+ r7 v1 ]# I - });
! s7 G* A' c; c1 L4 M - };
5 [# X. G. T U p2 {3 p - //回车出发$ Q8 R; A0 h; I# N- t
- document.onkeydown = function (event) {
8 V* I/ `" T) a, z( R0 I! z - e = event ? event : (window.event ? window.event : null);
$ N: P+ B# I5 [, o - if (e.keyCode == 13) {! W( j; Y; h' j9 U
- //执行的方法
5 E/ B+ s, P8 ?* Z - //alert('回车检测到了');
x7 j I. u3 A2 m7 S" O - //Ext.net.DirectMethods.Login();
1 W# y F' w) n' { X. s% A) c! Y - login();
1 L3 r; t$ ?; }2 D" ~ - }2 F* X9 C: i$ h: g
- }$ c* ^$ r& m8 F& `+ r
- * c" D9 S2 k; f' k$ h
- var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
: m a: P9 f p - function toHex(n) {
5 h, R7 W* r3 z# n# { - var result = ''
! Z; A. d4 w K: J* j - var start = true;7 l7 J: g* }( X
- for (var i = 32; i > 0; ) {
0 f& p2 F% `# S8 g0 B/ `! x5 {& m - i -= 4;
5 S. r, k2 @' G- O& B* c* p - var digit = (n >> i) & 0xf;+ k& w/ y# B# P- [6 T
9 O6 Y3 D1 h: z- if (!start || digit != 0) {- o( }8 H. U8 e p; ]/ e
- start = false;
' a1 @, e' V* c1 W7 G! {4 _5 e C - result += digitArray[digit];
0 c) R; b4 D9 H, Y$ a" U - }2 m, C$ c- N5 P2 F8 L" y
- }
$ m, E6 p- D! i4 J0 K) }/ h - return (result == '' ? '0' : result);: Z! b" k9 t$ ^0 H- M4 |
- }. I% s6 s! K1 R4 `
: Q$ E( o: b) t" ]5 o/ L- var login = function () {
7 y$ E- {- H* l7 r3 A - var IsCheck = 'N';
1 j+ ?3 t; t( a) ~; W* G3 l - if (window.location.host == "localhost:23111") {
9 w/ U( W# K2 q0 d- ^( k! W/ B) k( f - var DevicePath, ret, n, mylen;" y+ x5 D' T" N: i, F/ @$ ~
- try {
/ Z3 `4 d" u( B3 j4 E$ i - //建立操作我们的锁的控件对象,用于操作我们的锁
. \9 Z# E5 @( t+ X2 m6 d% v+ i z - var s_simnew61;+ m/ E" t! B6 N$ Z/ g
- P0 }( X9 v2 ^% E: a. ?
- //创建插件或控件) Z3 `" Q8 [! G: W4 x
- if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) {
! j- p8 W; C. t4 B - s_simnew61 = new ActiveXObject("Syunew6A.s_simnew6");
8 @+ g* \) ~0 |) C - }
6 U& G$ \4 @: l7 J3 c - else {
( V. ]1 w0 _- s6 F. A( ~. ?( \ - s_simnew61 = document.getElementById('s_simnew61');
' k# x$ T2 P. X - }
. X x4 b; ]: ]9 o
: w1 o' v2 D5 Y/ m& r2 \$ `- + Y+ A6 W- g" A4 K* `6 O: P
- //查找是否存在锁,这里使用了FindPort函数
9 w4 K K1 |' Y - DevicePath = s_simnew61.FindPort(0);1 t2 q- |' g' J0 S* U* u: W
- if (s_simnew61.LastError != 0) {
1 F. x; m6 \6 f* Y0 v& q - window.alert("没有找到Ukey ,请插入UKey");! ?, {! k7 n( j" _' f
- //window.location.href = "err.html";
# N- B# j/ k+ X9 e - return;: g) H4 O/ f) d/ k; y8 H$ e$ N( l
- }
: J; \/ o" s7 j - " Z' n' u a0 ?( l- d( [
- //这里返回对随机数的HASH结果
( d \6 c2 d; F4 x9 g; z/ O; n4 M - frmlogin.return_EncData.value = s_simnew61.EncString(frmlogin.rnd.value, DevicePath);; V8 i2 f7 f. Q: S; \
- if (s_simnew61.LastError != 0) {
8 N9 z/ H* }1 b& o+ J3 _ ` - window.alert("Err to StrEnc,ErrCode is:" + s_simnew61.LastError.toString());9 c, l/ F: \! O8 ?2 a; D7 O/ e
- return;
1 ]! ~$ f# x- h3 X - }
7 q1 g$ y J# v- ~1 P' H$ |5 \3 t - IsCheck = 'Y'; m' U9 i$ ]5 _$ ~
# q0 M/ P& F' S' m5 I- Ext.net.DirectMethods.Login(IsCheck);8 u9 x( n% J; O8 O
' T. V/ s& I* c5 F J0 w1 h) T- } catch (e) {) w- A% N0 a5 a2 O* F' C% A
- alert("您在使用外网访问:" + e.name + ": " + e.message + "。可能是没有安装相应的控件或插件");
+ c0 H" P0 v! [8 @ - }
1 T' ?+ @3 d6 F9 g9 X; u6 X5 `+ d - } else {
0 I1 a" a% ^7 x - Ext.net.DirectMethods.Login(IsCheck);. {4 p* y2 e5 x1 R
- }. r2 T2 g" ~/ Y$ I3 l
- , K; b$ y" h2 t J( {- S* `- w
- };" R) _4 b O3 Q
- </script>
1 Z2 S7 m# D0 p: O6 L6 C3 Z3 c - <script type="text/javascript" language="javascript">
. Z6 b: y G4 O I" J# `& o7 H - function reloadCode() {& |0 D9 d9 }* L' G3 \+ a7 w
- var obj = document.getElementById('imgCode');( f" K. P. Z1 R; T( C) W1 @4 s) A
- obj.src = "VerifyCode.aspx?";/ Q5 t- U: E# {% ~+ Y6 i
- }+ q7 O6 e) U0 Y1 z/ O
4 _5 |5 `+ f4 I8 f: d# e- </script>9 ?! _3 t) g0 t
- CS代码:
8 z0 A# P$ ]! `; {. l0 Z, V R+ g - SoftKey2K ytsoftkey;/ L" ^1 a4 B A- R
- String KeyPath;& X: e6 y' z; j
- private string _randomcode;8 G+ Q3 M( T c, l N
- /// <summary>- N! X) F9 j* L# K9 g
- /// 随机数
0 }* R8 i/ m( F; e - /// </summary>
* P/ _% @- R k. E# n - public string Randomcode
$ z+ x& \( H2 f4 Y# g - {
% A2 h! B" b- \7 @1 U) G$ ` - get { return _randomcode; }
: t; V2 m9 A: y2 S( u - set { _randomcode = value; }: \9 y9 @9 B& `) b9 E4 m ?
- }
; u n8 a7 E8 e) u- m - protected void Page_Load(object sender, EventArgs e)
' N; o7 z. }+ K% B$ H, c - {0 ~9 n" y/ v0 X$ n9 \3 _7 {
- if (!IsPostBack)
# D l5 e- [7 ~$ u/ c - {9 l; W2 O: f U$ d
- System.Random random = new System.Random();' H$ `/ k4 A9 s5 ^& b
- Session["rnd"] = rnd.Value = random.Next(0, 2147483646).ToString();
; u, E# K, N. ?# q' _# r - Response.Cookies.Add(new HttpCookie("CheckCode", ""));
' j' }/ } y# F" G* [ - }
# w" @" F1 U) ~ - }
* R+ `$ F, K, w( Y7 P+ c) i, y! z
' d2 U: `" }5 S3 Q) _- 1 m# x' q" t5 M' o
- [DirectMethod]
4 l& O* }/ Y# ~+ ^ - public void Login(string IsCheck)
' X1 ]. h" G3 y- v/ P. r" v2 W - { G# D, t7 ~4 V* f Z
- Check(IsCheck) ;
8 ~5 O8 l$ f8 e: m( W' B -
) o7 |3 R- J' J) L9 h. I) Y5 @- L - }" V1 @" U- V( I
- /// <summary>
# |9 P4 H, D g3 `& k6 M* `3 G - /// 登录验证
8 }5 n9 g5 X+ i% u2 S - /// </summary># M2 ?1 u& ]0 m
- /// <param name="IsCheck"></param># N" q2 _& I/ U: F9 N0 N
- private void Check(string IsCheck)
/ L0 r6 n3 S( a) y+ S" k - {
3 a5 K, Z7 l9 i0 q( I - if (Request.Cookies["CheckCode"] == null)6 H- Y5 ~% X% V- g8 P1 C! `; a
- {
( k( X! w3 m, o9 b0 e
% _; P5 p7 n# N3 N: n- Notification.Show(new NotificationConfig
' }7 E% Y/ C6 w8 Z: | b/ I. q" m/ u - {
. }4 Y! p2 y7 _6 r7 q- U4 Q* A# h - Title = "提醒",, X: {: t+ f% R [
- Icon = Icon.Information,
3 L3 S# F' ?7 D9 M - Html = "<font style='color:red;'>您的浏览器设置已被禁用 Cookies,您必须设置浏览器允许使用 Cookies 选项后才能使用本系统。</font>"! X3 A8 x- k5 B$ y
- });
. ?/ @$ c5 r& t8 c - return;
( \9 ^1 ]. y/ B+ h5 S- R4 N' t - }
3 g, c/ t& N8 q- Z* r. { - //验证码比较2 ]5 `. q# o P, f( f
- if (String.Compare(Request.Cookies["CheckCode"].Value.ToUpper(), this.txtVerifyCode.Text.ToString().Trim().ToUpper(), true) != 0)3 b3 h1 W: h5 f4 g
- {
$ u# ~5 t5 ^+ u2 H9 ?- D/ s* S - this.txtVerifyCode.SetValue("");
8 U& E+ p# R4 B0 i* m - Notification.Show(new NotificationConfig
" {4 t2 Q5 }' L' T5 e - {" x/ k, y5 f4 T& u) J, v8 ^/ f& {
- Title = "提醒",
0 I; E/ p( D- A& M9 W - Icon = Icon.Information," _9 M3 e1 a9 P! y2 o
- Html = "<font style='color:red;'>验证码错误,请重新输入</font>"0 \% z: T( S9 R5 h" B$ w# ^
- });
1 U+ k- A$ M7 A( p' G" E1 b9 L' \: c - X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
* ]3 I) ]+ n9 a v& p - return;
( @6 E7 j5 Y0 R9 z
8 s+ T5 t( n7 Y* L: ^) n5 d: N- ' T* F2 E% s% Y
- }
$ B8 z8 q+ o& q) K% f - else5 t4 v* X+ x" u3 S7 ~0 c
- {
% p% P- n) f9 g2 {5 G, x6 H - Utility.MD5 md5 = new Utility.MD5();# s/ G; M9 r1 Z& E; ]
- DzPlatForm.Model.Users user = new Model.Users();7 \/ e5 C& [9 \
- user.USERNAME = Utility.Baseclass.SqlFilter(txtUserName.Text.Trim());//过滤危险字符5 o5 Z m6 z' } G
- user.PASSWORD = md5.MD5Encrypt(txtPassWord.Text.Trim());// md5.MD5Encrypt(Utility.Baseclass.SqlFilter(txtPassWord.Text.Trim()));//密码进行加密" q* x) x( Y3 [ o
- 2 U; g6 ?; z8 [. f' c
- string sql = "select * from [users] where id=1";
7 a) P: J+ J# F" w; r - DataTable dt = DbHelperSQL.Query(sql, null).Tables[0];
9 d- j E' {- k+ B6 f( q
! R$ d9 [9 Q; c- DzPlatForm.BLL.UserBLL usermgr = new DzPlatForm.BLL.UserBLL();
O3 {1 r+ k- V1 {3 E& d: K - string UserId = usermgr.LoginCheck(user);. p3 o( E l$ N% Q. q: Z
! k, f& |" O* ~9 V: h2 c- if (UserId != "")
+ O+ N- a5 a/ m. ?$ e: d& \& \ - {
% v! b# D2 k$ z# h% r
4 A7 p: d; L; x- Model.LoginLog lg = new Model.LoginLog();
, z' J( h+ S. E5 y3 V- H5 A$ G - lg.Name = txtUserName.Text.Trim();& P# r2 x- ?' u9 _7 h
- lg.Browser = Utility.IpBrowserHelper.getBrowser();2 f: d/ | J0 s+ ], l+ ~
- lg.Ip = Utility.IpBrowserHelper.getIP();
6 \- b, b% A9 `3 G' t4 H9 @ - lg.System = Utility.IpBrowserHelper.SystemCheck();
5 O0 f/ I: _& f( g2 l( q- F2 m - BLL.LoginBLL logmgr = new BLL.LoginBLL();
. ^; h; O* a; `" }4 {7 ? - logmgr.LoginInfor(lg);
; K1 P( T k Y i4 c - usermgr.Record();
! |( I/ \# a% x: }8 x5 a2 a
1 | S @8 _' X, ^* S' q J( g- Model.Indentify idf = new Model.Indentify();
2 z; N' O: c( ?& }" w8 c8 d) ~" N - idf.Userid = int.Parse(UserId);
) `! n5 N$ J& @8 u8 h( k6 S - BLL.IndentifyBLL idmgr = new BLL.IndentifyBLL();; `3 @ E( e) H5 e
- idmgr.GetIndentify(idf);
- Z5 {/ c9 o5 U7 w - Session["userid"] = UserId;
. l5 K( x7 c$ T7 U: W4 b - Session["UserCode"] = txtUserName.Text.Trim();
7 i# j4 t% J0 |; K1 m6 Q' X) e - Session["UserName"] = idf.Name;
+ L' n- O: z/ Z) h/ [/ s- B* Q+ h - Session["utype"] = idf.IsSystem;
. n+ Z/ a. }9 l X' h# ` - Session["uip"] = lg.Ip;4 z2 B2 }3 h9 r: j
4 }3 Q' G+ e, u- # S; U1 T( U7 I
- //X.Msg.Show(new MessageBoxConfig! z9 T0 l0 ]# L* m6 L9 ]/ k% d
- //{
3 B# ?# ~7 {7 `! k/ l2 w - // Title = "请等待",5 `& a# h) m, U4 I, M5 \* c. y
- // Message = "正在加载项",
. @9 |3 W2 a% y: R6 N - // ProgressText = "初始化中...",
F, v4 v: |$ ] - // Width = 300,
# v; f4 B- J, @ - // Progress = true,& p7 R {2 X! J* G" _8 F
- // Closable = false,
3 u. h, U8 B& x, L8 {4 f - // AnimEl = this.btnlogin.ClientID3 ?, k: U2 f1 S P' s
- //});
6 A+ X1 Y6 [) k. k5 G. v( I
4 X# ]9 ]1 T8 f# C+ v- W- //this.StartLongAction();3 E- D; Q% V# V- B. Y: c0 c7 l
- String strData, m_StrEnc, Key, Flag;
' w4 A+ q3 ]; }1 C/ v
9 ^- U8 k* k" y1 l' L" z' p- Flag = IsCheck;
: m4 ]7 }% f& u: e& I, y, T4 a2 r - //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致$ H) [( P* y9 V9 B; F) t/ w
- //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值0 s% B. ?" J$ M, ~. [
- // Key = "1234567890ABCDEF1234567890ABCDEF";
$ w5 k0 ^: D- [! @$ ?- \+ F1 p - Key = idf.UkeyCode;
7 J5 |5 Q4 G( D+ e) n1 s B - //strData:要进行加密的数据
% Q( X% L/ g# M$ A - strData = rnd.Value.Trim();//Session["rnd"].ToString();" z4 \* V9 n* h
- //'在服务器端对数据进行加密运算- ^% g1 H+ Y! B) t/ s' C) \/ k( i
- m_StrEnc = Global.m_softkey.StrEnc(strData, Key);
6 e. ~& U2 k: l8 \) q ~# P - //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证
& v0 y( x) i, v! B - if (Flag == "N")//内网不需要比对
9 k1 d' n# s7 k7 r# T - {
& V5 @$ m. h' O" Z+ [$ q9 | - Response.Redirect("Index.aspx");9 F, ~. i& M1 K9 J! x7 Q
- }6 R4 p" y8 t% I8 _
- else l+ V4 \9 H& \7 i
- {* \) w j H2 @5 a! L3 ]; K. e! e
- if (m_StrEnc == return_EncData.Value)
& Q* `' [* _: p6 Q: l0 c+ [ - {
) o$ U/ |5 v- g4 L0 V& D; [6 `" U$ M - . Z8 s* b1 ?" T5 R- s
- Response.Redirect("Index.aspx");9 e4 _/ s; [; h: ?$ Z9 N
- }' \- T1 [' \- s$ q! N8 G
- else
: {2 v' Q# X5 m% y0 H0 Y5 a+ n - {! b: P, ^2 Z+ P- [8 K
- Notification.Show(new NotificationConfig5 S2 S3 U! i6 U p) w
- {0 q4 s0 A" c8 b n9 r
- Title = "提醒",1 }5 T$ A# ?& w1 t, ~# c5 F
- Icon = Icon.Information,3 _1 {$ a% k: A6 K6 H; I) I
- Html = "<font style='color:red;'>该用户不是合法用户!</font>"( L5 H( d1 O0 M
- });* }6 E9 n, G+ d6 t' x3 l+ u' x
- }
% F3 @- D+ Y1 E# z1 e/ n7 I - ( ~' Z& {. [' k5 n+ U* r% z/ R
- }
8 U6 n" Y, d v
7 N0 A2 X0 m( g# k- }
7 Y7 `- o- Y) Y3 a - else r/ j4 v* N6 [, O9 X4 {7 O+ D
- {+ e9 v+ r: Z1 G9 J4 d* q+ E
- ) n7 S4 h9 L" K/ y9 K, w/ R& W* \- U
- Notification.Show(new NotificationConfig
3 \) y6 Q+ w2 E+ M% G1 R. b3 i) W" m - {7 L! ~' k4 `) D/ x2 W+ R3 }/ i, ?
- Title = "提醒",. h) S& l/ P Q8 k% y7 {
- Icon = Icon.Information,1 {$ p3 f% Z* }% }5 J/ b4 z& S
- Html = "<font style='color:red;'>帐号或者密码有误,请重新输入!</font>"
6 y0 s7 L- c. p3 f% l" l) } - ; M! D. m8 e& R) a
- });
( J) n( K& B% h6 Z/ } - X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
0 c$ n$ h# x; c" N, p - }
9 e" w, Y$ U0 u* v, x# C! y+ Z
: |& M- D7 c0 E7 D8 d4 z- }
. N: ~0 v- Z; j/ u2 E9 N - }: q; Y2 Y3 V0 P* S3 z! l
- /// <summary>
7 S% T3 h. J' M8 U4 R. X9 M' ^/ n - /// 开始计算任务
' { ^% l3 e; T R, V0 i& j - /// </summary>
, }# r! l0 ]! l4 c7 P& {/ z7 x, B - private void StartLongAction(), k5 C; K7 I4 x3 v
- {! R! T! ~- J7 w' k$ g0 S" B
- this.Session["Task1"] = 0;( t/ G% h/ }& g- U# Y& E$ R# V+ g
- ThreadPool.QueueUserWorkItem(LongAction);& g1 F4 k+ t a1 d! k" P/ N8 i
- # G9 i* v5 {5 T* R1 x
- this.TaskManager1.StartTask("Task1");" o9 ~: B& ]+ C2 r# D' }5 n
- }
4 Z2 \5 y W" n1 j/ x x - /// <summary>
! m+ `5 Q$ g1 J9 r z0 V. { - /// 计时器4 c3 y) l' c a# k1 e. Z- y4 y
- /// </summary>! t( ^) w/ E* o0 J% M% V
- /// <param name="state"></param>
6 ], s1 i F" o" E* l$ t) k - private void LongAction(object state)
0 u6 G5 B# q; F9 _ - {" h" Y/ X8 v' f: L3 i) D
- for (int i = 0; i < 100; i++)
2 R2 i* y; m! E' ^" d - {
# K1 w; [9 ?3 | - Thread.Sleep(10);
6 g+ I5 Y, E9 G - this.Session["Task1"] = i + 1;$ w+ l* @$ M# e, z8 n5 C3 p
- }. P* a+ ~! j9 ~! R1 w f, M( c, n
- this.Session.Remove("Task1");
" K: r" ?& o) j5 p8 h. D2 ?1 O - }- Y$ ?3 {* g3 g, z8 f( P
- /// <summary>
4 [9 |# ]6 _7 N8 f" k. R - /// 刷新进度条2 x$ A6 }3 d K* O. N: ] |2 i
- /// </summary>
7 ?5 u2 V5 b8 J) [2 ` - /// <param name="sender"></param>, q# s7 b. w2 J+ H$ `
- /// <param name="e"></param>5 _% O6 S. s" N$ \8 b" t' N
- protected void RefreshProgress(object sender, DirectEventArgs e)
7 Y; X' n0 W2 d" P- p/ ?$ d - {$ f+ i; x$ j5 ?4 m& N
- object progress = this.Session["Task1"];
8 }) a% V7 ^: ?8 S! o! X: r! @$ O( q6 b - if (progress != null)+ f( O# q3 Z8 ~
- {0 d5 r: L: X* V' d
- X.Msg.UpdateProgress(((int)progress) / 100f, string.Format(" {0} % {1}", progress.ToString(), 100));
( G! y, ^7 p' E- L; {6 {( m1 T7 }7 n - }
" E0 S( g! c) D& | - else3 q+ o8 R$ e0 s0 t+ T
- {8 L3 o$ Q5 V d: W# j7 x
- this.TaskManager1.StopTask("Task1");, ~) [$ f4 f# c" ^
- X.MessageBox.Hide();1 c3 P7 R6 h1 h8 @) F6 v, b
- Response.Redirect("Index.aspx");7 G8 m- Q9 Q; k- I
- }5 c/ r: K; Z& O9 n, e) g
- }6 [3 G9 ]; I# a- x; q5 `
- /// <summary>4 H' ^/ M! |; O
- /// 更换皮肤: v6 ?6 s4 d# K! J# @( d3 X
- /// </summary>
7 D g3 A: Z/ m* P# l2 K7 v - /// <param name="theme"></param>
; j6 b* } U3 t: y9 [3 {, a - /// <returns></returns>
' j! h! D4 w; m5 ?2 F! i - public string GetThemeUrl(string theme)$ g3 d" Z; ~ e7 n
- {- R6 h( a1 x7 b8 e7 P
- Theme temp = (Theme)Enum.Parse(typeof(Theme), theme);' F$ K* \' N3 O3 J' U1 H6 y# O
- this.Session["Ext.Net.Theme"] = temp;+ Y, A6 i2 j6 H& m4 s/ G& n; p, x2 p
- return (temp == Ext.Net.Theme.Default) ? "Default" : X.ResourceManager.GetThemeUrl(temp);! G7 |3 Y! K: ] J7 x* }
- }- R/ r2 v" Q, C2 N+ x% u1 e
; [& g3 W3 Q- s- }) M* y. }# C6 O; o0 q, n: V
- , }& q: A3 |7 ]6 F8 B
- 服务端代码:Global.asax4 `: G3 t' i; S; X+ H3 k
- public class SoftKey
9 T3 S B/ f7 F. | - {
d: {% ] k' Q' f( X2 S - [DllImport("kernel32.dll")]
' |: K' B4 b* A0 k5 j5 z6 ` - public static extern int lstrlenA(string InString);
7 A1 \* w5 h" m" T( h+ w& V - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]! A/ Q& c: p `5 E
- public static extern void CopyStringToByte(byte[] pDest, string pSourceg, int ByteLenr);
) u, D; ]' e# t' k3 p/ d3 w( c - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]9 n, e! k! }; \; |6 N9 z
- public static extern void CopyByteToString(StringBuilder pDest, byte[] pSource, int ByteLenr);6 F+ D# \( q* O; ? W
8 g0 x) z( Y" W+ Y2 Q' B- //以下用于将16进制字符串转化为无符号长整型
5 r. c3 \5 l7 p7 ] - private uint HexToInt(string s)2 Y6 w+ ]7 z! R, [
- {
/ W7 p' Q/ J' F, q* W - string[] hexch = { "0", "1", "2", "3", "4", "5", "6", "7",3 ^+ f% i! | b' i( N7 ~, G, U0 n
- "8", "9", "A", "B", "C", "D", "E", "F"};
, W2 p) J$ R* X- U - s = s.ToUpper();& H7 _8 z& V" x3 b
- int i, j;4 H& P$ l. r2 N. B
- int r, n, k;
7 _% `% U& `$ D; ]" Z1 X - string ch;
0 v) w, j+ I* a: r - 4 g( e6 R* W9 E$ r' @5 k# }
- k = 1; r = 0;
, ]; S) z( f; ^8 L1 A6 l" A5 { - for (i = s.Length; i > 0; i--)+ _& I0 b) Y- M! D3 q
- {
6 g1 ?6 ~( v" }0 |3 j - ch = s.Substring(i - 1, 1);+ e- g, i" v# z0 c
- n = 0;% W5 l. c# E& _+ U2 O
- for (j = 0; j < 16; j++): u& ^+ `& ~; u) x* |
- if (ch == hexch[j])
& T% D o, K V8 ^+ G0 I - n = j;4 z& Z; {$ ?2 U. O! q3 A4 S
- r += (n * k);
% Z8 m! {! h6 J, g - k *= 16;5 F! a7 a; I. z2 P& p2 w A
- }
: @8 j# O3 G) {0 y2 j - return unchecked((uint)r);
6 n1 J) G3 `: M" J3 q' c+ x - }
3 F4 |! q5 R3 a+ e+ e) }# D
5 X4 ~: y* \6 a6 z- 5 w( O6 C; q, q5 @( q, O
- public void EnCode(byte[] inb, byte[] outb, string Key)
) t3 L6 k5 v5 m2 k& G1 ~# o - {8 E+ @6 r: i, r5 M
- 0 h2 t8 v3 {+ y2 r) Y- _; E% }
- UInt32 cnDelta, y, z, a, b, c, d, temp_2;
; X7 b, W8 M: U3 U - UInt32[] buf = new UInt32[16];: O2 Z$ t$ @+ M9 A* V
- int n, i, nlen;; Z4 x: x6 Y! q' K' g0 T$ x
- UInt32 sum;* x$ z' v) O* a& Q
- //UInt32 temp, temp_1;- E: H- y* @4 y( ?1 d. k9 |
- string temp_string;
; _+ y. A1 l9 I7 f E2 H
* ~# z1 C9 u- x& G2 V9 w! X' J Y
* n6 B+ {/ Q7 g1 B) S- cnDelta = 2654435769;
: s3 W1 n4 H3 g) a+ f& v4 R N - sum = 0;
4 \/ M1 } M- w: }4 H
6 ~( y% i! S' k0 |! ~# l- nlen = Key.Length;
+ c% {4 N, I( ^# ^* F% K - i = 0;
# `/ x, J; y# d - for (n = 1; n <= nlen; n = n + 2)
( Z0 X- Q. t( U' b; T - {( [9 a: }: p4 L0 G5 C( p8 ]7 _
- temp_string = Key.Substring(n - 1, 2);
3 @( n% o" i/ M - buf[i] = HexToInt(temp_string);5 i# H5 D; O5 `4 s! b) ^
- i = i + 1;
7 c3 l9 ] D8 P B - }, P- U6 @3 C, F2 D3 P; V3 E
- a = 0; b = 0; c = 0; d = 0;4 D g! C( Z6 I6 g$ }
- for (n = 0; n <= 3; n++)* {" _$ K) i1 ]: V" Z
- {
" f) b3 B, ^2 S! c. A G - a = (buf[n] << (n * 8)) | a;1 \; {- m' ^+ g8 B! F" z* b6 m
- b = (buf[n + 4] << (n * 8)) | b;. l. f3 A' Z a8 R8 F
- c = (buf[n + 4 + 4] << (n * 8)) | c;
0 k# ~" |0 ~; N6 J+ n - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
. K! W: _5 V4 y' T: a - }
" Z9 z3 f, {) t1 z8 n
8 O: d, L: \& q7 {. P: ?- ( Q) ?/ ?3 p5 n% s% f* _ D
u+ p0 |# O. n* ^' m# W9 |( T1 Q- y = 0;4 y' q8 j5 c' S) t( M1 u
- z = 0;1 b0 R. J& p1 k+ ~
- for (n = 0; n <= 3; n++)
1 m$ U! x! I/ P: e4 p0 F/ t( h - {) T6 e/ Q& J/ u P
- temp_2 = inb[n];$ V9 i5 E- S) I+ Q- [6 m
- y = (temp_2 << (n * 8)) | y;0 k |( |3 j5 Z) S
- temp_2 = inb[n + 4];0 h S) M* h0 u1 K
- z = (temp_2 << (n * 8)) | z;
" u! c7 L2 @0 D& V& o! C& O' f - }
7 `5 A) N8 `6 y. D( h - # y9 X9 V: {2 ?! J& X! ]- s
- 5 l* V6 @) c: ~2 i: d8 s7 t
- n = 32;/ H3 v k/ _1 M* A) c
1 [, }, E$ h* c/ L1 M- while (n > 0)
) [( p( `6 I7 _$ _; q3 b - {
# r8 M7 Q+ O7 Q. ]6 v - sum = cnDelta + sum;, h" {' V( l/ e8 }0 j+ ?- b4 ~
- + u( @' o# ^, V
- /*temp = (z << 4) & 0xFFFFFFFF;: V+ e& {+ h3 H( O2 ]* M: ?6 n
- temp = (temp + a) & 0xFFFFFFFF;
4 R0 t' Y' D: [6 ]" |/ ] - temp_1 = (z + sum) & 0xFFFFFFFF;
4 O4 B! B2 B- p" U/ G* y - temp = (temp ^ temp_1) & 0xFFFFFFFF;
" y. a6 l6 O: j% t( k# h! q - temp_1 = (z >> 5) & 0xFFFFFFFF;1 m( Q# e3 k' ?' J' {8 h( U
- temp_1 = (temp_1 + b) & 0xFFFFFFFF;
% C) F+ i: h! S0 j+ m6 | - temp = (temp ^ temp_1) & 0xFFFFFFFF;4 @, U/ N9 J- l+ i- W
- temp = (temp + y) & 0xFFFFFFFF;
' H. K$ Y2 C& l A: o: Z - y = temp & 0xFFFFFFFF;*/
# N7 U7 _+ u6 m) L - y += ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
# O8 k1 u4 `4 h7 \. G - * ?+ z/ Y' E8 X+ D! K
- /*temp = (y << 4) & 0xFFFFFFFF;
( D: s0 S* A, s& p6 q1 J: P - temp = (temp + c) & 0xFFFFFFFF;; V, Y- \- z" i E ~ E
- temp_1 = (y + sum) & 0xFFFFFFFF;6 e/ O' [" d! q( K
- temp = (temp ^ temp_1) & 0xFFFFFFFF;3 x' B2 o( j) N* g4 c+ g
- temp_1 = (y >> 5) & 0xFFFFFFFF;- k7 U3 t7 Q x( F5 x& U% h# q
- temp_1 = (temp_1 + d) & 0xFFFFFFFF; G+ W& j$ A2 E" m# l; v G6 m
- temp = (temp ^ temp_1) & 0xFFFFFFFF;5 q4 F0 S" U9 v# D. Y4 b- a
- temp = (z + temp) & 0xFFFFFFFF;
" D* O3 e( X& ]6 Y3 {1 K: X6 H - z = temp & 0xFFFFFFFF;*/0 G, ]7 r. z- v& u
- z += ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);
0 L3 o; O& i4 ]! Q. L" b - n = n - 1;
! ~3 M# N/ l5 w. ]! h - 2 ~4 b$ E' Q U, o+ p
- }7 j$ b' ?9 s1 d1 [! C
. l" |6 J4 k8 u8 K- for (n = 0; n <= 3; n++)4 A- i* ~. s. A. Y/ g) w
- {
; N |4 H8 D, R, z0 a# N - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);8 d7 g1 Y9 k2 h
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
3 n1 `# ^9 b! H4 s) n# \7 p& `( y - }
2 h3 C S, g: F$ n7 _
6 [% B; W; o* o9 D8 D6 X- }
5 |+ S( n! G, ^% u! |, }* ]" A
1 w+ ]9 [% c* j3 P- t% ^: G- public void DeCode(byte[] inb, byte[] outb, string Key)$ [+ q& Y7 I$ x1 {( ?; l
- {
, M+ L3 p% r- D m# }& \( }
! e# U; ]( x" ], v I3 K- {; M- UInt32 cnDelta, y, z, a, b, c, d, temp_2;- J5 g3 C, ?1 @2 k+ k# @( A
- UInt32[] buf = new UInt32[16];
8 B( |8 }9 v. F) Z0 f - int n, i, nlen;1 |) y* g7 {$ d; m
- UInt32 sum;
7 u3 ^7 `% p0 J7 B - //UInt32 temp, temp_1;2 Z0 W2 G/ ]- h: @& q0 K1 L7 D
- string temp_string;
K3 J1 \6 Y! x9 L! h' [# c# m - 9 U) h# y* P5 T6 G0 _& b- E# w. E
% J6 P& x+ u/ U9 A- cnDelta = 2654435769;
: \* E. N% B O! g1 h. s: C - sum = 0xC6EF3720;
6 ?6 j! I3 J8 C2 A- [! d& G3 q - [6 o3 l5 M$ F% |8 `
- nlen = Key.Length;
1 h+ w+ w" F+ O6 B9 j0 @ - i = 0;) r, |. B; @4 ?8 x/ }2 e
- for (n = 1; n <= nlen; n = n + 2)5 w4 v% }3 g- b5 B8 q
- {2 u9 c: G0 q* m$ x0 ^) k
- temp_string = Key.Substring(n - 1, 2);
0 P3 m! V" l7 P. O7 b/ X7 u+ Z. P - buf[i] = HexToInt(temp_string);+ \/ g0 }) y8 N
- i = i + 1;2 O, w) e% y* E& |- u$ ]( {- J2 d
- } A! y0 w- Q H7 Z$ p/ ~% c8 y
- a = 0; b = 0; c = 0; d = 0;
! ~6 C$ r' z! h4 n( S - for (n = 0; n <= 3; n++)
0 N; n8 x4 P4 L - {
, c' y; v% _: E7 `5 ~ - a = (buf[n] << (n * 8)) | a;
! ?' o: v, ]; s0 L* U6 _$ K- U; A - b = (buf[n + 4] << (n * 8)) | b;/ D8 b1 o4 w! ~* ]. I" F
- c = (buf[n + 4 + 4] << (n * 8)) | c;+ | a, @) `+ d0 S% M j9 m7 d
- d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;
! @9 p2 E! Z7 N( Y - }; i) M4 t) Y# f7 j! H: `; J9 C9 Y
1 R4 Y* ]4 d( Q
0 {! }2 _6 R: k
5 d: L+ c( C0 k" K4 k0 R! m- y = 0;
4 X- M+ w/ V8 H% @* Y( n$ U" o$ M. `, J - z = 0;
8 T, Q' |2 j1 ]8 x, H# \( m - for (n = 0; n <= 3; n++)) [8 d- S) G3 g* }) O. |
- {
# I* v: ^3 F& |) _9 G - temp_2 = inb[n];. `: _. b' L6 ~& H$ c2 j, W
- y = (temp_2 << (n * 8)) | y;3 P1 W! W9 G" _3 O1 {. s. y
- temp_2 = inb[n + 4];
1 H6 }0 s# z. u3 X) K - z = (temp_2 << (n * 8)) | z;
% s) `# o/ t/ Q - }
0 H+ R+ W3 F$ b5 R; y - 5 j7 d7 l, o( o
- + |* T4 M& r7 m5 M- [
- n = 32;
4 I6 ]/ b9 G1 O3 H- k" k3 ^6 r
! ^; O" l8 H1 f$ [. a0 g- while (n-- > 0)4 U: o0 m @. M2 H w* ]
- {
# q+ y" j) H7 i A9 y - z -= ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);8 v% R! v7 p& `: ^" S
- y -= ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);9 L" L( n4 }' j# {) M. O6 p
- sum -= cnDelta;
. p9 w* U0 f% ]4 O7 a
- ~0 T" q" _4 e- c- }" X( f! M% A$ c# ]% j& ?3 w1 {
2 f2 h: L- {7 R/ x8 W' E0 b9 ]- for (n = 0; n <= 3; n++)
* I- d+ w0 w2 P- _; s' |/ x ~2 ^ - {
s: \" q9 Y Z) n - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);, W- m1 r2 P$ S2 @" n
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
% J8 H3 t) v6 b5 Z - }7 W+ e8 y% X d& l( H5 R* H
- E( D, n) _. X
- }
/ g0 j0 }, o: T - 8 z9 S i' W% L P a* F7 U
& R9 a6 ~ t8 h4 |- public string StrEnc(string InString, string Key)//使用增强算法,加密字符串* K* p0 ]' O" }" l1 w. t* r
- { ?4 Y5 o* a0 D4 I2 \* O
& T9 h" ?1 q8 O, G% `- byte[] b, outb;' F0 X# {( M/ b* u+ I1 ^( L1 d
- byte[] temp = new byte[8], outtemp = new byte[8];
. w8 v& p6 y' r - int n, i, nlen, outlen;
5 q( U ~# c5 H: ?) f) v - string outstring; t$ P/ {$ Y6 i; ^6 R1 C3 O
- $ U% @% U1 s4 B& R4 h: |; [
- 9 f0 S% O% L/ D7 Q* T
- nlen = lstrlenA(InString) + 1;( A" @3 h/ s: }
- if (nlen < 8)4 Y; U# z$ A6 x- k& w
- outlen = 8;
" i6 a) T/ [& t) t - else+ c, U+ M) M, W% z* [) J. U
- outlen = nlen;
) y6 z" e F8 a7 j - b = new byte[outlen];
& P! y: c' Z; U1 m - outb = new byte[outlen];
4 P4 f# J1 N4 m2 n - " m& P# ~& N s: L4 k1 h) K
- CopyStringToByte(b, InString, nlen);
" b4 P3 a. i" Z - * {1 O; r, I' j6 G9 t! Q) W
- b.CopyTo(outb, 0);/ S; `; R% `1 y$ N% }
- & W, r# [; G0 \9 L; r
- for (n = 0; n <= outlen - 8; n = n + 8)
" W0 ` b, r+ W3 ^) @1 c- S* {& a1 q - {! |0 T. N, F( Y* x
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
3 E% L8 r( y8 h" q) E/ ^ - EnCode(temp, outtemp, Key);8 E& t' u* g. v: C+ w# ] B+ y
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];. c0 k( A1 x1 i
- }$ Y+ D3 Q& ]2 J: g2 e( I
- ( O6 S8 ^- q9 ~8 Q1 U: l
- outstring = "";
" t# B( p( J- {$ V' ]& a* ` - for (n = 0; n <= outlen - 1; n++)6 h! P, ~- L! s! M& ]2 v
- {
4 ]. z$ m" ^9 d8 L" d J2 H - outstring = outstring + outb[n].ToString("X2");2 A% o4 I2 V% [& b4 o: [; C, f
- }
6 m3 ~8 W' l/ x# p+ P - return outstring;
; i& I9 G2 k7 v$ ?6 _ - }
$ f/ g0 ]% b5 v3 ]' h - public string StrDec(string InString, string Key) //使用增强算法,加密字符串
( ` E& |3 I7 u! h- g' x0 y8 y: K - {
) g/ j) V) p' J, M ^& d - byte[] b, outb;8 F1 I9 J! F: q0 t
- byte[] temp = new byte[8], outtemp = new byte[8];
0 ~2 u: G3 g, ?" \4 c! o/ c - int n, i, nlen, outlen;9 ~. o/ Z2 f' w4 F' i- k$ R* n
- string temp_string;
* U4 J* q! O- V# _/ J7 P - StringBuilder c_str;$ l: Y. ~0 O6 ]# S( t9 |) @4 ^5 C1 T
6 p$ [. h& |; O* M9 }8 S4 V% U- ; Y G b: Q/ j- u) u
- nlen = InString.Length;
) y( l( p! O) ~+ d - if (nlen < 16) outlen = 16;4 o5 }7 p& z! M( z6 t* V K/ W
- outlen = nlen / 2;
- k9 H4 q2 I" s& d2 T2 R& Y - b = new byte[outlen];3 y: H8 O4 K& {. ^8 s. m
- outb = new byte[outlen];/ F \+ g' `" T( h
U4 X0 ]8 p ?/ K- i = 0;
V0 }& C* A- W; o8 ?; ?5 k' }. P - for (n = 1; n <= nlen; n = n + 2)
3 X; j+ {4 G5 C* \ - {
. f) p) _6 B" Q7 [8 H' i* E - temp_string = InString.Substring(n - 1, 2);- I1 j6 p6 c- d/ z- p
- b[i] = System.Convert.ToByte(HexToInt(temp_string));
6 ]4 k+ c z) ~6 S - i = i + 1;" e0 G% v+ x; a. C9 D
- }
, m9 M* x' v& J9 X. L - . S# u; {" d' ^
- b.CopyTo(outb, 0);
% M- ~1 } i5 M' W5 T2 y& j6 y - H6 \6 @9 H/ U8 ^3 k+ X
- for (n = 0; n <= outlen - 8; n = n + 8)6 w$ j: H9 v& w+ {' K% n# F
- {8 |: S3 N( O+ Z. h
- for (i = 0; i < 8; i++) temp[i] = b[i + n];9 R: x0 s/ [5 `. T; _
- DeCode(temp, outtemp, Key);7 n. P) @6 i* i( Z3 `1 I8 C, F
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];
9 P5 R/ C( r: J) m: d# q - }) o* e0 k2 c7 G3 ?
/ [) g( H- {, o2 x4 v- c_str = new StringBuilder("", outlen);
$ T5 I- v; o0 t }1 o - CopyByteToString(c_str, outb, outlen);* y0 t8 Q! o7 W% x! ~
- return c_str.ToString();0 q" r% W) y; ^" V3 L
- H N, o- U9 M8 A; ]3 P5 |- y
- }' Y/ n) c- S/ ?2 t* a* b
- $ h: H1 n% @) d- \# ?3 k
% \, P+ a" x% G- }
7 v# c9 i3 O" e# B
9 w, `9 }0 ^5 ?! s' x# M) l6 b唯一锁写入Ukey: % z# M4 I2 @* I% Z6 Z$ }
- j0 C& x) M) G5 C* A 公网客户端:安装插件
2 y2 R9 _) I7 U3 R3 R5 n 多文件安装版+需要先插入UKEY
: o7 M+ ~8 J5 O4 W; A 插入UKEY
: k u H( ^4 E. e3 K8 d* v 登录成功!
2 V5 @2 w" ?4 ~ |
|
/1 
|Archiver|手机版|小黑屋|科帮网
( 鲁ICP备19059327号-2 ) 
窥视卡
雷达卡
发表于 2014-09-05 15:32:16
转播
淘帖
分享
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡