|
该用户从未签到
|
|
登录协同工作平台安全解决方案
4 v0 I, s" D/ y; c& V2 T[摘要]公司领导说登录验证的安全性如何保证,建议采用UKEY验证类似网银解决,调用第三方YT公司产品。 解决方案:
3 s4 M1 J3 e* ?, x6 @" m
前端页面: - <embed id="s_simnew61" type="application/npsyunew6-plugin" hidden="true"> </embed><!--创建firefox,chrome等插件-->
) s" `4 e* g8 U/ G - <script type="text/javascript" language="javascript" >$ J# J$ x+ x5 F2 X
- //加载皮肤
- K' B0 I0 b6 n1 g3 C5 J - var setTheme = function () {
& l4 q1 f, J( \( L6 v - Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), {4 Q4 }% ]) T5 [* J& w6 P8 r
- success: function (result) {
5 c- F3 Y" p$ m2 ^; T - Ext.net.ResourceMgr.setTheme(result);; Z! N/ K6 ^3 p6 Q- S
- }- Y. N# n4 z" r Q
- });
6 g4 _2 @9 M; }# R: { - };5 U/ s2 Q/ a) K; L# N3 ?) z9 [
- //回车出发
) }. }4 r4 x( c( Q7 ?$ p - document.onkeydown = function (event) {. P* P, K. S6 [, f
- e = event ? event : (window.event ? window.event : null);
( x0 {: d, l' I% c* I - if (e.keyCode == 13) {
x# F: v( X7 K2 r - //执行的方法 7 D$ V1 v0 e2 @! J
- //alert('回车检测到了');
; G `3 O( c2 i$ n! C0 b - //Ext.net.DirectMethods.Login();
6 z3 C; a+ i, Y9 d/ L - login();
. s, Y- m. `9 l+ x6 F& c. Y% e5 o - }
! @" y$ X# g1 q" h( c - }0 N) R( Q6 ?6 W) {
- ) y+ ^+ m0 ~' O$ q: B
- var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');! a4 }$ j; P: w8 @
- function toHex(n) {
# w$ S) {* Z+ T7 C7 ]1 Y% S - var result = ''
0 _1 R; W9 }3 ?+ _) O - var start = true;
: C6 N$ U; w/ I, T4 A, S) S3 G - for (var i = 32; i > 0; ) {
/ c8 h5 q9 o* e% j - i -= 4;
, l8 G& H9 I6 K0 [% w% E - var digit = (n >> i) & 0xf;% Z! ]4 O9 p* ]% p, R6 `" s
5 b& b# O# O, S; D4 P y- if (!start || digit != 0) {0 H" |3 D G0 d
- start = false;* b E* M- U; c% f" }" ?$ u
- result += digitArray[digit];
( ]& k# T5 O2 E: [ - }
3 e# L! ^( B$ Q- Y. P( ] - }5 `6 G0 c, L9 L0 K$ A% `. e7 |
- return (result == '' ? '0' : result);+ t0 z, i5 ?0 _8 w/ J% ]
- }) T9 O* t& L* Z" Y) S1 r
( Z) A4 X# b. @, n: h- var login = function () {+ l7 {; {" F6 n6 K1 u+ A
- var IsCheck = 'N';
7 U# t- ^$ |; S: t, g- Y$ O - if (window.location.host == "localhost:23111") {
9 K. ~5 J# G$ S$ j+ R* P8 I+ J+ \ - var DevicePath, ret, n, mylen;
0 w1 g. C# j& z* y - try {
/ h! k( ?5 P; w4 I, q" ^ - //建立操作我们的锁的控件对象,用于操作我们的锁) z% J: a7 t9 R# o! y0 }$ {) ]& y0 p
- var s_simnew61;9 l0 J2 U1 k( p! h
# k% |% z& v' [- b- //创建插件或控件
0 H- K4 Z* w- ^ - if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) {1 |5 H9 a- h( M( @9 D) v# H$ b
- s_simnew61 = new ActiveXObject("Syunew6A.s_simnew6");
' E( b7 b/ a+ b - }
. k6 q( w# V) W - else {1 p# H" T; d+ i0 e! B/ [/ \
- s_simnew61 = document.getElementById('s_simnew61'); m$ M" O, E9 F# g5 R3 V
- }2 u9 g1 N0 m' W( E) o
- ' W/ i7 g4 q( H7 a6 h, G
- $ _; n. v+ L f+ [ ], K" M
- //查找是否存在锁,这里使用了FindPort函数0 D5 ~4 T7 m1 `9 v+ b% O
- DevicePath = s_simnew61.FindPort(0);
/ I, v; I, |7 z) k - if (s_simnew61.LastError != 0) {
% U4 l9 ~1 g; X$ ^5 s - window.alert("没有找到Ukey ,请插入UKey");5 `3 B6 z- \' f/ A* a
- //window.location.href = "err.html";
! y) R9 ~5 f. _" [+ j# `: ?3 u - return;
6 [& l) U: d6 V+ C8 q# g ^ - }
; F+ m6 ]. L, e% K& k
; ?7 Q5 _; b' F9 z: c% b( T- //这里返回对随机数的HASH结果) D5 o% j i0 N+ L7 c8 N
- frmlogin.return_EncData.value = s_simnew61.EncString(frmlogin.rnd.value, DevicePath);
0 A7 M, T( Q, Y% t( I3 F - if (s_simnew61.LastError != 0) {
& \0 U2 r, }/ b3 L- |+ A" V2 p - window.alert("Err to StrEnc,ErrCode is:" + s_simnew61.LastError.toString());
9 R4 p( v& }& `5 m+ ]* N# ^ - return;, \" S' b% q% x4 [
- }' _3 p/ a8 Y( J8 k
- IsCheck = 'Y';
) S2 e1 q, g `" z0 M
/ o) t* w5 K( l/ `4 ^- H- Ext.net.DirectMethods.Login(IsCheck);
6 } e# n8 W1 a. h y" P, L - # q- z, z* _% D4 l
- } catch (e) {
2 t- O/ r+ `6 m, f" | - alert("您在使用外网访问:" + e.name + ": " + e.message + "。可能是没有安装相应的控件或插件");# z; g c1 j& C; `$ S# q
- }7 b" M9 y n$ C" Z* [3 a/ B
- } else {# G2 e& F% A) N: e
- Ext.net.DirectMethods.Login(IsCheck);
% n+ |" j4 {5 z2 Q! Q9 B: m, _9 a - }
: V, Z9 J8 ?5 D
9 D$ D# e9 F8 P4 C" w- };) z1 d( K' C7 r* N" @: ^
- </script>
' t' D. B# A) V4 K - <script type="text/javascript" language="javascript">
; B: G- y7 a3 C2 j! I& V - function reloadCode() {5 w: }$ {- i! j U" D/ c! Z- p& x
- var obj = document.getElementById('imgCode');
4 G& ` w+ e& s1 j3 z - obj.src = "VerifyCode.aspx?";2 Q5 K! _# M& s0 A) {0 a7 k- z; ?
- }! e+ K. q' ?' @ ~" G% j9 L8 p) J. ]
- . A! o0 V T0 c" v7 ~" T n" B2 N" K/ K
- </script>" y: U( O( b* A" ]! n# K1 D3 G
- CS代码:
( c& q! x8 l6 w6 M- p! R - SoftKey2K ytsoftkey;
1 }+ n! m" a* a - String KeyPath;
* |# z% Y8 A& [ \- N) v$ @! R$ M - private string _randomcode;& \( ~+ p; R/ F0 S' L; I7 x
- /// <summary>" b# w0 ~9 T6 c) O2 T
- /// 随机数
- n- a5 u5 z g1 h - /// </summary>
7 n; ~. A3 l7 O0 |6 k - public string Randomcode5 E; c# ]% e5 u7 K- Q
- {! h' z% B* U0 c; M$ M% ^% J9 V3 D
- get { return _randomcode; }
4 `8 T! }% P- r, M( D - set { _randomcode = value; } ]( [, R4 D0 T# o+ W7 s& o. _
- }
4 K5 z: I; K V0 Y1 Q1 y5 c - protected void Page_Load(object sender, EventArgs e), o0 P% e/ |% F Q# f4 C$ _! p. Z
- {9 r# @9 {0 L/ b# i e1 X. c" i
- if (!IsPostBack)& B" X6 |' ?: X5 K/ B3 D2 F
- {
: i8 Y) J. A' p7 F - System.Random random = new System.Random();% y' `+ o, I, S$ J0 o# V
- Session["rnd"] = rnd.Value = random.Next(0, 2147483646).ToString();: T# H& m4 c0 q
- Response.Cookies.Add(new HttpCookie("CheckCode", ""));6 ~, s5 w: v( Z0 ?: G1 g# _
- }
! N4 v( V4 D: Z- h! f - }
; I6 G5 E9 v, V3 X$ A4 n! |2 `5 a3 T - 3 X9 s9 a- e5 ` k
-
M5 u) t8 g' {4 O8 C$ [( |7 F* e - [DirectMethod]
1 s) `! r f8 e4 \& ^+ J! O0 b. u. l$ y - public void Login(string IsCheck)8 N0 b' O: L; h d# r/ c( C1 z% Q3 Z
- {
6 d2 b8 @ |& C, A; W - Check(IsCheck) ;
! P( K% n( G. a5 R* g9 F - ( |# c$ B% e! P/ H9 o' |
- }5 x4 S% v H- q) q- N9 L2 V
- /// <summary>
* h( l; M+ Q$ R. e - /// 登录验证5 [4 |4 L: w2 e5 W% t- k+ Q
- /// </summary>. x# ?, J: b+ X
- /// <param name="IsCheck"></param>
: v) o6 s) v$ Y - private void Check(string IsCheck)
6 N, X4 w8 K) R( Q4 u! k - {
$ W+ ^" [% G- [) ]8 [ - if (Request.Cookies["CheckCode"] == null)& ^' Q b+ N$ T- ?8 C+ H. c
- {. J( P3 |& j4 {! w0 K6 y" `
3 r" z2 G% u! x: D9 L- Notification.Show(new NotificationConfig
/ s% A3 G3 r( \% ~: J" l( |4 a - {
9 k! L$ p- ]6 J. o* j( c+ T - Title = "提醒",
$ i: i# J3 v0 i. o - Icon = Icon.Information,1 l4 `: H' F# H0 f$ {- p6 O7 O
- Html = "<font style='color:red;'>您的浏览器设置已被禁用 Cookies,您必须设置浏览器允许使用 Cookies 选项后才能使用本系统。</font>"9 y" @! @* a. |. v
- });% _4 U+ S5 F" f1 L& ?, u
- return;
5 i) g3 T3 W5 @" F - }- z, o3 e t* K: a
- //验证码比较 y5 Y! H6 ^ F. V }) N S
- if (String.Compare(Request.Cookies["CheckCode"].Value.ToUpper(), this.txtVerifyCode.Text.ToString().Trim().ToUpper(), true) != 0)
% r$ Z( l, \( F' p9 t( j - {
2 d; t Q6 |& ?2 f5 k- u. Y - this.txtVerifyCode.SetValue("");
! z" s4 o" ]$ J9 ^! }, O - Notification.Show(new NotificationConfig- s+ ]# P5 n7 m( \; _
- {1 _. x! w* e7 t
- Title = "提醒",6 U# d& t1 O9 v- w
- Icon = Icon.Information,% i" r- f) A% C8 K. n( V
- Html = "<font style='color:red;'>验证码错误,请重新输入</font>"6 Q' F$ O& ~3 y8 J! p
- });9 s4 `6 Y% T U* R
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");( \3 C V' P' K9 u- C
- return;
0 e7 B% O8 Q# l2 C' n1 D1 C6 C
6 P7 M0 k+ j( U8 a1 ^2 U# o- . I9 S4 i# g7 @9 D. o9 c
- }+ q( @9 E \6 K$ L1 l; @7 h
- else" C5 ?, @! N: E; w& w
- {
" I1 r& r- z$ r" T - Utility.MD5 md5 = new Utility.MD5();( N3 P0 B4 x0 {% y$ F L
- DzPlatForm.Model.Users user = new Model.Users();
& `4 U0 ]/ N# `& m9 i1 w - user.USERNAME = Utility.Baseclass.SqlFilter(txtUserName.Text.Trim());//过滤危险字符
$ g( I, \- {- u+ T6 z! S - user.PASSWORD = md5.MD5Encrypt(txtPassWord.Text.Trim());// md5.MD5Encrypt(Utility.Baseclass.SqlFilter(txtPassWord.Text.Trim()));//密码进行加密
; z9 P7 y$ O- M- Y# l
- U3 A5 H+ x% c( f [- string sql = "select * from [users] where id=1";
x$ U6 c, p. B8 m7 n - DataTable dt = DbHelperSQL.Query(sql, null).Tables[0];
$ s- k! x9 e& u. N. W4 I* ~2 Q
$ ~$ P6 v4 H; v3 A. x: l4 B" T- DzPlatForm.BLL.UserBLL usermgr = new DzPlatForm.BLL.UserBLL(); }4 R+ M' o" ?
- string UserId = usermgr.LoginCheck(user);
8 n0 C% o) ]6 U; J, |
C" A2 ^9 v, Y9 K" x: w* V" q- if (UserId != ""); C% L( |& ~# X O! x. Q
- {
6 V1 U8 y [) i+ _( X t8 }3 i
4 E8 t- o8 `8 M: f1 w- Model.LoginLog lg = new Model.LoginLog();! k) p/ c! P! f, P6 P
- lg.Name = txtUserName.Text.Trim();! ?9 h6 A" \. [$ f& o
- lg.Browser = Utility.IpBrowserHelper.getBrowser();
3 F( D2 j* p) r" }1 u8 n8 \& J4 D - lg.Ip = Utility.IpBrowserHelper.getIP();7 \6 b+ j0 f0 t8 c5 s
- lg.System = Utility.IpBrowserHelper.SystemCheck();
5 T, t& \4 j* Y' [; M - BLL.LoginBLL logmgr = new BLL.LoginBLL();+ Q+ l M5 E. y7 n+ B- V
- logmgr.LoginInfor(lg);
) r0 _8 @0 H' |( `* r - usermgr.Record();
- e6 }# n. d+ L- V - % A) d' k" b( R; C. G! f" C* D- ^
- Model.Indentify idf = new Model.Indentify();
' b/ T* u- l) \& w - idf.Userid = int.Parse(UserId);0 f, C9 r+ H- u7 o& `8 w" L
- BLL.IndentifyBLL idmgr = new BLL.IndentifyBLL();
7 A0 {$ _4 i0 L% N- s( ^ - idmgr.GetIndentify(idf);) U8 z; ~ L* u9 G+ s+ m, C! r7 T5 _0 ^
- Session["userid"] = UserId;7 P4 ~. B2 w0 d/ A5 `& P) k- }
- Session["UserCode"] = txtUserName.Text.Trim();6 Y! z$ G. B8 N- q( m
- Session["UserName"] = idf.Name;
% z0 y2 p1 Y& n) o& ]: Y - Session["utype"] = idf.IsSystem;
4 F3 x4 W: i; T0 M: t( T- v' B4 p - Session["uip"] = lg.Ip;& a$ R' ]' Q y5 f6 x
- . l0 _ g$ H/ C( _8 c0 |/ } c
- - O+ ]+ M5 f1 A4 q' K% C5 x+ _/ C# e
- //X.Msg.Show(new MessageBoxConfig/ i; {# J4 e* Y* M" j. K
- //{' K: `3 U: x( f/ S+ }+ {
- // Title = "请等待",
: F ?/ r. e+ b - // Message = "正在加载项",
# m2 T7 A/ I8 U# c - // ProgressText = "初始化中...",9 O# W+ P3 u+ Z# @/ E
- // Width = 300,
4 C% ?+ `2 X6 d& @, D- v; i - // Progress = true,; Z7 ~5 @, Z1 k% `
- // Closable = false,
) n$ m. D, q' m3 V- }; t - // AnimEl = this.btnlogin.ClientID
i0 M- I5 `; U: L7 g - //});2 E. _9 I4 i9 s9 ~' D
- 9 T; w+ B$ ?* f. U( X7 w! ~
- //this.StartLongAction();
! s/ v0 Q" L! Q - String strData, m_StrEnc, Key, Flag;9 I) @8 b3 e0 D8 I- Q! S; e |
- 2 E& O v1 @- }' {% Y2 w
- Flag = IsCheck;
# D6 ~" Z7 ], U+ s% p- R - //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致" f( y$ u0 Q6 b8 \0 i; G
- //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值! o o# X4 u! h2 `& H
- // Key = "1234567890ABCDEF1234567890ABCDEF";
+ M+ [! _: H1 E9 ~) r: s - Key = idf.UkeyCode;
1 K3 r7 _8 R- ?* S - //strData:要进行加密的数据% K( f5 i& P: Y: ]) u) w
- strData = rnd.Value.Trim();//Session["rnd"].ToString();$ i, M; I* R0 y/ j" P8 _( a# q& b2 M
- //'在服务器端对数据进行加密运算: o7 H0 X" ~( B
- m_StrEnc = Global.m_softkey.StrEnc(strData, Key);% [ Y1 }: x- m8 `2 n( z
- //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证
9 f) [. z6 L$ \4 x( D$ }0 a/ ~" F - if (Flag == "N")//内网不需要比对+ n& U; r* a2 H! r
- {
5 x* M) T$ M: x - Response.Redirect("Index.aspx");- J) s7 C6 D! i6 g9 k5 F+ Y
- }
2 G7 c" Z6 P/ D0 e - else
; p3 v, Q! K/ X8 i! ?. _- ^/ A - {5 ~7 g3 r% K; z+ D0 g+ J6 K
- if (m_StrEnc == return_EncData.Value)
0 b+ y8 F& Z! ~- q7 `, w& G. d - {
9 q1 W3 T p# z' |' g) b( H0 H0 w - 2 A4 @' g1 o+ `! e, C
- Response.Redirect("Index.aspx");, [" e1 X1 h5 d' s7 q8 x
- }$ U: _1 n4 o) l; K6 @1 H
- else! ?8 s' H2 S) _2 U+ d: j
- {
: A$ z# o7 ?0 D j* _0 e - Notification.Show(new NotificationConfig e& C0 M0 y8 G2 J! m" i8 f
- {
3 v4 J4 C. {! F! V% c) @ - Title = "提醒",
) j3 D- h1 M) }% {1 _) K - Icon = Icon.Information,
0 r$ f9 f6 s& i) t/ T7 c; s% y - Html = "<font style='color:red;'>该用户不是合法用户!</font>"& p3 [4 q6 p- V$ O' ~
- });2 J- @: U$ J9 Q9 G! Y+ V. {: N
- }
% p7 W2 g/ c" t - 7 i% R2 g, y3 ~$ Q( K; S
- }
7 \4 k! R0 ?9 r - ) h1 t& r0 Z- p2 @0 v+ }
- }8 }$ g* @; ?/ a0 Y
- else
& b3 K# C* @/ @9 z( j1 Q5 K3 \ - {% e; P) z% Q3 ~3 I
: V1 o- ~" v2 {# c& \- Notification.Show(new NotificationConfig
% B2 ~) h, m( I - {/ T4 }6 ?" n7 Z/ q. F& T" I+ Q
- Title = "提醒",) V( X0 w& f/ r9 q& e( J+ k) l N! f8 F
- Icon = Icon.Information,5 d( s# U' ?, I5 z3 m7 {
- Html = "<font style='color:red;'>帐号或者密码有误,请重新输入!</font>"
- p: }+ P0 W" Z% i a0 u! e P
! g4 B. y! n! T9 G( W$ f- });8 f9 \. M N. y) X# V7 I7 E
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
8 U0 G: M" G) M( Q - }# s; f+ s$ W! o8 N, X& ?- `
- * J" ^1 [" `0 I+ S, x% ]
- }2 T% l/ P! z- N) ?! h; ?
- }* J* }/ l, s! [8 A! I0 u( x
- /// <summary>) a* d+ A8 i. j. a5 r( s: P" n+ ]
- /// 开始计算任务
4 u4 A# H. J0 j4 i( p - /// </summary>
/ W* Q4 _9 `0 X - private void StartLongAction()- A1 r2 Y3 V) c- M* M: k8 ^5 a
- {
5 f' m; G, R W9 j1 Q - this.Session["Task1"] = 0;4 z& c+ v. e$ \- q+ w" }$ I/ F/ ^
- ThreadPool.QueueUserWorkItem(LongAction);
# G* N$ V" R5 f G1 D' h" c0 |
3 \5 Y7 ]3 t4 L- N [; x7 I- p- this.TaskManager1.StartTask("Task1");
. Q& [1 L* n+ W* t$ S( a0 I - }
8 A; u: z: w4 _9 a - /// <summary>
- ]8 G# n- w) m4 s8 h - /// 计时器5 u9 O& a K/ h& q- a$ [& h
- /// </summary>
7 v& a( z; P8 Q% L% @) b/ a - /// <param name="state"></param>
( n+ u" c) s8 b) A7 U - private void LongAction(object state)
, { {2 Y u, y2 b9 M- D7 L- F - {: b. [5 h& _1 u/ q
- for (int i = 0; i < 100; i++): e2 [2 n+ b2 } |
- {0 d' S1 |( c( Q% A" o
- Thread.Sleep(10);4 k' ]+ g' ^6 B7 k
- this.Session["Task1"] = i + 1;
2 I7 P3 E% d0 t3 o - }3 v, W! N3 Q) Q
- this.Session.Remove("Task1");$ Y; H: @3 {8 P9 i
- }/ Y. F6 {+ |5 R! }- `, O; p
- /// <summary>
! f( w+ i5 V7 _( e - /// 刷新进度条
5 G: ~) `1 O! u9 }7 Z6 a - /// </summary>8 `4 ]2 i6 N5 @( Q
- /// <param name="sender"></param>( M' A0 I* m0 F2 Q; ?! w
- /// <param name="e"></param>( L) |, {' w& g
- protected void RefreshProgress(object sender, DirectEventArgs e)
; g' K' N8 p, c0 n5 P6 Z - { j! x( r) a7 _" F, P. g" L
- object progress = this.Session["Task1"];, V+ ^/ Q* H8 b) k4 C+ t3 N1 Z
- if (progress != null)1 i, K+ g; y) ^, w5 U X1 ?( T
- {
7 `7 ] z2 `. W, \+ \ - X.Msg.UpdateProgress(((int)progress) / 100f, string.Format(" {0} % {1}", progress.ToString(), 100));
9 l( ]# a) j; @% a8 g - }
, W6 t+ H& ^* c* Q - else: W, }9 ^5 L/ [! S! f- T
- {
, @( h: f3 j8 t2 E$ K - this.TaskManager1.StopTask("Task1");( @4 N0 Y$ L2 k. }$ M
- X.MessageBox.Hide();* V7 G6 d1 s8 S4 a4 ]# j
- Response.Redirect("Index.aspx");
# a! z6 k$ f1 K' S - }/ \3 m$ F) d2 q& Y( f+ `
- }% r8 h0 P) N7 H
- /// <summary>
, T2 a4 g8 r: Z; N6 \& ?# T - /// 更换皮肤
3 l- T( _% [! D8 W6 A - /// </summary>
0 _$ L- \" D F$ s! g0 |2 u - /// <param name="theme"></param>+ N0 r* I+ K; u# O& ^4 ]
- /// <returns></returns>
8 U4 d+ }) S0 H/ m+ P: @! k) \2 x - public string GetThemeUrl(string theme)
$ F" j; ]3 s/ \' I - {
0 m- s' f5 z. U d2 N9 ? - Theme temp = (Theme)Enum.Parse(typeof(Theme), theme);5 O% r. Z+ T4 s0 D0 _
- this.Session["Ext.Net.Theme"] = temp;. r+ V! V0 g6 [+ j3 u7 y4 U
- return (temp == Ext.Net.Theme.Default) ? "Default" : X.ResourceManager.GetThemeUrl(temp);* Q. O! I2 D4 |; a5 q
- }" G+ v7 x. G5 b' p) p; _
$ a- ^6 i$ Y0 z3 x6 @" D- }2 y m) N5 v2 q3 Z5 X& U
- 0 I" U. P7 }/ v
- 服务端代码:Global.asax' s" O( m& S( D# R9 A) i9 T
- public class SoftKey# b. [3 _9 D3 O, H! U
- {8 o* u# I& h( z9 o6 X
- [DllImport("kernel32.dll")]7 _. H+ p* T( z2 W/ R$ I
- public static extern int lstrlenA(string InString);; {0 V u) n4 z9 P6 `& j
- [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]
) [$ l5 Q8 d. o; ?9 P% n - public static extern void CopyStringToByte(byte[] pDest, string pSourceg, int ByteLenr);7 B' A& ]) \: i9 A3 Q4 W; K% t
- [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]. ]/ r1 e( ]2 ~
- public static extern void CopyByteToString(StringBuilder pDest, byte[] pSource, int ByteLenr);
M. F7 l [$ {" L. t. i/ | {& C1 | - ! `' x1 \1 G1 C" j) V
- //以下用于将16进制字符串转化为无符号长整型
" a1 d9 o8 A! ~3 l - private uint HexToInt(string s)2 c( n6 m% t2 C& @% l% z3 O( r2 t
- {8 J8 N+ E- k. v6 x- r9 O
- string[] hexch = { "0", "1", "2", "3", "4", "5", "6", "7",
7 e+ E8 |/ G3 Y" j0 r# s - "8", "9", "A", "B", "C", "D", "E", "F"};! ?. c+ J1 q+ a7 S3 W) \
- s = s.ToUpper();9 l, U3 n" T& j! G* S
- int i, j;
C6 d0 B9 \ H3 G; b3 Q) w" \ - int r, n, k;/ K$ ~9 }3 ?; w# l
- string ch;) T( `6 {" e* z. E) r: S, U L
! ^! J, ?7 u7 @ c4 N0 j- k = 1; r = 0;
& ~/ z' b/ P" @8 X1 @( { - for (i = s.Length; i > 0; i--)
; z# Q/ P% _: _, D - {3 u% u0 B9 V0 w3 a
- ch = s.Substring(i - 1, 1);
8 S* b: |/ b- p }! \ - n = 0;
6 b+ D3 v' p1 \1 O/ X( X - for (j = 0; j < 16; j++)
7 u# Q4 p2 t5 `' \7 ?9 `6 a - if (ch == hexch[j])
2 S: `' E) }3 ?: v+ g b. o" L0 q. p - n = j;
, x/ l; a& B I3 c" v& b* ` - r += (n * k);: H' i6 u" D: X f% a0 s
- k *= 16;
! c' s8 D6 A; ]* K" o - }" h- Z1 \! A! f- B* L( H. j
- return unchecked((uint)r);
+ y2 m% }4 q, B1 D: M2 u, y' I2 S - }
9 ?+ N2 U2 t7 O- e$ s% i
. D& F7 t5 N* }- : Q2 g& }+ z* _- ?
- public void EnCode(byte[] inb, byte[] outb, string Key)% Q/ x" L; r& p# }- S5 E
- {7 x7 Z" d+ Y! K' S* U% [
; F! W! T p; [2 |! x2 n- UInt32 cnDelta, y, z, a, b, c, d, temp_2;2 I, p; T& V+ M/ @6 R4 D
- UInt32[] buf = new UInt32[16];
& Y1 W% O( I6 I - int n, i, nlen;2 y; y3 @9 D7 @ k2 X8 ?
- UInt32 sum;6 n( S% S4 ~4 I: ^
- //UInt32 temp, temp_1;" Z. Y8 v+ z6 q' `0 r7 N! f1 i8 N
- string temp_string;5 k9 k8 N" b9 L0 p4 p9 W9 l& E
# T% u! X9 R6 s2 i8 ]! U8 L3 R
! H7 Z* p5 ^1 O% [1 v- cnDelta = 2654435769;
* k& [5 `3 p- J7 |5 T0 W - sum = 0;
2 J2 c9 D# g) G; P$ N* F3 g" q
0 A9 q+ g7 t7 L9 ^- nlen = Key.Length;# ^0 l9 l; I" t6 h2 |+ `( v9 d
- i = 0;
E; r: p i7 q1 Z0 ~' W - for (n = 1; n <= nlen; n = n + 2)
9 v! a& j4 G$ s0 d7 \ - {
) C; R2 R, ^' l1 `, A - temp_string = Key.Substring(n - 1, 2);0 S. H1 @$ g6 ^* S y
- buf[i] = HexToInt(temp_string);3 K/ w5 O) [6 e
- i = i + 1;# M9 K/ o! u' g7 i" l" P
- }2 A0 \8 a0 D7 c* W" W
- a = 0; b = 0; c = 0; d = 0;
; `5 f6 ^5 i9 ^" w% a - for (n = 0; n <= 3; n++)% d, G3 Y! u0 l7 s
- {
" R$ |" h, l9 u- K" M# B! } - a = (buf[n] << (n * 8)) | a;
$ J; u4 t% b, ]0 v+ c/ e+ a3 K! e - b = (buf[n + 4] << (n * 8)) | b;
- f! C5 W b" f- E - c = (buf[n + 4 + 4] << (n * 8)) | c;. P+ N# l! V' p! U
- d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;9 b5 l* ~5 J' |% ^
- }
) x U& z# t0 {6 O+ Z: w6 i0 G0 @ - ( ] @ o) b. H# D1 P) W, K! H
- + u% t4 `5 y& W* b. C
: W' n9 t" a4 j* D+ @: b3 l- y = 0;- m9 \0 e% R' N6 R& ^
- z = 0;
5 C$ R- Z& D% | ] - for (n = 0; n <= 3; n++)
5 A$ I: W+ _' C( T$ w - {
/ g! t! ~ G" C# D# N! v0 F - temp_2 = inb[n];
/ p+ Z9 h: x/ R - y = (temp_2 << (n * 8)) | y;
' F6 w3 U6 o1 m9 N' p% B2 | - temp_2 = inb[n + 4];2 p- h) s6 U3 l6 [' [. I
- z = (temp_2 << (n * 8)) | z;* A9 I* k. n, z8 R5 d
- } N8 [& @+ h' t
- " w' Y1 q2 y; K5 ~( `
1 q/ T* M `9 F. ]9 P- n = 32;
) V) u3 `0 I. n5 }2 ^$ U - 6 E# _: F. B s J
- while (n > 0)
8 v6 w q3 b+ }% D: R. V - { I% g3 O1 D h* S6 A3 y
- sum = cnDelta + sum;6 W/ b6 A) @$ i' I7 e* M
! T- P" e, T2 G- /*temp = (z << 4) & 0xFFFFFFFF;$ Y0 @( N6 Y2 S6 D0 J6 J% ~
- temp = (temp + a) & 0xFFFFFFFF;6 o4 b; d& |& S1 U9 W& W
- temp_1 = (z + sum) & 0xFFFFFFFF;
$ p8 T4 X6 W' L; b - temp = (temp ^ temp_1) & 0xFFFFFFFF;% b8 P$ t& s# v' k! ]% m+ O
- temp_1 = (z >> 5) & 0xFFFFFFFF;4 w" t$ k# }8 q
- temp_1 = (temp_1 + b) & 0xFFFFFFFF;" D3 O1 R0 ~! i7 `0 `" b
- temp = (temp ^ temp_1) & 0xFFFFFFFF;
* u6 U, Y# k. K- l1 z' } - temp = (temp + y) & 0xFFFFFFFF;
* M2 j$ b4 C: n" P r2 ` - y = temp & 0xFFFFFFFF;*/
5 t* t1 p, z; n: H- Y B& w - y += ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);: K O; G* \8 O) d' S' o
- + h& |4 r5 ^& l0 `. q9 N. p
- /*temp = (y << 4) & 0xFFFFFFFF;" E3 e6 d4 N% z2 R* o' _
- temp = (temp + c) & 0xFFFFFFFF;! O! H: B4 I+ g; | x
- temp_1 = (y + sum) & 0xFFFFFFFF;) a- E6 S2 t* y( ^
- temp = (temp ^ temp_1) & 0xFFFFFFFF;
; n% t, _. [( S - temp_1 = (y >> 5) & 0xFFFFFFFF;% l' d+ E) ^7 `1 g
- temp_1 = (temp_1 + d) & 0xFFFFFFFF;
! x! T" T" }- N, K: H- v - temp = (temp ^ temp_1) & 0xFFFFFFFF;
0 O; ] E1 f2 R+ k - temp = (z + temp) & 0xFFFFFFFF;8 u& `. S; O, E3 Q5 F0 e6 ^, ]
- z = temp & 0xFFFFFFFF;*/
5 o9 G0 z. w$ e5 _( E0 I: z+ i! h - z += ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);
3 i) {- |; N: r- I: i - n = n - 1;6 @1 k( \' c* I: U! Q
- , S0 F" T8 G% R7 r& q+ |
- }( X3 L* N- ?% ~- ?+ J8 G. C
|+ r( z h" \0 a* t- for (n = 0; n <= 3; n++)
0 m! n* K/ _( D/ P2 E - {
. i1 H9 `$ `5 n" g - outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);
& q3 ]& |& ^9 q7 Z$ Q& K - outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
; l3 _. `- o1 G; I2 x - }
$ ~/ ^% T, m4 ~; m! r& j0 x4 C% J - 3 M. o8 J/ D: M+ O, k: U# E5 w" A, T
- }
5 ~! A( X0 o+ N! r
( ]1 d6 K$ N0 [/ a- public void DeCode(byte[] inb, byte[] outb, string Key)
, V$ F. U7 \* C0 u: l; g - {, c9 n) i1 H- q U7 D
7 ~7 r1 l# C+ S2 n6 X% t7 ?- UInt32 cnDelta, y, z, a, b, c, d, temp_2;
8 H& c+ `7 `, Z( x - UInt32[] buf = new UInt32[16];# h- |6 l7 o* u/ ^8 U
- int n, i, nlen;" C, a9 N' {7 a1 d
- UInt32 sum;
7 w/ [6 z( h- l" _; b5 K - //UInt32 temp, temp_1;% {4 q: d% g2 ?! [3 V
- string temp_string;# y" f( H3 ]( K9 S. u/ h* s
/ x* h* K0 ~1 X$ ~1 G! [- 9 r8 O% P' ]' m" B# r
- cnDelta = 2654435769;
# H& v3 v4 y5 [( Y; r- F - sum = 0xC6EF3720;
/ t+ v, j2 E9 g6 j3 m6 w - 3 z( W+ z" n r
- nlen = Key.Length;
6 e* ~" H/ Z5 U3 ], d- i3 i - i = 0;
7 r" \0 H* V0 K: Q/ r; x+ K - for (n = 1; n <= nlen; n = n + 2)
3 p7 s6 k; o7 R2 o5 J5 o) H+ ^ - {
/ I4 u% U' [; A% O) ^# e/ C" ^ - temp_string = Key.Substring(n - 1, 2);
% [* S2 Z* u' ? - buf[i] = HexToInt(temp_string);! ~; L" s+ w# K! _" |+ l
- i = i + 1;: B# |3 W% I& {/ R4 q) P
- }
* b, l) H2 A: j! n. `6 _ - a = 0; b = 0; c = 0; d = 0;& B: h( ]2 K6 S# v
- for (n = 0; n <= 3; n++)# M. u O4 _8 ^
- {
( n$ R' h8 ]/ b$ M - a = (buf[n] << (n * 8)) | a;3 J, G# D6 ~2 i6 p6 b+ g3 z
- b = (buf[n + 4] << (n * 8)) | b; H0 v3 w% U3 {; d0 W
- c = (buf[n + 4 + 4] << (n * 8)) | c; Z/ T, R3 Q' k3 q! T
- d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;" }, z3 Y2 X8 d% B9 e L
- }
. m J2 @2 b, V- F - + R' N5 O/ ]7 Z" H: D$ w# T
5 {' c: S6 Y2 G1 a1 Z- ; `- n7 Z% f: G0 r
- y = 0;% e5 k* ?0 { u2 O3 b
- z = 0;9 V# v! B) ~; F; v, L9 n- P, r
- for (n = 0; n <= 3; n++)
$ I2 m) z# H7 e, |: Q - {
# }7 `1 q, O f2 ^3 b - temp_2 = inb[n];
$ Z6 ?4 o- J2 X% h% m) ^& G6 C3 \ - y = (temp_2 << (n * 8)) | y;( H5 x, c- G& ^2 d* }5 }+ t4 I
- temp_2 = inb[n + 4];3 _! a: G, O0 V; Q# P: @
- z = (temp_2 << (n * 8)) | z;9 P( d# l8 s; g
- }% J! ~& `" A) ~* L U) \
- ) L# y8 v/ b/ p+ v& {- |1 L
8 d/ V, h4 e. k& ] J" W6 M- n = 32;
- [* L% ?* v* B; I7 Q
& h0 H2 S0 ~4 t) g" q/ T1 i- while (n-- > 0). d) g# e" m" m/ S* i
- {
" G6 N! @& |( ? - z -= ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);; [, h( m: t2 @) c+ ^
- y -= ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
" a1 O8 p: G7 }2 e - sum -= cnDelta;
& r+ f% P" K, s- \4 Q - 0 ?( d" I( M/ o% v0 r
- }
" z8 ^; N M! \: |( P$ U
' J2 n4 T8 h* W2 A7 U/ m- for (n = 0; n <= 3; n++)
8 u& ^6 o# }, ?' A3 t - {: t. a6 I2 F1 g$ G/ c( E
- outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);3 L' M9 P; ` X- B& O* D* K
- outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);1 Z$ K5 [" U" Q/ c9 k2 Y4 f" A
- }' w5 x B' t7 }* h* J& z' c
- 6 {/ x0 U* Y% ?4 |6 s/ d# t
- }- p& [/ L4 ]6 \" v
! g, d( `" S( y8 B# x5 Q' m- 3 F- E8 Z: m7 u( ]! x
- public string StrEnc(string InString, string Key)//使用增强算法,加密字符串
) [' B" b5 |/ w# b- S, f - {
: F3 u7 _1 x; c& A
, |, r2 y/ W$ H$ [ M0 d- byte[] b, outb;8 q& X' }0 b5 e, O
- byte[] temp = new byte[8], outtemp = new byte[8];
! J' k3 h, d/ A4 b( W% ^: X* q, P - int n, i, nlen, outlen;4 h9 b6 @- H( @. I) Y5 @2 t
- string outstring;
8 _) t1 e+ T1 m8 l1 o
6 p" f8 F( d" V8 _( \% m- + q/ j! o% @! ^6 p. O. _0 _
- nlen = lstrlenA(InString) + 1;1 D( M+ f" y9 m( f0 H4 N4 K
- if (nlen < 8)
6 y/ H- E6 J% h3 Z - outlen = 8;
$ D* i3 c& S8 f" r - else8 i- J& k6 L; b! m( _
- outlen = nlen;
5 O. ^7 L4 p6 c* j - b = new byte[outlen];- K+ T9 e8 u3 Q' _' M% }
- outb = new byte[outlen];! [( b5 e& @/ @0 K: W# O
- : Q2 U7 a( u$ n4 L: W* p3 w# L
- CopyStringToByte(b, InString, nlen);
1 c1 g( L6 h/ M3 n4 W8 e) L - 9 H! E9 }; X3 W( A2 H' d- N+ o- V$ i4 I
- b.CopyTo(outb, 0);
+ c* ~" k2 `) \' M, A- g
7 N" ?% z! S' @2 w- for (n = 0; n <= outlen - 8; n = n + 8)! Q1 W7 Y. A8 P2 A. N, x
- {1 }# B/ x+ M5 `6 k; U) u+ C& Y- V
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
* P. r% E# D1 K6 f( Z$ U - EnCode(temp, outtemp, Key);
- ]7 H9 }( I5 l+ } - for (i = 0; i < 8; i++) outb[i] = outtemp[i];. O' E$ L4 i2 H' {
- }8 k4 g! I. ^( ~9 a$ I! a8 m
+ `4 G+ R1 U& t0 {, J) \* S- outstring = "";
! s* v3 X* ]0 }1 `$ f - for (n = 0; n <= outlen - 1; n++)
( }$ r* p' p. }3 D: f' @0 C6 _ - {, Z# r K, M5 U
- outstring = outstring + outb[n].ToString("X2");4 c; d1 ?4 o3 P+ Q
- }
; _5 H8 A8 x, x. [. ^- v - return outstring;
0 q% E6 M& G( B4 k. K0 o( s2 E - }9 s$ ` D- G" W" e1 V! f5 \
- public string StrDec(string InString, string Key) //使用增强算法,加密字符串7 `! E1 ~" n; p& j' K
- {
) p1 b4 |" D% @. e3 \ - byte[] b, outb;
, d l( Z: L+ }4 P - byte[] temp = new byte[8], outtemp = new byte[8];
2 Y! I4 D) G) }; X1 q7 A0 R - int n, i, nlen, outlen;5 D4 l2 U: Q5 I7 G! R) ] T
- string temp_string;9 g' s" G9 A0 m& ^$ q- p. C
- StringBuilder c_str;
1 m$ X' ?( Q$ }- U. ^1 T
+ t, j. w! M. d# p; x" k0 a" L- / d2 R* q, j; A( q- v& f
- nlen = InString.Length;
2 @' ^4 R7 C% t+ J- n; U, ~8 A( | - if (nlen < 16) outlen = 16;
& Q9 }) N" E) k- b - outlen = nlen / 2;4 A0 J) Z2 c+ P( |9 I
- b = new byte[outlen];8 ~4 j2 K+ U3 h8 R4 C; }
- outb = new byte[outlen];
5 ?' u8 J) f0 \ s/ R - 5 k- t; X) f" ]+ q. e. b
- i = 0;; t. O2 P4 \0 y- R# q; i: ?
- for (n = 1; n <= nlen; n = n + 2)
& ?9 j4 S9 [- \0 v0 y P% r - {6 y; f% q& M% e9 \
- temp_string = InString.Substring(n - 1, 2);) e! O! ~; `# a. Y
- b[i] = System.Convert.ToByte(HexToInt(temp_string));
5 _# S2 d- w% i2 i+ ~( V- y - i = i + 1;/ V8 D/ L3 @. U3 k: z/ R
- }
1 u5 C1 q, |5 Y v0 Q
- _+ J: |9 w8 ?- S B- h- b.CopyTo(outb, 0);. ?* W9 e( J2 Y6 Z( n: |4 {3 o
- ( f# x/ c& F: o. i! f+ B
- for (n = 0; n <= outlen - 8; n = n + 8)
8 \0 U+ E3 j9 R( M0 d0 x l - {' M/ i% l. u; J9 o$ l0 ]1 d3 @
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
/ }1 ]3 j( T4 z( v5 e - DeCode(temp, outtemp, Key);
* i* X) S- v* S' Z - for (i = 0; i < 8; i++) outb[i] = outtemp[i];8 n3 _7 q$ j+ |- u2 k8 w @
- }" c N6 @7 A$ Y7 Y( w! o
S) E" b ?" T$ e- c_str = new StringBuilder("", outlen);6 ?2 r1 o! W; F9 s0 e- A, ]4 R( T
- CopyByteToString(c_str, outb, outlen);
. i L' ^; J4 H4 Y' G* \) b" p - return c_str.ToString();# a% i: U0 P7 \$ l8 a
. [% }8 G- f- ~+ g' l- }7 E9 r% F1 ?4 u2 r+ D5 ]
& ]* o2 |! r5 `- P* y7 P. T- 0 {* l4 p( F4 [7 A+ c2 X- H6 `
- }
) e' C' l% B! H r# x6 L
! x9 k/ l, w$ s* Z! H) A2 Z唯一锁写入Ukey:
4 ~& t4 F4 r- [* s( I
9 l1 g3 J5 [8 S' Z! L' P
公网客户端:安装插件
% N, h1 ?( B+ H% S$ c. d7 R4 ]1 u
多文件安装版+需要先插入UKEY
4 e4 w0 }6 H* J( s2 w8 T- v
插入UKEY
, J1 b) x5 n/ d$ ], H) b( h! H 登录成功! / ]! U& R* |6 v. \* ^ g
|
|
/1 
|Archiver|手机版|小黑屋|科帮网
( 鲁ICP备19059327号-2 ) 
窥视卡
雷达卡
发表于 2014-09-05 15:32:16
转播
淘帖
分享
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡