|
该用户从未签到
|
|
登录协同工作平台安全解决方案 5 ]! t/ V, F8 x2 f8 u/ ^2 ^0 p" J2 u& Q' V
[摘要]公司领导说登录验证的安全性如何保证,建议采用UKEY验证类似网银解决,调用第三方YT公司产品。 解决方案:
4 A7 c, q8 u7 q% M4 E
前端页面: - <embed id="s_simnew61" type="application/npsyunew6-plugin" hidden="true"> </embed><!--创建firefox,chrome等插件-->
: a5 V/ b; x! }! \! v - <script type="text/javascript" language="javascript" >
+ J% r* a% `/ G" Q; \- Q - //加载皮肤
- b- S* g+ R" e% o3 c/ L* L - var setTheme = function () {
l6 c1 _6 H7 S - Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), {
+ ~# w' K$ P4 g4 y8 ]& J+ r7 I - success: function (result) {# N5 V) J! f$ W" a
- Ext.net.ResourceMgr.setTheme(result);7 a0 ~' g$ o, x+ l
- }
& M8 Z% i( |9 l - });
# d- J" s. X& r! R; X1 V - };
: G" W6 s/ |. j& v' V - //回车出发
' P. ~$ B$ v7 j$ h - document.onkeydown = function (event) {9 v+ G! z% h3 N5 l, h3 c
- e = event ? event : (window.event ? window.event : null);
/ t7 r, N7 j9 W$ q0 ?7 F3 [ - if (e.keyCode == 13) {
* c+ t- T- C" E2 ~3 Z- V- h - //执行的方法 1 m- e' I# x/ V3 i+ h2 n
- //alert('回车检测到了');
% \, Y7 z5 f. F1 h - //Ext.net.DirectMethods.Login();" U- o1 n! t: M- {2 D3 k
- login();
0 p8 Y) _, V* H6 G - }
3 k- [3 Y; {8 t. K# ^/ j - }
! a/ F6 i9 [& L
: a$ m+ K4 @$ ~7 A3 W& L# X( S7 Y- var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
' V) a6 ~+ T$ l, x& r - function toHex(n) {
1 g; U V7 }: m. p- C; Y - var result = ''
( @! ?7 }& B! W, c - var start = true;. i; d2 c# Y5 p3 P4 D c3 V/ h( ^
- for (var i = 32; i > 0; ) {
7 H; {1 W2 e" A y+ g2 X - i -= 4;6 V& }( j& U) Y a
- var digit = (n >> i) & 0xf;6 N4 S8 S+ N2 z1 q y
% \+ I( j5 z7 ]' F* \9 G! c- if (!start || digit != 0) {
0 V' f+ v5 x/ I+ _2 h4 L - start = false;
6 E4 N3 h) T" O2 T* J - result += digitArray[digit];- P( s) S9 k% B# a& |
- }# z' b, }- F+ p- Y: i6 S
- }
, K7 A; x. z4 D2 }# k - return (result == '' ? '0' : result);
+ ?& |( U# e- b1 k7 x b4 N - }
6 [0 B- R- { n1 o8 p. s
S" v, J' n! l; |0 t9 v- var login = function () {7 T- a" A7 Y" U7 B
- var IsCheck = 'N';/ G5 s4 e% O1 F! e
- if (window.location.host == "localhost:23111") {# w8 \1 f5 U7 Q, F- n
- var DevicePath, ret, n, mylen;4 o) Q) c" S: ?4 _& v
- try {/ R f( ]& V; ]9 P0 U
- //建立操作我们的锁的控件对象,用于操作我们的锁
{' C# o# x. X8 p+ }& L - var s_simnew61;
, b( I% t7 f' d5 y/ E; t( o - 5 o1 Y" a6 n: B. M. ^& o. B
- //创建插件或控件
" O; J' L0 e, D' {3 ?5 o- G9 |* C - if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) {( ^5 Z" o0 K+ i' F( q
- s_simnew61 = new ActiveXObject("Syunew6A.s_simnew6");
/ v! [1 t' n) I6 i3 G - }5 m$ R2 ^: c! Y/ ]9 H1 V
- else {
m v( s8 @# H8 o - s_simnew61 = document.getElementById('s_simnew61');$ v. o% Y( Q. u$ m
- }) W7 j! T1 f" r3 t9 o. F
- / N5 z" D8 A: ]& |5 X; v* U/ w
6 ]0 k: u" o' F6 P- //查找是否存在锁,这里使用了FindPort函数: M5 h5 l% v/ H5 O
- DevicePath = s_simnew61.FindPort(0);
/ a; {4 r0 Q) ~0 R" s0 w - if (s_simnew61.LastError != 0) {8 c" d* [0 E6 T; B8 G9 }( c2 }
- window.alert("没有找到Ukey ,请插入UKey");* | P7 U2 i# z# F9 [- x4 s
- //window.location.href = "err.html";
) S8 A* T$ I( y# n' ? - return;3 m Y+ e3 d- s3 L
- }
$ ] I& A- f* I9 ]2 V& A - + p; c. d+ f: s' `, P
- //这里返回对随机数的HASH结果1 Y3 K- T) \. o& O% f, p5 ?
- frmlogin.return_EncData.value = s_simnew61.EncString(frmlogin.rnd.value, DevicePath);
. J _8 `0 d E& ~% c5 v3 [ - if (s_simnew61.LastError != 0) {6 w5 q0 X7 g& b) b4 i+ B
- window.alert("Err to StrEnc,ErrCode is:" + s_simnew61.LastError.toString());
+ A/ L% ?) I+ A, V) y9 {8 n - return;
$ g) K2 I- P6 E* @8 Q( t, @* R0 c - }# e6 I8 [- k' o8 h" r
- IsCheck = 'Y';
0 J0 B( G7 s8 B- j; |0 F - / N* g! E2 u4 y0 ?
- Ext.net.DirectMethods.Login(IsCheck);
$ I( G+ O |5 ?' i1 Z5 a - & |" t5 W, t- h* ?1 X$ a
- } catch (e) {9 {9 D2 ?+ U+ ^, v' i
- alert("您在使用外网访问:" + e.name + ": " + e.message + "。可能是没有安装相应的控件或插件");
) d* z5 [/ {1 j) r* s - }3 U( r6 O' m' m' _; W7 ?6 u( y1 r8 V& B
- } else {# U& B3 H9 {: w- k, M' f
- Ext.net.DirectMethods.Login(IsCheck);! a* v* |; s F5 w) V
- }
5 ~# A5 J( |, G4 O! s7 F - 3 s4 O8 }" `9 G. c" F
- };
9 {0 n5 ? s) c+ C& f( Q. A - </script>
$ g/ f: R% g! J7 m% n4 V" u0 p' A - <script type="text/javascript" language="javascript">
+ ~7 Q" p6 b* j5 D - function reloadCode() {% w9 Q: A/ }4 [9 O8 w+ P
- var obj = document.getElementById('imgCode');
$ o- T; `! e! u1 K; a! K0 @ - obj.src = "VerifyCode.aspx?";
9 y1 B; n' w1 D- x - }
( O. g$ Z+ `- r, I4 J - 9 y: T+ G4 @+ J' j/ L
- </script>
$ M! ?- }/ S9 Q7 _ - CS代码:
+ ]: J- o; c4 ^3 g - SoftKey2K ytsoftkey;$ ~1 k5 B& S4 ~# j8 _% e0 S g
- String KeyPath;' V7 M* }! i5 S+ ~
- private string _randomcode;% W0 p `1 Y( Y: T% z9 |/ c
- /// <summary>
, A5 |1 j: F# ~6 A: O2 R0 m - /// 随机数4 J. D* l6 |7 x, \$ N
- /// </summary>
J2 \" Y6 g1 D" g$ h3 @: X) Q - public string Randomcode
0 j* j' [0 `' y7 {: `8 y5 o, Y9 U - {
* `- B) U' P. A% z$ a" E. A5 M( ] - get { return _randomcode; }
v) ?6 L+ r; k' f( n - set { _randomcode = value; }6 O* h* Z# e* U6 g: K# k
- }
& j, V( T3 n1 r k# u - protected void Page_Load(object sender, EventArgs e)8 o. m: I8 ~, m& R0 f# m9 d
- {
) ^- L7 }% V, _# A. F; U: C - if (!IsPostBack)9 B4 V, G) _% y. _" f& {- q5 D
- {
8 l% ~& {. i, B$ J/ b( q8 Y - System.Random random = new System.Random();
4 T, S% d, n0 n - Session["rnd"] = rnd.Value = random.Next(0, 2147483646).ToString();
. l) U' [# c6 ~# G j - Response.Cookies.Add(new HttpCookie("CheckCode", ""));
) \! T: h% i( J0 p: S$ ~9 b - }3 W8 _2 q! |6 _# e
- }$ I y. F/ G4 N6 g9 h
- 8 i4 C* p2 t* u% d- s* X a4 U
- 5 e; @ Q7 a0 S9 o0 W/ T5 j
- [DirectMethod]
+ F# v; K- `: H n; ^' o - public void Login(string IsCheck)
' @/ w9 ]$ U9 X9 K& }5 r2 a - {3 {5 f: r$ }) S2 D' k' c
- Check(IsCheck) ;
0 l( V( U1 K6 e - 8 t0 j& _* k3 Y9 r- ]" k7 B# T8 B
- }
) Z2 y9 R6 K, a# X - /// <summary>* S. H" l' |: L) q4 K
- /// 登录验证
5 h8 S; [; g$ d' x- ^; L+ n( S& ^ - /// </summary>; d7 R: n- ^; l. w3 ^
- /// <param name="IsCheck"></param>
% l0 ]0 S- [) F* |( D' u - private void Check(string IsCheck)
- q1 t& W6 X+ ~- v1 [ - {* }! n8 G" M/ I! n8 w" y- f
- if (Request.Cookies["CheckCode"] == null)( A4 ^3 p5 r& N9 ^0 _1 R
- {
0 R3 H+ V) H% e - , h0 z9 {! \! B3 v k
- Notification.Show(new NotificationConfig v$ o2 }2 p! I g6 q
- {
' T4 R$ f0 N. f7 a: E5 w0 Y0 t - Title = "提醒",
* d i1 {7 l: I8 J - Icon = Icon.Information,
7 W. _) I. e, ?" V% \) L1 q - Html = "<font style='color:red;'>您的浏览器设置已被禁用 Cookies,您必须设置浏览器允许使用 Cookies 选项后才能使用本系统。</font>"
$ A7 E+ ?' V0 m, `- P% m$ i$ L. F - });
4 A1 c- A8 a1 X- ^" U - return;
, T; F# F1 x& J* b - }
6 U) I0 R2 g7 c; b+ q - //验证码比较1 C4 e/ d6 h f$ P: @, d8 u: J
- if (String.Compare(Request.Cookies["CheckCode"].Value.ToUpper(), this.txtVerifyCode.Text.ToString().Trim().ToUpper(), true) != 0)
, d( L0 p3 ]6 a - {! g& F( l- G+ c) }9 r: C7 L1 i
- this.txtVerifyCode.SetValue("");
1 u" y2 j& e& N" l9 r - Notification.Show(new NotificationConfig1 f8 t- F6 [" z, ~' a0 K+ r7 l4 h- T
- {6 q; n( P, B. Y( y
- Title = "提醒",7 m: N$ n: J" L6 R
- Icon = Icon.Information,; B3 C' S% \# \+ J$ F
- Html = "<font style='color:red;'>验证码错误,请重新输入</font>"
" W/ E; L5 p6 I0 ~5 V$ G. `8 H' l* x - });3 l6 H- H `* h. i5 }" i/ i6 W
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");
' ?2 [& d6 d0 U: z - return;
% \5 e% j: p, `* Y) w! h" G |, @ - 2 l( d' G4 }4 k a* k
" t& J) k( z: L3 k- }
8 F6 O' A/ ^$ |" @& d& |. J - else$ c J- ^4 b5 C4 O9 @$ `- w
- {, `" b1 F. x% x% p/ k0 b
- Utility.MD5 md5 = new Utility.MD5();
/ h$ y5 W5 \9 u% e+ ~0 v - DzPlatForm.Model.Users user = new Model.Users();. ?) x7 X3 u- D5 c5 ]
- user.USERNAME = Utility.Baseclass.SqlFilter(txtUserName.Text.Trim());//过滤危险字符0 j4 Y( Z/ S; G3 K- ]0 U% `
- user.PASSWORD = md5.MD5Encrypt(txtPassWord.Text.Trim());// md5.MD5Encrypt(Utility.Baseclass.SqlFilter(txtPassWord.Text.Trim()));//密码进行加密( {- r/ A+ N7 v4 e; u2 }& @) |3 W
- ! x# d4 u; K8 y; O7 c; Y! i0 S8 N3 N2 }
- string sql = "select * from [users] where id=1";
& G6 |' ^+ A, Q v& Z+ F0 {! Y% F b0 p - DataTable dt = DbHelperSQL.Query(sql, null).Tables[0];
+ i5 V$ v) i8 c9 L' q - : U* n/ V7 i) z4 ^+ F1 W
- DzPlatForm.BLL.UserBLL usermgr = new DzPlatForm.BLL.UserBLL();
`, \6 c9 C$ m - string UserId = usermgr.LoginCheck(user);
0 K- c6 j" V2 j: M2 x: o ` - & {# ?# k6 d: J: K2 ^
- if (UserId != "")
4 v8 N* s2 [- D - {
2 | x) z5 B6 Z: Z# C! c - ; R" I! m& Z" E0 z' n- v/ }5 X% d
- Model.LoginLog lg = new Model.LoginLog();- i, _5 E" Y, O5 k
- lg.Name = txtUserName.Text.Trim();" P3 \ r! P- n$ X j _' P
- lg.Browser = Utility.IpBrowserHelper.getBrowser();
$ I; ^2 @. L& Z) r4 @ - lg.Ip = Utility.IpBrowserHelper.getIP();- t) E: E$ j; l# u1 z9 g2 W
- lg.System = Utility.IpBrowserHelper.SystemCheck(); w [$ o3 x. y. h' {
- BLL.LoginBLL logmgr = new BLL.LoginBLL();) z) k/ P o3 S% U ~
- logmgr.LoginInfor(lg);
# J8 e/ j. m% o2 Z: r - usermgr.Record();" c# k) U5 _7 a, [0 S" x1 q& F
- & \% y K( H: P. i' l
- Model.Indentify idf = new Model.Indentify();
# o9 ~/ L) u6 A: N5 I6 j. f - idf.Userid = int.Parse(UserId);, z3 o0 Z4 N$ a" `
- BLL.IndentifyBLL idmgr = new BLL.IndentifyBLL();- q3 p0 h& B( l9 ~, P0 u
- idmgr.GetIndentify(idf);! L; `' ?2 e8 R1 P4 [2 P
- Session["userid"] = UserId;
{0 n8 Z5 [, U+ r - Session["UserCode"] = txtUserName.Text.Trim();
$ n, j' w: k" |+ t L4 h, o t - Session["UserName"] = idf.Name;$ ?/ N. z( i3 J) p$ y
- Session["utype"] = idf.IsSystem;
+ C$ T8 p' K: _6 d( X - Session["uip"] = lg.Ip;; Z9 x: I, t* D
" E) h3 [+ n Y4 G8 D
9 p4 o" b6 e3 e( R- //X.Msg.Show(new MessageBoxConfig5 e7 Z P% N) G2 s k& r: L
- //{7 N& y8 h( o( ?! W1 I# C6 V' h
- // Title = "请等待",( f% r# |9 O( i) Y8 l p! W) l
- // Message = "正在加载项",
% C: [; D: a/ k' M" {& l$ U - // ProgressText = "初始化中...",) k. [2 U) M6 e$ ^: w7 y3 ^- k
- // Width = 300,
" H, x# W2 e) }3 w# u( d - // Progress = true,
/ S- t: A' i9 B/ j8 D - // Closable = false,
+ b& b% P3 |4 ~& Q- C% h9 F8 i5 g# O - // AnimEl = this.btnlogin.ClientID
2 R% z. |2 O0 U( `: R - //});
3 v0 D( p: ]4 g! d W
& S% @- {7 U: ?% c# k/ \+ b- //this.StartLongAction();5 T5 V% _- U3 Y& h' n. F/ {
- String strData, m_StrEnc, Key, Flag;# f* `, r2 q y' ~
- # ]6 J- `& W' a' e# s* t
- Flag = IsCheck;4 S7 B+ t' i! W. G8 X0 _$ Y
- //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致
. A* `6 t9 ]! s# f1 {6 J y/ C. v! l - //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值
: U1 W3 N1 \2 l7 W- c* E% o - // Key = "1234567890ABCDEF1234567890ABCDEF";6 O- E G% K3 q& Z4 L# F9 ]4 _
- Key = idf.UkeyCode;
* H8 `' Q2 X+ ?6 f1 G6 Q - //strData:要进行加密的数据9 w9 Q4 s8 X. X4 V4 k. e2 n
- strData = rnd.Value.Trim();//Session["rnd"].ToString();
2 c( R6 G) X) [* l8 w. w) k% I - //'在服务器端对数据进行加密运算
/ x# L% Q# _3 t - m_StrEnc = Global.m_softkey.StrEnc(strData, Key);2 c' p* P0 o% Q9 b& V7 e% a+ I
- //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证
5 }( T2 ]; T. x0 E - if (Flag == "N")//内网不需要比对9 j Y) t1 Q% T {& ?/ M0 U# k& F
- {
& Z) c! J8 K% W! @4 I2 P) e7 a - Response.Redirect("Index.aspx");
. r8 ?% V+ S* j1 A$ { - }
2 S' U/ Z7 u% k7 |; W - else
+ c# J* N; u. X - {
+ b# @6 U% } [ - if (m_StrEnc == return_EncData.Value)+ N, l; i1 D% A. G- z
- {6 Z; V7 a6 y u' N. V. o) Z% c k! Z; X
2 G M* ^% N1 |& H; {- _; x/ c- Response.Redirect("Index.aspx");0 a: _, m& E( q# a2 O8 j
- }1 {0 k: ]2 k. v* E4 y+ M
- else* i. w2 r6 A& h- u' ?
- {
& M9 H# A3 w3 f+ c - Notification.Show(new NotificationConfig
- v) H) C$ ~% P, { - {
/ V1 s U& a1 G4 f - Title = "提醒",# ~0 I) D( P; i3 U. P h( j9 k
- Icon = Icon.Information,- {- _: s. t) L4 h. c% F9 U- P
- Html = "<font style='color:red;'>该用户不是合法用户!</font>"7 Y' j( c5 B7 `; }
- });. J5 _- _! ^, J- e- J) m6 `! [
- }
4 c& P% T: a5 h$ D3 l - ; Y7 I2 s- u* g% Y- e
- }( @. A6 p: K6 q
, r, s9 @. S4 f/ p/ j- }$ f; x& _$ x( J, Q0 ?2 e
- else
( H8 ^9 c* K; l* P+ g' F$ N l" T - {
/ Z& b8 U& e' R9 [# I+ a
) |. i6 S4 N+ ?/ ~- Notification.Show(new NotificationConfig+ O& s' q3 f( y7 k; d
- {* I2 s2 }! _: c9 J
- Title = "提醒",6 p5 E3 H% T2 d
- Icon = Icon.Information,
2 _) D f$ _; _) N - Html = "<font style='color:red;'>帐号或者密码有误,请重新输入!</font>"
$ A& v6 N5 l' r/ ~8 P
2 Y5 I/ b0 m: w R9 ?- });1 S# N" p' u: e4 k: a6 ]
- X.AddScript("document.getElementById('imgCode').src='VerifyCode.aspx?';");. i" C' z: k5 F) g1 q7 e6 `
- }' C' N, d1 W$ o( c, P, o8 ?$ I. M
- ' d- F+ \% i& e6 e
- }
8 a; N w) u. @1 K9 Y+ r/ Y/ ] - }
: r$ K; i- K" a2 @2 Y E3 c. u( E - /// <summary>
- [ f' F0 F5 n2 a1 _ G - /// 开始计算任务: E4 J, b% |0 b: Y
- /// </summary>0 |) y0 y9 I$ }/ b, M
- private void StartLongAction()
3 f9 ?0 k. [2 d. n/ ` - {
6 \/ z6 X; \* h P( ]8 }% g* H - this.Session["Task1"] = 0;
, a7 T7 c" a0 J" m0 _ - ThreadPool.QueueUserWorkItem(LongAction);3 H! F0 _: ^' J: O8 @
- ( Y* o- M0 C. P: J2 Z. Z6 i
- this.TaskManager1.StartTask("Task1");# c/ E4 X5 r b- D5 w7 B6 g2 i
- }
! f. n0 d4 L& \8 w* ?& W - /// <summary>
2 M1 U5 o: J5 r% q - /// 计时器
% e' ^& l5 w ~4 h3 ~ - /// </summary>
7 B c; z7 ?' {1 }# K, I2 ? - /// <param name="state"></param>
3 @' u5 P# N$ m* }0 l3 _ - private void LongAction(object state)
- z% A) z! s# E- s; u" M - {( O# K" H. ^: {0 c8 @: i9 e
- for (int i = 0; i < 100; i++)* V! i4 b+ n- I. n/ d& @
- {
% x4 C V% ]( T: W0 q - Thread.Sleep(10);
1 @' }% q0 H- \6 P% e) Q' R' l9 K$ I - this.Session["Task1"] = i + 1;
) l; M0 ?. O/ `; m% b5 z. B* H - }+ m! n: i% D+ f0 S
- this.Session.Remove("Task1");
, G0 m* Q/ b" Y - }
& l' Z3 @+ Y+ w - /// <summary>0 N# F' G! d9 B
- /// 刷新进度条1 S$ w# n# ]( ^# j
- /// </summary>" j [6 X- N; L9 \ q
- /// <param name="sender"></param># d( p9 H1 p2 R9 Z6 b
- /// <param name="e"></param>
8 A! x4 v) o6 W9 U/ N - protected void RefreshProgress(object sender, DirectEventArgs e)
, O& q: ~8 g5 F# B( V - {1 R1 {, y2 @/ _) Z$ c" H' @) \
- object progress = this.Session["Task1"];8 p, s- {8 O- C
- if (progress != null)
4 o6 y0 e8 n* S3 k - {+ \* ]% F# P. e; Y. m* b/ i
- X.Msg.UpdateProgress(((int)progress) / 100f, string.Format(" {0} % {1}", progress.ToString(), 100));
' M/ U# u- y0 ~0 Q - }: V( Q/ d* @: K+ M8 c" v4 ~! n0 N
- else
) C5 Z! x3 V! F9 q# N* B - {
* ?# Q0 o7 U. n - this.TaskManager1.StopTask("Task1");7 n+ L: g- z/ J) o! n) s* x8 H3 P
- X.MessageBox.Hide();( p3 q/ W" M7 J. X, v, S
- Response.Redirect("Index.aspx");
, `- U- K8 \9 b' P - }/ q* ?. z/ g8 X: h, o t& Y: C( q
- }
, b$ { T6 k5 e+ R - /// <summary>
( N [; D, n8 J. u8 c- d# r- t' D - /// 更换皮肤3 ^* d3 A3 N- C5 q9 ?
- /// </summary>
. O9 B$ f9 q7 [/ \9 f0 b" ] - /// <param name="theme"></param>
$ ?: P# y& V- U- M: [ - /// <returns></returns>
) ^: x2 p# ~* A+ e i - public string GetThemeUrl(string theme)8 N/ _ S7 Q! t9 O
- {
. |) R0 e$ r) B3 { - Theme temp = (Theme)Enum.Parse(typeof(Theme), theme);7 M( G# F: H( Y ~& h+ k& {, g( O
- this.Session["Ext.Net.Theme"] = temp;" A- F8 \8 I, @9 ?0 ?. q5 b/ h
- return (temp == Ext.Net.Theme.Default) ? "Default" : X.ResourceManager.GetThemeUrl(temp);+ y/ l3 y n$ m7 }4 f3 F5 e
- }
' x$ d) t: A0 K9 Q
. T [1 T" U1 e) W3 w* s( ~( \3 x# r- }0 S* L0 J. M- C5 a
- 1 E# v* \+ y. w9 h/ X) r
- 服务端代码:Global.asax
6 W: r; L2 R b$ Q) D. M6 Y2 h - public class SoftKey5 B4 y- j7 D Z/ `- {0 w
- {
7 t3 S7 M2 a, I2 h& D* g6 p" X - [DllImport("kernel32.dll")] q8 N9 l8 h8 u( W, D! J" ^
- public static extern int lstrlenA(string InString);3 n* ? N+ j& V' L
- [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]# }4 U; O! a6 Q7 z1 l0 q
- public static extern void CopyStringToByte(byte[] pDest, string pSourceg, int ByteLenr);
/ \2 `% t" C3 h9 x b - [DllImport("kernel32.dll", EntryPoint = "RtlMoveMemory")]
; J9 |' y: L- e+ h; q - public static extern void CopyByteToString(StringBuilder pDest, byte[] pSource, int ByteLenr);! Y: |" O7 `4 F3 E2 s# F9 @& K
" ?4 X, z4 D. N0 t, F6 {0 t! s- //以下用于将16进制字符串转化为无符号长整型
& D$ t! T# {/ ?2 ]; i - private uint HexToInt(string s)( U3 L9 ]' T! H! K
- {
, }( z) U$ d% @1 }1 v - string[] hexch = { "0", "1", "2", "3", "4", "5", "6", "7",/ H$ O& c& S+ E8 |5 |
- "8", "9", "A", "B", "C", "D", "E", "F"};
3 U& B7 h% r! L) \/ |, { - s = s.ToUpper();' ?& Y/ |) K6 r' c3 p
- int i, j;8 K, x) t0 q( {$ @' W
- int r, n, k;
8 g) F Y9 X( U1 \6 ~. M - string ch;* v/ b R4 [1 c4 F# f( `
- 9 N& F, P5 Y; n1 q
- k = 1; r = 0;
6 e/ C( a& B9 X! r- W2 i3 E2 | - for (i = s.Length; i > 0; i--)% `. \% @7 _0 F2 P* j2 Y2 n
- {, ]& g7 W$ y7 s. t- a( h
- ch = s.Substring(i - 1, 1);) |) x0 B# X3 h r; ]/ O2 o4 E
- n = 0;+ P$ i7 Z" c% l: m K9 `
- for (j = 0; j < 16; j++)
" j& W7 ?2 Q+ s- K8 p9 R8 V0 k5 T - if (ch == hexch[j])" O% W" C4 Q- |3 j4 }, D
- n = j;
; ?+ G" U0 Z4 T' G1 b - r += (n * k);; U+ ~3 e, g# z- |( G8 i
- k *= 16;7 Y+ E7 @5 G @) ~( [, F) R8 @7 p
- }
( f p) c2 D% w- W( a P - return unchecked((uint)r);
* n+ y7 T r3 i$ F - }% T& Q3 W- B6 f J! N! c1 i
+ C/ i0 H9 }9 h R1 V0 k% E
! {. B. `' Q- k) W# r% Y- public void EnCode(byte[] inb, byte[] outb, string Key)$ s& s5 x3 |2 t* C3 O
- {& \$ E5 d, H' g" x+ _5 ~4 Y
8 w# S2 d" c' @: n- UInt32 cnDelta, y, z, a, b, c, d, temp_2;$ S/ A) u, X! o! |8 [5 c
- UInt32[] buf = new UInt32[16];- ?8 c: J4 X6 u: a
- int n, i, nlen;
0 m; A/ l- e, _ - UInt32 sum;
/ B3 D8 g$ T, @& ?* r. o - //UInt32 temp, temp_1;5 Z) B, z9 P1 x, k: x* W, t1 [
- string temp_string;
% D# {; ?5 O; o - 5 `# r& h# c) B1 @
, b' \& O$ h* R! Z/ u- cnDelta = 2654435769;
+ I8 E5 v/ }$ f9 d1 q - sum = 0;
* v- f2 n- H* m: V; e
8 ]9 \" l/ h! q+ I# p1 T- nlen = Key.Length;. i6 G0 t9 c' s& O" C
- i = 0;) r. ^: |, l5 W) a3 D. t
- for (n = 1; n <= nlen; n = n + 2)3 t6 c* V5 h2 C! q. I3 G ?
- {2 o* D: w1 W9 _7 }; j
- temp_string = Key.Substring(n - 1, 2);
: ^) F9 x$ `8 d/ E8 {7 C - buf[i] = HexToInt(temp_string);
# V) P: H9 O$ L6 D - i = i + 1;6 u& V# O' c+ l' p
- }
: h5 J1 S3 ]7 P - a = 0; b = 0; c = 0; d = 0;4 w( _7 T5 b* U; T! r
- for (n = 0; n <= 3; n++)
& i# l% K/ o& I4 O- R - {" ?1 j1 A( S! B2 F0 \) V" ]! n9 }5 l; _1 P
- a = (buf[n] << (n * 8)) | a;
5 y5 _. m5 x* g* S9 `( ? - b = (buf[n + 4] << (n * 8)) | b;4 j# G V) r7 g% w7 I; U
- c = (buf[n + 4 + 4] << (n * 8)) | c;
# b" A6 k/ R0 f - d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;" K; j; z! P, L, S, A7 U+ M
- }' A- J: N4 P" A* V' m9 V# ~
! m$ Q" e2 [# C- V) N
! \/ ~9 x9 z$ q' S7 _$ R
3 i7 p+ p! ?3 z& k. c- y = 0;
9 D$ C0 N0 {# P6 w9 F0 _$ B: \4 L - z = 0;0 y! u% C, `0 f' ^9 Y
- for (n = 0; n <= 3; n++)5 [* h# A* `5 I
- {
0 _8 |! A' Q1 K5 R8 Q ] - temp_2 = inb[n];
+ K- O" c+ X# V4 r( ~1 w4 Z% O4 ^ - y = (temp_2 << (n * 8)) | y;# P: b2 x1 M! S2 o( m$ a" P- W3 [+ L
- temp_2 = inb[n + 4];
& t* m- y8 f3 o6 o. F0 L - z = (temp_2 << (n * 8)) | z;
6 [5 t* k* x: ]1 }% W; X - }
$ Y/ l8 Y1 Q8 N$ o - " L4 Q0 C8 a$ J$ [7 c
- . R$ _( ~0 y# R' v, ]- W
- n = 32;
6 I$ T0 N: w6 \- r
& L8 K( F. Y# c- n- while (n > 0)
. y+ h. Y$ g( ^9 ? - {
" |0 u% I& ^, c: a( w1 K - sum = cnDelta + sum;: W' E3 P* K. |, g1 D* r
) l- A( A4 u* U$ |/ Q- /*temp = (z << 4) & 0xFFFFFFFF;
& c1 l% v( D- h2 C+ S+ R) S4 M- d8 H6 w - temp = (temp + a) & 0xFFFFFFFF;% H% I" M7 q, T, A
- temp_1 = (z + sum) & 0xFFFFFFFF;5 ?$ R" x- d$ Y" W/ a$ ^- U8 _& d
- temp = (temp ^ temp_1) & 0xFFFFFFFF;
P! |6 x6 J( j: t/ V - temp_1 = (z >> 5) & 0xFFFFFFFF;7 P s9 E+ c7 C9 y* u
- temp_1 = (temp_1 + b) & 0xFFFFFFFF;
' h1 o; M. x$ G+ ^8 \* B - temp = (temp ^ temp_1) & 0xFFFFFFFF;! R' D+ K6 U) J' _$ U5 j
- temp = (temp + y) & 0xFFFFFFFF;
. k, W; f8 t8 s4 H! u - y = temp & 0xFFFFFFFF;*// v4 k9 N; V$ |) w! v
- y += ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
* H9 U3 g/ Y9 _ U! B. [
1 D1 j; D7 A5 f- f2 l- /*temp = (y << 4) & 0xFFFFFFFF;4 X+ Y! ^: j; g5 s6 s7 n
- temp = (temp + c) & 0xFFFFFFFF;# W( c% t. W* ~/ J% S& U, `: B3 M
- temp_1 = (y + sum) & 0xFFFFFFFF;5 S5 W! P, \5 O' U
- temp = (temp ^ temp_1) & 0xFFFFFFFF;
6 q( A. G1 L5 Y- j - temp_1 = (y >> 5) & 0xFFFFFFFF;# K; Y9 k4 u! z) H
- temp_1 = (temp_1 + d) & 0xFFFFFFFF;
& J. W) B! \/ a" d4 U - temp = (temp ^ temp_1) & 0xFFFFFFFF;
+ w' ]. u2 z4 l1 {$ w* h# b - temp = (z + temp) & 0xFFFFFFFF;, J# y" [4 g- y' @
- z = temp & 0xFFFFFFFF;*/; _* X# Q1 J+ c7 d) {# S( h& H
- z += ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);+ k2 @ _/ h) k/ m8 I8 `
- n = n - 1;
b! _5 _/ w1 c0 Z( A
/ [" n( q( g1 ^! e3 U7 f) f8 C- }9 O5 @# O% y) b3 c$ P1 @6 Q' Y
- : H0 _9 [) t! ]2 S+ D' i
- for (n = 0; n <= 3; n++)& M6 ]& F+ N4 q) T) s, Q. Z6 C7 [
- {; ~* l f$ `- G, a: j8 d
- outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);
- F1 n; M2 c- Z2 C5 { - outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);4 D) f2 j" `& N- x" y7 i6 U! Z: Z" e0 W
- }. j! T" i4 a* R$ v' h
: f) E/ p. \0 X% Z9 o. x" @$ j8 a- }
% |' z6 X& t5 }+ d - ) {* A6 j* u* ^% q% f$ h
- public void DeCode(byte[] inb, byte[] outb, string Key)2 O: r- p7 ]) I3 l
- {
- v/ e. r2 w9 `5 f - 3 h( i! v J% r; ~4 q. y
- UInt32 cnDelta, y, z, a, b, c, d, temp_2;& M# b- r& v* U% b9 Q. I) U
- UInt32[] buf = new UInt32[16];$ g: K. K* c+ V( A) \
- int n, i, nlen;
' `6 T; ^1 Y+ ~. `1 E3 E - UInt32 sum;% g V7 M0 s& {; o! {/ F2 n
- //UInt32 temp, temp_1;1 Y3 {) P7 p' n! K) x- L
- string temp_string;
/ D) _8 x a. _) b
! k+ R5 |& l) Q* T- 9 j( R+ G1 M, _3 H) w" U
- cnDelta = 2654435769;
2 N/ N+ _9 r9 E- R! q" H2 x5 c: S) B - sum = 0xC6EF3720;
$ T6 X' _, I' {& P9 U' \; O - 4 A% G0 _5 b: c+ d' t
- nlen = Key.Length; E8 v9 L% Q4 i: x. H* q; F8 O8 r
- i = 0;( M; \& J' r# l# V
- for (n = 1; n <= nlen; n = n + 2)
9 ^" e8 }& ~4 e1 t- n - {
' f; B6 k% \ ]/ [( z* G* X. l. } - temp_string = Key.Substring(n - 1, 2);
e% V$ B) k# O" M8 c# f; A3 b2 f# ` - buf[i] = HexToInt(temp_string);
# h: T; F% |( r( U9 w - i = i + 1;: l- y8 L7 a& e* V6 s0 |, H6 S
- }
! e0 h' y5 l7 q, d, W - a = 0; b = 0; c = 0; d = 0;
9 w2 q: o! T; m5 F. R3 c h# O - for (n = 0; n <= 3; n++)
7 L, `9 a/ u- i: i! h- _9 p - {
, T; W4 |0 t8 G, l! \; O - a = (buf[n] << (n * 8)) | a;
" e' }. u, g2 o/ ?# s# b" N+ K - b = (buf[n + 4] << (n * 8)) | b;
, T8 e' R. I/ e( ` - c = (buf[n + 4 + 4] << (n * 8)) | c; E0 e) s5 c; A' g3 V
- d = (buf[n + 4 + 4 + 4] << (n * 8)) | d;0 J2 F) R2 ^3 C8 @. V2 ]) y9 \
- }
3 a# c" m/ G8 k7 ]8 y - 9 v' k6 O0 S4 P) G9 U" X, U
- 5 O* y* r- {6 c
- - h1 o- T& B: a0 s0 A8 T+ M
- y = 0;, @% n8 q0 g2 P/ B
- z = 0;
) `5 M; m: Y6 S) D+ L - for (n = 0; n <= 3; n++)
0 W" L- | C- k6 D- j8 F5 a - {$ p5 D7 H( R5 ?# i* J. p
- temp_2 = inb[n];
( {% ~, C8 R# I, t/ i - y = (temp_2 << (n * 8)) | y;8 Q) P7 r' S' f+ O/ ^) b9 v$ i
- temp_2 = inb[n + 4];
$ o! F# h3 d; a( p& M6 { - z = (temp_2 << (n * 8)) | z;
1 L p6 u5 H8 T- a - }
* m, }* Q/ M0 U+ ^$ J - ) X* r2 }$ _" k, K+ r9 B
- 9 k5 I$ R/ y% B% o
- n = 32;
3 h3 l) b _: L; c- s2 M. H) _
: J! T( \ O, u- g" _' i; i- while (n-- > 0)
# v2 \1 V6 Q5 t - {& T. L. p/ G& a9 Q8 \8 f
- z -= ((y << 4) + c) ^ (y + sum) ^ ((y >> 5) + d);
# ] R; S7 C% I- s - y -= ((z << 4) + a) ^ (z + sum) ^ ((z >> 5) + b);
) `! E6 X$ o0 N9 |# E2 G - sum -= cnDelta;5 _* @; S9 R: w6 @0 t+ M9 {
- 5 A- I% C! h! _# M4 H e; {
- } s; F8 D8 u5 O6 t3 z- Q, C3 D& z
- $ I* R2 L. f. B/ y8 ^
- for (n = 0; n <= 3; n++)7 q/ A6 W3 I( \# s
- {8 c( V _) m9 h# _
- outb[n] = System.Convert.ToByte((y >> (n * 8)) & 255);
' M! o1 q1 s) g - outb[n + 4] = System.Convert.ToByte((z >> (n * 8)) & 255);
7 E8 h! c7 K. q8 V ~ - }
6 V6 P# F/ i5 j& W# x N3 n0 V7 H - 1 n1 a0 C# U' S2 p! V' \
- }
$ K* g4 ?! c! |% E - ( a) M% R; d+ f! H
- 9 q, s4 o9 N$ Q# |9 b
- public string StrEnc(string InString, string Key)//使用增强算法,加密字符串
m' G2 X4 _9 r% c; G. B) | - {+ G( q7 m9 c% E% N7 Z: }
5 F( I* t$ L+ g" N2 s9 g4 \- byte[] b, outb;
* \8 I. r" N& h* o: } - byte[] temp = new byte[8], outtemp = new byte[8];
1 R5 j/ j: q2 ?6 z - int n, i, nlen, outlen;; |, y) E3 @' t8 h' P
- string outstring;
( n, y- r+ L! j; j' X
# H: d! R, F2 i$ o% e- - O. L$ p& @9 K. w& o2 t
- nlen = lstrlenA(InString) + 1;! v- ~$ `2 s' t3 |" `$ u1 V
- if (nlen < 8)
' m1 f5 r5 d9 w* J - outlen = 8;1 x* p0 a6 y& A: S5 x+ U: t2 S) ^
- else
5 g( J5 l- \* L* ~5 k. y/ y - outlen = nlen;
7 E0 t f. e( A* u6 g, {' A3 q# n- q P - b = new byte[outlen];
" S# E+ V, S2 L) w% o4 ]$ S - outb = new byte[outlen]; {- F5 S4 Q( f
- * E- y/ c2 C4 M! A7 K" T4 ]
- CopyStringToByte(b, InString, nlen);% u! P. k5 {9 P+ Y# B
- 4 a2 o* P# O" f5 ]% x( Q# ?3 N9 C
- b.CopyTo(outb, 0);4 ] c0 j8 {/ J8 K
- c' {/ D$ `7 ~; z" u- for (n = 0; n <= outlen - 8; n = n + 8)
$ w5 H& y8 I9 O8 N3 R6 S2 u1 v - {4 D3 [) b' ^) M3 Z
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
" j4 k( |; F2 t' c$ a; ~/ H - EnCode(temp, outtemp, Key);4 e7 x+ Q7 o7 u! n) J' c8 p( }
- for (i = 0; i < 8; i++) outb[i] = outtemp[i];
) m6 V$ ]" a/ y4 a [+ o- p+ y6 [ - }0 t" d, U5 f6 H5 a* W4 G0 {- L
6 u) j& o8 K: `. s' U3 Y- outstring = "";: ~9 u& O0 H u+ o, X3 j
- for (n = 0; n <= outlen - 1; n++): [8 ~* F& T; B) X
- {
$ n9 O1 \( f& h: i1 M9 N) { - outstring = outstring + outb[n].ToString("X2");
0 P+ Q& m/ r, S: f0 M$ i - }. s, \5 Z" c' ]0 x6 s/ j
- return outstring;( E5 _4 E* o H
- }4 P0 n2 o* Y* j8 |% W, e. A
- public string StrDec(string InString, string Key) //使用增强算法,加密字符串) U# A: V6 {' f0 N$ R; M
- {8 w: y1 b; u2 K7 M+ s& A* K6 _
- byte[] b, outb;
( }1 k ?7 M8 ~7 p+ V+ _3 V& U+ n - byte[] temp = new byte[8], outtemp = new byte[8];
; |9 y0 [% M# [ - int n, i, nlen, outlen;1 b' p/ @4 H0 U% _
- string temp_string;4 D$ E b1 O. a% `) |
- StringBuilder c_str;
, T& Q8 C7 B `: O* v! o
9 @3 D# |+ v. {" O+ Z' y
; g6 L6 w0 A0 D4 X: `) U- nlen = InString.Length;
0 h# U; {! x g- \* T - if (nlen < 16) outlen = 16;
; K+ {* ^2 h1 s* t - outlen = nlen / 2;4 i6 T0 c0 r% q3 f5 |4 ]
- b = new byte[outlen];
% N: U$ k9 @2 t2 \ - outb = new byte[outlen];* Y+ I J1 C5 T4 v. C
- ; Z: x# }2 P4 n6 F& d
- i = 0;+ F. ~9 ?1 R4 s$ e+ n" }
- for (n = 1; n <= nlen; n = n + 2)3 F6 T- f0 ^) l# r5 c
- {9 A0 D) ~8 Z* E1 o
- temp_string = InString.Substring(n - 1, 2);" D9 _9 ?: K- k$ N) C) q7 k
- b[i] = System.Convert.ToByte(HexToInt(temp_string));9 l! _, u6 I& b# \ w
- i = i + 1;
2 f( a& g: e/ h - }
- J% R5 D: W9 l5 O
$ v& W/ D: e' W) u* w- b.CopyTo(outb, 0);* P& [& l, a' D1 g9 J7 l, H( g; N
4 E9 L) E) A9 A- for (n = 0; n <= outlen - 8; n = n + 8)) G# p8 z5 U C6 n6 n
- {( b0 V; [/ I, p5 l# [1 t% n, y* z
- for (i = 0; i < 8; i++) temp[i] = b[i + n];
1 u7 O) @3 T: K+ V: K+ O' u+ H" M - DeCode(temp, outtemp, Key);
8 y* T! Z- ?; ?) _4 L6 ^" f - for (i = 0; i < 8; i++) outb[i] = outtemp[i];
, h/ |. V" i; f2 r - }
, [# W( D2 u3 U; m5 b% N2 N - / v8 N1 g; {0 f& X' N/ h& E
- c_str = new StringBuilder("", outlen);& q% k7 H1 P2 k$ H; u
- CopyByteToString(c_str, outb, outlen);
9 f5 c( t7 d) U - return c_str.ToString();
6 f% f: e; _* G T I - A, n7 e2 u9 d4 v+ j
- }
2 |) U" ^5 Z) |' g
: E4 ]* ^# K3 J5 ~9 a
; H7 m! v- u, A U1 S! q/ `% N* f- }
2 h) z' w* q2 B+ Q6 w* u唯一锁写入Ukey:
/ y) m7 o/ G: H9 D: j2 w4 T
+ l+ |9 w& y, A3 j k- I8 g) p 公网客户端:安装插件
3 I u/ G/ r) R: r- c6 g: h% T 多文件安装版+需要先插入UKEY
6 C3 w* N2 W# k3 Y. x. P
插入UKEY
4 T! h- M* f ]2 R0 G
登录成功! 0 T" Y" H3 x4 J( _+ B3 }
|
|
/1 
|Archiver|手机版|小黑屋|科帮网
( 鲁ICP备19059327号-2 ) 
窥视卡
雷达卡
发表于 2014-09-05 15:32:16
转播
淘帖
分享
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡