由于MD5是不可逆的,所以加密之后就无法解密,取用户名和密码时候,需要再加密一边用户输入的数据与数据库中已加密的数据进行比对。如果比对结果一致,则可以判定登陆成功!代码如下所示:
/// <summary>
/// 登陆
/// </summary>
public Model.UserInfo UserLogOn(string USERID, string pwd, out string statusCode)
{
//假设已经通过用户ID获取到UserInfo的Model对象
Model.UserInfo model = GetModel(USERID);
if (model != null)
{
if (model.PASSWORD == MD5Encrypt64(pwd))
{
statusCode = "登陆成功";
}
else {
statusCode = “密码错误”;
}
}
else
{
statusCode = "用户不存在!";
model = null;
}
return model;
}
5)通过DESCryptoServiceProvider对象对字符串进行加密解密
/// <summary>
/// DES数据加密
/// </summary>
/// <param name="targetValue">目标值</param>
/// <param name="key">密钥</param>
/// <returns>加密值</returns>
public static string Encrypt(string targetValue, string key)
{
if (string.IsNullOrEmpty(targetValue))
{
return string.Empty;
}
var returnValue = new StringBuilder();
var des = new DESCryptoServiceProvider();
byte[] inputByteArray = Encoding.Default.GetBytes(targetValue);
// 通过两次哈希密码设置对称算法的初始化向量
des.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile
(FormsAuthentication.HashPasswordForStoringInConfigFile(key, "md5").
Substring(0, 8), "sha1").Substring(0, 8));
// 通过两次哈希密码设置算法的机密密钥
des.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile
(FormsAuthentication.HashPasswordForStoringInConfigFile(key, "md5")
.Substring(0, 8), "md5").Substring(0, 8));
var ms = new MemoryStream();
var cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
foreach (byte b in ms.ToArray())
{
returnValue.AppendFormat("{0:X2}", b);
}
return returnValue.ToString();
}
此种算法可以通过加密密钥进行解密,解密方法如下:
/// <summary>
/// DES数据解密
/// </summary>
/// <param name="targetValue"></param>
/// <param name="key"></param>
/// <returns></returns>
public static string Decrypt(string targetValue, string key)
{
if (string.IsNullOrEmpty(targetValue))
{
return string.Empty;
}
// 定义DES加密对象
var des = new DESCryptoServiceProvider();
int len = targetValue.Length / 2;
var inputByteArray = new byte[len];
int x, i;
for (x = 0; x < len; x++)
{
i = Convert.ToInt32(targetValue.Substring(x * 2, 2), 16);
inputByteArray[x] = (byte)i;
}
// 通过两次哈希密码设置对称算法的初始化向量
des.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile
(FormsAuthentication.HashPasswordForStoringInConfigFile(key, "md5").
Substring(0, 8), "sha1").Substring(0, 8));
// 通过两次哈希密码设置算法的机密密钥
des.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile
(FormsAuthentication.HashPasswordForStoringInConfigFile(key, "md5")
.Substring(0, 8), "md5").Substring(0, 8));
// 定义内存流
var ms = new MemoryStream();
// 定义加密流
var cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
return Encoding.Default.GetString(ms.ToArray());
}
