for*_*atc 6 c# asp.net encryption query-string
我有app使用查询字符串来传递页面周围的一些值,我发现了几个关于如何加密查询字符串中的值的例子,但问题是我的KEYS告诉更多关于查询字符串然后将所有整数转换为字符串的值.
有没有办法加密ASP.NET中的整个查询字符串,包括键和键值?
就像是:
Default.aspx?value1=40&value2=30&value3=20
至
Default.aspx?56sdf78fgh90sdf4564k34klog5646l
谢谢!
小智 19
有一个问题是上面的许多引用都忽略了,就在返回加密字符串之前,就是URL Encode(请参阅下面的字符串返回之前).我正在使用IIS 7.5,它会自动为你解码字符串,所以解密"应该"没问题.加密和解密代码如下所示.
public string EncryptQueryString(string inputText, string key, string salt)
{
byte[] plainText = Encoding.UTF8.GetBytes(inputText);
using (RijndaelManaged rijndaelCipher = new RijndaelManaged())
{
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(Encoding.ASCII.GetBytes(key), Encoding.ASCII.GetBytes(salt));
using (ICryptoTransform encryptor = rijndaelCipher.CreateEncryptor(secretKey.GetBytes(32), secretKey.GetBytes(16)))
{
using (MemoryStream memoryStream = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainText, 0, plainText.Length);
cryptoStream.FlushFinalBlock();
string base64 = Convert.ToBase64String(memoryStream.ToArray());
// Generate a string that won't get screwed up when passed as a query string.
string urlEncoded = HttpUtility.UrlEncode(base64);
return urlEncoded;
}
}
}
}
}
public string DecryptQueryString(string inputText, string key, string salt)
{
byte[] encryptedData = Convert.FromBase64String(inputText);
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(Encoding.ASCII.GetBytes(key), Encoding.ASCII.GetBytes(salt));
using (RijndaelManaged rijndaelCipher = new RijndaelManaged())
{
using (ICryptoTransform decryptor = rijndaelCipher.CreateDecryptor(secretKey.GetBytes(32), secretKey.GetBytes(16)))
{
using (MemoryStream memoryStream = new MemoryStream(encryptedData))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
{
byte[] plainText = new byte[encryptedData.Length];
cryptoStream.Read(plainText, 0, plainText.Length);
string utf8 = Encoding.UTF8.GetString(plainText);
return utf8;
}
}
}
}
}
网上有很多例子.
他们中有一些:
http://www.codeproject.com/Articles/33350/Encrypting-Query-Strings
http://www.keyvan.ms/how-to-encrypt-query-string-parameters-in-asp-net
http://forums.asp.net/t/989552.aspx/1
现在你说你也喜欢加密密钥,实际上你要做的就是加密它们所有url行,然后你只需要阅读RawUrl后面的内容了什么?并解密它.
| 归档时间: |
|
| 查看次数: |
54238 次 |
| 最近记录: |