Fork me on GitHub
Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/-->using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Text;

public class EncryptPassWord
{
    /// <summary>
    /// 获取密钥
    /// </summary>
    /// <returns></returns>
    public static string CreateSalt()
    {
        byte[] data = new byte[8];
        new RNGCryptoServiceProvider().GetBytes(data);
        return Convert.ToBase64String(data);
    }

    /// <summary>
    /// 加密密码
    /// </summary>
    /// <param name="pwdString"></param>
    /// <param name="salt"></param>
    /// <returns></returns>
    public static string EncryptPwd(string pwdString, string salt)
    {
        if (salt == null || salt == "")
        {
            return pwdString;
        }
        byte[] bytes = Encoding.Unicode.GetBytes(salt.ToLower().Trim() + pwdString.Trim());
        return BitConverter.ToString(((HashAlgorithm)CryptoConfig.CreateFromName("SHA1")).ComputeHash(bytes));
    }
}
Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/-->using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Security.Cryptography;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.IO;
using System.Text;
/// <summary>
/// Summary description for DESEncrypt
/// </summary>
public class DESEncrypt
{
    private string iv = "12345678";
    private string key = "12345678";
    private Encoding encoding = new UnicodeEncoding();
    private DES des;

    public DESEncrypt()
    {
        des = new DESCryptoServiceProvider();
    }

    /// <summary>
    /// 设置加密密钥
    /// </summary>
    public string EncryptKey
    {
        get { return this.key; }
        set
        {
            this.key = value;
        }        
    }

    /// <summary>
    /// 要加密字符的编码模式
    /// </summary>
    public Encoding EncodingMode
    {
        get { return this.encoding; }
        set { this.encoding = value; }
    }

    /// <summary>
    /// 加密字符串并返回加密后的结果
    /// </summary>
    /// <param name="str"></param>
    /// <returns></returns>
    public string EncryptString(string str)
    {
        byte[] ivb = Encoding.ASCII.GetBytes(this.iv);
        byte[] keyb = Encoding.ASCII.GetBytes(this.EncryptKey);//得到加密密钥
        byte[] toEncrypt = this.EncodingMode.GetBytes(str);//得到要加密的内容
        byte[] encrypted;
        ICryptoTransform encryptor = des.CreateEncryptor(keyb, ivb);
        MemoryStream msEncrypt = new MemoryStream();
        CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);
        csEncrypt.Write(toEncrypt, 0, toEncrypt.Length);
        csEncrypt.FlushFinalBlock();
        encrypted = msEncrypt.ToArray();
        csEncrypt.Close();
        msEncrypt.Close();
        return this.EncodingMode.GetString(encrypted);
    }
}

1.原理:每次产生一个随机字符串作为密匙,用户输入一个密码,密码经过密匙加密得到一个字符串存放在数据库中...当需要验证密码时,要先得到密匙才能验证.

Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/-->//根据用户名得到用户信息       
 DataTable dt = WYTWeb.UserDAO.UserLogin(userName);
 if (dt.Rows.Count == 0)
 {
    return -2;//用户不存在
 }

 DataRow row = dt.Rows[0];
 //得到密匙
 string salt = row["salt"].ToString();
 //验证密码是否正确
 if (EncryptPassWord.EncryptPwd(password, salt) == row["password"].ToString())
 {
      //登录成功
 }
Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/--> //从基类获得登录id
 int userId = LoginUser_Id;
 //获得密匙
 string salt = EncryptPassWord.CreateSalt();
 //得到经过加密后的"密码"
 string password = EncryptPassWord.EncryptPwd(txtPassword.Text.Trim(), salt);
 //修改原数据
 int result = WYTWeb.UserDAO.EditPassword(userId, password, salt);
 if (result > 0)
 {
     WYTWeb.LogDAO.InsertLog("info","wytWeb","用户"+userId+"修改了密码", userId ,this.Request.UserHostAddress.ToString());
     ShowMessage("密码修改成功");
           //this.Response.Redirect("CompanyInfo.aspx"); 
 }
 else
 {
    WYTWeb.LogDAO.InsertLog("info", "wytWeb", "用户" + userId + "修改密码失败", userId, this.Request.UserHostAddress.ToString());
    ShowMessage("密码修改失败");
 }

 

 

转载地址:http://www.cnblogs.com/9421/archive/2010/02/21/1670682.html

 

http://www.cnblogs.com/yank/archive/2007/10/26/938180.html

posted on 2014-08-20 00:44  lingfeng95  阅读(433)  评论(1编辑  收藏  举报