密码传输中Rsa加密
来源:互联网 发布:油烟机推荐 知乎 编辑:程序博客网 时间:2024/05/16 10:34
在用户登录和修改密码的地方,将密码直接传输到后台能看到传输密码的明文参数,所以需要加密一次。此处用RSA加密的方法,至于优缺点,我再研究。
首先定义一个RsaEncrypt公用类
public class GetRsaPublicKeyResult { public int Code { get; set; } public string RsaPublicKey { get; set; } public string Key { get; set; } } /// <summary> /// /// </summary> public class RsaEncrypt { /// <summary> /// 产生一组RSA公钥、私钥 /// </summary> /// <returns></returns> public static Dictionary<string, string> CreateRsaKeyPair() { var keyPair = new Dictionary<string, string>(); var rsaProvider = new RSACryptoServiceProvider(1024); RSAParameters parameter = rsaProvider.ExportParameters(true); keyPair.Add("PUBLIC", BytesToHexString(parameter.Exponent) + "," + BytesToHexString(parameter.Modulus)); keyPair.Add("PRIVATE", rsaProvider.ToXmlString(true)); return keyPair; } /// <summary> /// RSA解密字符串 /// </summary> /// <param name="encryptData">密文</param> /// <param name="privateKey">私钥</param> /// <returns>明文</returns> public static string DecryptRSA(string encryptData, string privateKey) { string decryptData = ""; try { var provider = new RSACryptoServiceProvider(); provider.FromXmlString(privateKey); byte[] result = provider.Decrypt(HexStringToBytes(encryptData), false); ASCIIEncoding enc = new ASCIIEncoding(); decryptData = enc.GetString(result); } catch (Exception e) { throw new Exception("RSA解密出错!", e); } return decryptData; } private static string BytesToHexString(byte[] input) { StringBuilder hexString = new StringBuilder(64); for (int i = 0; i < input.Length; i++) { hexString.Append(String.Format("{0:X2}", input[i])); } return hexString.ToString(); } public static byte[] HexStringToBytes(string hex) { if (hex.Length == 0) { return new byte[] { 0 }; } if (hex.Length % 2 == 1) { hex = "0" + hex; } byte[] result = new byte[hex.Length / 2]; for (int i = 0; i < hex.Length / 2; i++) { result[i] = byte.Parse(hex.Substring(2 * i, 2), System.Globalization.NumberStyles.AllowHexSpecifier); } return result; } }
在登录的地方生成秘钥:
public ActionResult GetRsaPublicKey() { var rsaKeys = RsaEncrypt.CreateRsaKeyPair(); var key = Guid.NewGuid().ToString(); Session[key] = rsaKeys["PRIVATE"]; var result = new GetRsaPublicKeyResult() { Code = 0, RsaPublicKey = rsaKeys["PUBLIC"], Key = key }; return Json(result,JsonRequestBehavior.AllowGet); }
在对应的页面中,首先引用js,下载地址:http://www.cnblogs.com/csqb-511612371/p/4898437.html
<script src="~/Scripts/RSA/Barrett.js"></script>
<script src="~/Scripts/RSA/BigInt.js"></script>
<script src="~/Scripts/RSA/RSA.js"></script>
在登录的地方,页面加载出来时就生成秘钥,不然登录时再生成秘钥体验不太好:
var getPublicKey = function () { var publicKey = ""; if ($.cookie("publicKey") == undefined || $.cookie("publicKey") === "null") { $.ajax({ url: "/Login/GetRsaPublicKey", type: "get", contentType: "application/x-www-form-urlencoded; charset=utf-8", async: false, data: {}, dataType: "json", success: function (data) { if (data.Code == 0) { publicKey = data.RsaPublicKey + "," + data.Key; $.cookie("publicKey", publicKey);// 此处存储时间应该小于后台缓存时间 } else { return null; } } }); } else { publicKey = $.cookie("publicKey"); } return publicKey;}var rsaEncrypt = function (pwd) { $.cookie("publicKey", null); var publicKey = getPublicKey(); $.easyui.removeLoading(); setMaxDigits(129); var rsaKey = new RSAKeyPair(publicKey.split(",")[0], "", publicKey.split(",")[1]); var pwdRtn = encryptedString(rsaKey, pwd); return pwdRtn + "," + publicKey.split(",")[2];}
在登录时加密:
var rsastr= rsaEncrypt(uPwd);
参数:
txtPass: rsastr.split(",")[0],key:rsastr.split(",")[1]
后台代码中解密:
if (Session[key]!=null) { var privatekey = Session[key].ToString(); txtPass = RsaEncrypt.DecryptRSA(txtPass, privatekey);}
整个过程就完成了!
0 0
- 密码传输中Rsa加密
- RSA加密传输用户名密码--web
- 用RSA加密实现Silverlight登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输
- 用RSA加密实现Web登录密码加密传输(网页口令传输加密)
- 基于RSA的网站登录密码的加密传输
- JS与PHP通过RSA加密传输密码
- WebService RSA加密传输示例
- 高性能、高并发网络通信系统的架构设计
- 垃圾优先型垃圾回收器调优
- Android学习之线程
- 分布式日志收集之Logstash 笔记(一)
- Java 模拟栈结构
- 密码传输中Rsa加密
- JS初级cssText
- android可暂停的录制视频
- tomcat 设置文件指向路径 和发布项目 路径(保证指向同一个项目名)
- centos 安装jdk
- 判断当前服务器mysql是否存活
- Vue.js——vue-resource全攻略
- CUDA之TLP,ILP策略
- TextSwicher