亚洲乱码中文字幕综合,中国熟女仑乱hd,亚洲精品乱拍国产一区二区三区,一本大道卡一卡二卡三乱码全集资源,又粗又黄又硬又爽的免费视频

用ASP.NET加密Cookie數(shù)據(jù)(圖)

互聯(lián)網(wǎng)   發(fā)布時(shí)間:2008-10-08 19:02:40   作者:佚名   我要評(píng)論
Cookie確實(shí)在WEB應(yīng)用方面為訪問(wèn)者和編程者都提供了方便,然而從安全方面考慮是有問(wèn)題的,首先,Cookie數(shù)據(jù)包含在HTTP請(qǐng)求和響應(yīng)的包頭里透明地傳遞,也就是說(shuō)聰明的人是能清清楚楚看到這些數(shù)據(jù)的。其次,Cookie數(shù)據(jù)以Cookie文件格式存儲(chǔ)在瀏覽者計(jì)算機(jī)的cache目錄里,其中
End Function
'標(biāo)準(zhǔn)的DES解密
Public Shared Function Decrypt(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As DESCryptoServiceProvider = _
New DESCryptoServiceProvider()
'從字符串轉(zhuǎn)換為字節(jié)組
Dim buffer As Byte() = Convert.FromBase64String(value)
Dim ms As MemoryStream = New MemoryStream(buffer)
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), _
CryptoStreamMode.Read)
Dim sr As StreamReader = New StreamReader(cs)
Return sr.ReadToEnd()
End If
End Function
'TRIPLE DES加密
Public Shared Function EncryptTripleDES(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As TripleDESCryptoServiceProvider = _
New TripleDESCryptoServiceProvider()
Dim ms As MemoryStream = New MemoryStream()
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_192, IV_192), _
CryptoStreamMode.Write)
Dim sw As StreamWriter = New StreamWriter(cs)
sw.Write(value)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
'再轉(zhuǎn)換為一個(gè)字符串
Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)
End If
End Function
'TRIPLE DES解密
Public Shared Function DecryptTripleDES(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As TripleDESCryptoServiceProvider = _
New TripleDESCryptoServiceProvider()
'從字符串轉(zhuǎn)換為字節(jié)組
Dim buffer As Byte() = Convert.FromBase64String(value)
Dim ms As MemoryStream = New MemoryStream(buffer)
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_192, IV_192), _
CryptoStreamMode.Read)
Dim sr As StreamReader = New StreamReader(cs)
Return sr.ReadToEnd()
End If
End Function
End Class
上面我們將一組字節(jié)初始化為密鑰,并且使用的是數(shù)字常量,如果你在實(shí)際應(yīng)用中也這樣做,這些字節(jié)一定要在0和255之間,這是一個(gè)字節(jié)允許的范圍值。
三、創(chuàng)建一個(gè)Cookie的應(yīng)用類
下面我們就創(chuàng)建一個(gè)簡(jiǎn)單的類,來(lái)設(shè)置和獲取Cookies。
Public Class CookieUtil
'設(shè)置COOKIE *****************************************************
'SetTripleDESEncryptedCookie (只針對(duì)密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _
ByVal value As String)
key = CryptoUtil.EncryptTripleDES(key)
value = CryptoUtil.EncryptTripleDES(value)
SetCookie(key, value)
End Sub
'SetTripleDESEncryptedCookie (增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
key = CryptoUtil.EncryptTripleDES(key)
value = CryptoUtil.EncryptTripleDES(value)
SetCookie(key, value, expires)
End Sub
'SetEncryptedCookie(只針對(duì)密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetEncryptedCookie(ByVal key As String, _
ByVal value As String)
key = CryptoUtil.Encrypt(key)
value = CryptoUtil.Encrypt(value)
SetCookie(key, value)
End Sub
'SetEncryptedCookie (增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetEncryptedCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
key = CryptoUtil.Encrypt(key)
value = CryptoUtil.Encrypt(value)
SetCookie(key, value, expires)
End Sub
'SetCookie (只針對(duì)密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetCookie(ByVal key As String, ByVal value As String)
'編碼部分
key = HttpContext.Current.Server.UrlEncode(key)
value = HttpContext.Current.Server.UrlEncode(value)
Dim cookie As HttpCookie
cookie = New HttpCookie(key, value)
SetCookie(cookie)
End Sub
'SetCookie(增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
'編碼部分
key = HttpContext.Current.Server.UrlEncode(key)
value = HttpContext.Current.Server.UrlEncode(value)
Dim cookie As HttpCookie
cookie = New HttpCookie(key, value)
cookie.Expires = expires
SetCookie(cookie)
End Sub
'SetCookie (只針對(duì)HttpCookie)
Public Shared Sub SetCookie(ByVal cookie As HttpCookie)
HttpContext.Current.Response.Cookies.Set(cookie)
End Sub
'獲取COOKIE *****************************************************
Public Shared Function GetTripleDESEncryptedCookieValue(ByVal key As String) _
As String
'只對(duì)密鑰加密
key = CryptoUtil.EncryptTripleDES(key)
'獲取Cookie值
Dim value As String
value = GetCookieValue(key)
'解密Cookie值
value = CryptoUtil.DecryptTripleDES(value)
Return value
End Function
Public Shared Function GetEncryptedCookieValue(ByVal key As String) As String
'只對(duì)密鑰加密
key = CryptoUtil.Encrypt(key)
'獲取Cookie值
Dim value As String
value = GetCookieValue(key)
'解密Cookie值
value = CryptoUtil.Decrypt(value)
Return value
End Function
Public Shared Function GetCookie(ByVal key As String) As HttpCookie
'編碼密鑰
key = HttpContext.Current.Server.UrlEncode(key)
Return HttpContext.Current.Request.Cookies.Get(key)
End Function
Public Shared Function GetCookieValue(ByVal key As String) As String
Try
'編碼在GetCookie里完成
'獲取Cookie值
Dim value As String
value = GetCookie(key).Value
'解碼所存儲(chǔ)的值
value = HttpContext.Current.Server.UrlDecode(value)
Return value
Catch
End Try
End Function
End Class
上面的設(shè)置功能中,有些功能附加提供了Cookie有效期這個(gè)參數(shù)。不設(shè)置該參數(shù),Cookie將只為瀏覽器會(huì)話才保存在內(nèi)存中。為了設(shè)置永久的Cookie,就需要設(shè)置有效期參數(shù)。
上面我們對(duì)密鑰和Cookies值進(jìn)行了編碼與解碼,其原因是Cookies與URLs有同樣的限制,字符“=”和“;”是保留的,不能使用。這在保存加密后的數(shù)據(jù)時(shí)尤其重要,因?yàn)榧用芩惴▽⑻砑印?”,按所分配塊的大小來(lái)填滿該數(shù)據(jù)塊。
好了,你會(huì)保護(hù)Cookies數(shù)據(jù)了吧?

相關(guān)文章

最新評(píng)論