欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

用ASP.NET加密Cookie數(shù)據(jù)(圖)

互聯(lián)網(wǎng)   發(fā)布時間:2008-10-08 19:02:40   作者:佚名   我要評論
Cookie確實在WEB應用方面為訪問者和編程者都提供了方便,然而從安全方面考慮是有問題的,首先,Cookie數(shù)據(jù)包含在HTTP請求和響應的包頭里透明地傳遞,也就是說聰明的人是能清清楚楚看到這些數(shù)據(jù)的。其次,Cookie數(shù)據(jù)以Cookie文件格式存儲在瀏覽者計算機的cache目錄里,其中
End Function
'標準的DES解密
Public Shared Function Decrypt(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As DESCryptoServiceProvider = _
New DESCryptoServiceProvider()
'從字符串轉換為字節(jié)組
Dim buffer As Byte() = Convert.FromBase64String(value)
Dim ms As MemoryStream = New MemoryStream(buffer)
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), _
CryptoStreamMode.Read)
Dim sr As StreamReader = New StreamReader(cs)
Return sr.ReadToEnd()
End If
End Function
'TRIPLE DES加密
Public Shared Function EncryptTripleDES(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As TripleDESCryptoServiceProvider = _
New TripleDESCryptoServiceProvider()
Dim ms As MemoryStream = New MemoryStream()
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_192, IV_192), _
CryptoStreamMode.Write)
Dim sw As StreamWriter = New StreamWriter(cs)
sw.Write(value)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
'再轉換為一個字符串
Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)
End If
End Function
'TRIPLE DES解密
Public Shared Function DecryptTripleDES(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As TripleDESCryptoServiceProvider = _
New TripleDESCryptoServiceProvider()
'從字符串轉換為字節(jié)組
Dim buffer As Byte() = Convert.FromBase64String(value)
Dim ms As MemoryStream = New MemoryStream(buffer)
Dim cs As CryptoStream = _
New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_192, IV_192), _
CryptoStreamMode.Read)
Dim sr As StreamReader = New StreamReader(cs)
Return sr.ReadToEnd()
End If
End Function
End Class
上面我們將一組字節(jié)初始化為密鑰,并且使用的是數(shù)字常量,如果你在實際應用中也這樣做,這些字節(jié)一定要在0和255之間,這是一個字節(jié)允許的范圍值。
三、創(chuàng)建一個Cookie的應用類
下面我們就創(chuàng)建一個簡單的類,來設置和獲取Cookies。
Public Class CookieUtil
'設置COOKIE *****************************************************
'SetTripleDESEncryptedCookie (只針對密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _
ByVal value As String)
key = CryptoUtil.EncryptTripleDES(key)
value = CryptoUtil.EncryptTripleDES(value)
SetCookie(key, value)
End Sub
'SetTripleDESEncryptedCookie (增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
key = CryptoUtil.EncryptTripleDES(key)
value = CryptoUtil.EncryptTripleDES(value)
SetCookie(key, value, expires)
End Sub
'SetEncryptedCookie(只針對密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetEncryptedCookie(ByVal key As String, _
ByVal value As String)
key = CryptoUtil.Encrypt(key)
value = CryptoUtil.Encrypt(value)
SetCookie(key, value)
End Sub
'SetEncryptedCookie (增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetEncryptedCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
key = CryptoUtil.Encrypt(key)
value = CryptoUtil.Encrypt(value)
SetCookie(key, value, expires)
End Sub
'SetCookie (只針對密鑰和Cookie數(shù)據(jù))
Public Shared Sub SetCookie(ByVal key As String, ByVal value As String)
'編碼部分
key = HttpContext.Current.Server.UrlEncode(key)
value = HttpContext.Current.Server.UrlEncode(value)
Dim cookie As HttpCookie
cookie = New HttpCookie(key, value)
SetCookie(cookie)
End Sub
'SetCookie(增加了Cookie數(shù)據(jù)的有效期參數(shù))
Public Shared Sub SetCookie(ByVal key As String, _
ByVal value As String, ByVal expires As Date)
'編碼部分
key = HttpContext.Current.Server.UrlEncode(key)
value = HttpContext.Current.Server.UrlEncode(value)
Dim cookie As HttpCookie
cookie = New HttpCookie(key, value)
cookie.Expires = expires
SetCookie(cookie)
End Sub
'SetCookie (只針對HttpCookie)
Public Shared Sub SetCookie(ByVal cookie As HttpCookie)
HttpContext.Current.Response.Cookies.Set(cookie)
End Sub
'獲取COOKIE *****************************************************
Public Shared Function GetTripleDESEncryptedCookieValue(ByVal key As String) _
As String
'只對密鑰加密
key = CryptoUtil.EncryptTripleDES(key)
'獲取Cookie值
Dim value As String
value = GetCookieValue(key)
'解密Cookie值
value = CryptoUtil.DecryptTripleDES(value)
Return value
End Function
Public Shared Function GetEncryptedCookieValue(ByVal key As String) As String
'只對密鑰加密
key = CryptoUtil.Encrypt(key)
'獲取Cookie值
Dim value As String
value = GetCookieValue(key)
'解密Cookie值
value = CryptoUtil.Decrypt(value)
Return value
End Function
Public Shared Function GetCookie(ByVal key As String) As HttpCookie
'編碼密鑰
key = HttpContext.Current.Server.UrlEncode(key)
Return HttpContext.Current.Request.Cookies.Get(key)
End Function
Public Shared Function GetCookieValue(ByVal key As String) As String
Try
'編碼在GetCookie里完成
'獲取Cookie值
Dim value As String
value = GetCookie(key).Value
'解碼所存儲的值
value = HttpContext.Current.Server.UrlDecode(value)
Return value
Catch
End Try
End Function
End Class
上面的設置功能中,有些功能附加提供了Cookie有效期這個參數(shù)。不設置該參數(shù),Cookie將只為瀏覽器會話才保存在內存中。為了設置永久的Cookie,就需要設置有效期參數(shù)。
上面我們對密鑰和Cookies值進行了編碼與解碼,其原因是Cookies與URLs有同樣的限制,字符“=”和“;”是保留的,不能使用。這在保存加密后的數(shù)據(jù)時尤其重要,因為加密算法將添加“=”,按所分配塊的大小來填滿該數(shù)據(jù)塊。
好了,你會保護Cookies數(shù)據(jù)了吧?

相關文章

最新評論