主题:  ASP.NET中密码保护,MD5和SHA1算法的使用

niekui

职务:普通成员
等级:1
金币:1.0
发贴:10
#12005/3/19 6:33:43
ASP.NET中密码保护,MD5和SHA1算法的使用
你的主页或者你管理的网站有各种密码需要保护,把密码直接放在数据库或者文件中存在不少安全隐患,所以密码加密后存储是最常见的做法。在ASP.NET中实现加密非常容易。.NET SDK中提供了CookieAuthentication类,其中的HashPasswordForStoringInConfigFile方法可直接使用MD5和SHA1算法。例子如下:
file: encrypting.aspx
<%@ Page language="c#" Codebehind="encrypting.cs" AutoEventWireup="false" Inherits="encrypting.encrypting" %>
<html><head>
  <meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">
  <meta name="CODE_LANGUAGE" Content="C#"></head>
 <body>

  <form method="post" runat="server">
<p>&nbsp;</p>
<p>
<asp:TextBox id=TextBox1 runat="server"></asp:TextBox>
<asp:Button id=Button1 runat="server" Text="encrypting"></asp:Button></p>
<p>Encrypting Password(MD5):
<asp:Label id=MD5 runat="server"></asp:Label></p>
   </form>

 </body></html>

file:encrypting.cs

namespace encrypting
{
  using System;
  using System.Collections;
  using System.ComponentModel;
  using System.Data;
  using System.Drawing;
  using System.Web;
  using System.Web.SessionState;
  using System.Web.UI;
  using System.Web.UI.WebControls;
  using System.Web.UI.HtmlControls;
  using System.Web.Security;
  /// <summary>
  ///  Summary description for encrypting.
  /// </summary>
  public class encrypting : System.Web.UI.Page
  {
 protected System.Web.UI.WebControls.Label MD5;
 protected System.Web.UI.WebControls.Button Button1;
 protected System.Web.UI.WebControls.TextBox TextBox1;

public encrypting()
{
   Page.Init += new System.EventHandler(Page_Init);
    }
    protected void Page_Load(object sender, EventArgs e)
    {
      if (!IsPostBack)
      {
        //
        // Evals true first time browser hits the page
        //
      }
    }
    protected void Page_Init(object sender, EventArgs e)
    {
      //
      // CODEGEN: This call is required by the ASP+ Windows Form Designer.
      //
      InitializeComponent();
    }
    /// <summary>
    ///  Required method for Designer support - do not modify
    ///  the contents of this method with the code editor.
    /// </summary>
    private void InitializeComponent()
 {
  Button1.Click += new System.EventHandler (this.Button1_Click);
  this.Load += new System.EventHandler (this.Page_Load);
 }
 public void Button1_Click (object sender, System.EventArgs e)
 {
  MD5.Text = CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"MD5";
  //SHA1 use CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"SHA1";
 }
  }
}
注意:类CookieAuthentication的namespace是System.Web.Security。

编辑历史:[此帖最近一次被 allinhands 编辑过(编辑时间:2005-03-19 09:55:25)]


风花雪夜

职务:普通成员
等级:1
金币:0.0
发贴:53
#22005/3/19 13:48:38
niekui在上个帖子中说
引用:
ASP.NET中密码保护,MD5和SHA1算法的使用
你的主页或者你管理的网站有各种密码需要保护,把密码直接放在数据库或者文件中存在不少安全隐患,所以密码加密后存储是最常见的做法。在ASP.NET中实现加密非常容易。.NET SDK中提供了CookieAuthentication类,其中的HashPasswordForStoringInConfigFile方法可直接使用MD5和SHA1算法。例子如下:
file: encrypting.aspx
<%@ Page language="c#" Codebehind="encrypting.cs" AutoEventWireup="false" Inherits="encrypting.encrypting" %>
<html><head>
  <meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">
  <meta name="CODE_LANGUAGE" Content="C#"></head>
 <body>

  <form method="post" runat="server">
<p>&nbsp;</p>
<p>
<asp:TextBox id=TextBox1 runat="server"></asp:TextBox>
<asp:Button id=Button1 runat="server" Text="encrypting"></asp:Button></p>
<p>Encrypting Password(MD5):
<asp:Label id=MD5 runat="server"></asp:Label></p>
   </form>

 </body></html>

file:encrypting.cs

namespace encrypting
{
  using System;
  using System.Collections;
  using System.ComponentModel;
  using System.Data;
  using System.Drawing;
  using System.Web;
  using System.Web.SessionState;
  using System.Web.UI;
  using System.Web.UI.WebControls;
  using System.Web.UI.HtmlControls;
  using System.Web.Security;
  /// <summary>
  ///  Summary description for encrypting.
  /// </summary>
  public class encrypting : System.Web.UI.Page
  {
 protected System.Web.UI.WebControls.Label MD5;
 protected System.Web.UI.WebControls.Button Button1;
 protected System.Web.UI.WebControls.TextBox TextBox1;

public encrypting()
{
   Page.Init += new System.EventHandler(Page_Init);
    }
    protected void Page_Load(object sender, EventArgs e)
    {
      if (!IsPostBack)
      {
        //
        // Evals true first time browser hits the page
        //
      }
    }
    protected void Page_Init(object sender, EventArgs e)
    {
      //
      // CODEGEN: This call is required by the ASP+ Windows Form Designer.
      //
      InitializeComponent();
    }
    /// <summary>
    ///  Required method for Designer support - do not modify
    ///  the contents of this method with the code editor.
    /// </summary>
    private void InitializeComponent()
 {
  Button1.Click += new System.EventHandler (this.Button1_Click);
  this.Load += new System.EventHandler (this.Page_Load);
 }
 public void Button1_Click (object sender, System.EventArgs e)
 {
  MD5.Text = CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"MD5";
  //SHA1 use CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"SHA1";
 }
  }
}
注意:类CookieAuthentication的namespace是System.Web.Security。