我要评论
end function
'标准的des解密
public shared function decrypt(byval value as string) as string
if value <> "" then
dim cryptoprovider as descryptoserviceprovider = _
new descryptoserviceprovider()
'从字符串转换为字节组
dim buffer as byte() = convert.frombase64string(value)
dim ms as memorystream = new memorystream(buffer)
dim cs as cryptostream = _
new cryptostream(ms, cryptoprovider.createdecryptor(key_64, iv_64), _
cryptostreammode.read)
dim sr as streamreader = new streamreader(cs)
return sr.readtoend()
end if
end function
'triple des加密
public shared function encrypttripledes(byval value as string) as string
if value <> "" then
dim cryptoprovider as tripledescryptoserviceprovider = _
new tripledescryptoserviceprovider()
dim ms as memorystream = new memorystream()
dim cs as cryptostream = _
new cryptostream(ms, cryptoprovider.createencryptor(key_192, iv_192), _
cryptostreammode.write)
dim sw as streamwriter = new streamwriter(cs)
sw.write(value)
sw.flush()
cs.flushfinalblock()
ms.flush()
'再转换为一个字符串
return convert.tobase64string(ms.getbuffer(), 0, ms.length)
end if
end function
'triple des解密
public shared function decrypttripledes(byval value as string) as string
if value <> "" then
dim cryptoprovider as tripledescryptoserviceprovider = _
new tripledescryptoserviceprovider()
'从字符串转换为字节组
dim buffer as byte() = convert.frombase64string(value)
dim ms as memorystream = new memorystream(buffer)
dim cs as cryptostream = _
new cryptostream(ms, cryptoprovider.createdecryptor(key_192, iv_192), _
cryptostreammode.read)
dim sr as streamreader = new streamreader(cs)
return sr.readtoend()
end if
end function
end class
上面我们将一组字节初始化为密钥,并且使用的是数字常量,如果你在实际应用中也这样做,这些字节一定要在0和255之间,这是一个字节允许的范围值。
三、创建一个cookie的应用类
下面我们就创建一个简单的类,来设置和获取cookies。
public class cookieutil
'设置cookie *****************************************************
'settripledesencryptedcookie (只针对密钥和cookie数据)
public shared sub settripledesencryptedcookie(byval key as string, _
byval value as string)
key = cryptoutil.encrypttripledes(key)
value = cryptoutil.encrypttripledes(value)
setcookie(key, value)
end sub
'settripledesencryptedcookie (增加了cookie数据的有效期参数)
public shared sub settripledesencryptedcookie(byval key as string, _
byval value as string, byval expires as date)
key = cryptoutil.encrypttripledes(key)
value = cryptoutil.encrypttripledes(value)
setcookie(key, value, expires)
end sub
'setencryptedcookie(只针对密钥和cookie数据)
public shared sub setencryptedcookie(byval key as string, _
byval value as string)
key = cryptoutil.encrypt(key)
value = cryptoutil.encrypt(value)
setcookie(key, value)
end sub
'setencryptedcookie (增加了cookie数据的有效期参数)
public shared sub setencryptedcookie(byval key as string, _
byval value as string, byval expires as date)
key = cryptoutil.encrypt(key)
value = cryptoutil.encrypt(value)
setcookie(key, value, expires)
end sub
'setcookie (只针对密钥和cookie数据)
public shared sub setcookie(byval key as string, byval value as string)
'编码部分
key = httpcontext.current.server.urlencode(key)
value = httpcontext.current.server.urlencode(value)
dim cookie as httpcookie
cookie = new httpcookie(key, value)
setcookie(cookie)
end sub
'setcookie(增加了cookie数据的有效期参数)
public shared sub setcookie(byval key as string, _
byval value as string, byval expires as date)
'编码部分
key = httpcontext.current.server.urlencode(key)
value = httpcontext.current.server.urlencode(value)
dim cookie as httpcookie
cookie = new httpcookie(key, value)
cookie.expires = expires
setcookie(cookie)
end sub
'setcookie (只针对httpcookie)
public shared sub setcookie(byval cookie as httpcookie)
httpcontext.current.response.cookies.set(cookie)
end sub
'获取cookie *****************************************************
public shared function gettripledesencryptedcookievalue(byval key as string) _
as string
'只对密钥加密
key = cryptoutil.encrypttripledes(key)
'获取cookie值
dim value as string
value = getcookievalue(key)
'解密cookie值
value = cryptoutil.decrypttripledes(value)
return value
end function
public shared function getencryptedcookievalue(byval key as string) as string
'只对密钥加密
key = cryptoutil.encrypt(key)
'获取cookie值
dim value as string
value = getcookievalue(key)
'解密cookie值
value = cryptoutil.decrypt(value)
return value
end function
public shared function getcookie(byval key as string) as httpcookie
'编码密钥
key = httpcontext.current.server.urlencode(key)
return httpcontext.current.request.cookies.get(key)
end function
public shared function getcookievalue(byval key as string) as string
try
'编码在getcookie里完成
'获取cookie值
dim value as string
value = getcookie(key).value
'解码所存储的值
value = httpcontext.current.server.urldecode(value)
return value
catch
end try
end function
end class
上面的设置功能中,有些功能附加提供了cookie有效期这个参数。不设置该参数,cookie将只为浏览器会话才保存在内存中。为了设置永久的cookie,就需要设置有效期参数。
上面我们对密钥和cookies值进行了编码与解码,其原因是cookies与urls有同样的限制,字符“=”和“;”是保留的,不能使用。这在保存加密后的数据时尤其重要,因为加密算法将添加“=”,按所分配块的大小来填满该数据块。
好了,你会保护cookies数据了吧?
- 站内搜索
发表评论