最主要是我這邊提出來的加密方式的輸出結果,可以符合ASP.NET的ValidateRequest的限制。
至於ValidateRequest的限制可以參考下面兩個網址。
http://www.microsoft.com/taiwan/msdn/library/2004/Mar-2004/ScriptingProtection.htm
http://www.microsoft.com/taiwan/msdn/library/2005/Mar-2005/securitybarriers.htm
Imports System.Text
Imports System.IO
Imports System.Security.Cryptography
Public Class Encrypt
Public Shared Function BAToHS(ByVal Datas As Byte()) As String
Dim str As String
Try
Dim str2 As String = ""
Dim str3 As String = ""
Dim num2 As Long = (vabytData.Length - 1)
Dim i As Long = 0
Do While (i <= num2)
str3 = Convert.ToByte(vabytData(CInt(i))).ToString("x")
If (str3.Length = 1) Then
str3 = ("0" & str3)
End If
str2 = (str2 & str3)
i = (i + 1)
Loop
str = str2
Catch exception1 As Exception
Throw
End Try
Return str
End Function
Public Shared Function BAToUS(ByVal vabytData As Byte()) As String
Dim str As String
Try
Dim encoding As New UnicodeEncoding
str = String.Concat(New String() {New String(encoding.GetChars(vabytData))})
Catch exception1 As Exception
Throw
End Try
Return str
End Function
Public Shared Function DESDecrypt(ByVal vstrEncryptedData As String, ByVal vabytKey As Byte(), ByVal vabytIV As Byte()) As String
Return Encrypt.BAToUS(Encrypt.DESDecrypt(Encrypt.HexStrToByteArray(vstrEncryptedData), vabytKey, vabytIV))
End Function
Public Shared Function DESDecrypt(ByVal vabytEncryptedData As Byte(), ByVal vabytKey As Byte(), ByVal vabytIV As Byte()) As Byte()
Dim stream2 As New MemoryStream
Dim provider As New DESCryptoServiceProvider
Dim stream As New CryptoStream(stream2, provider.CreateDecryptor(vabytKey, vabytIV), CryptoStreamMode.Write)
stream.Write(vabytEncryptedData, 0, vabytEncryptedData.Length)
stream.Close()
Return stream2.ToArray
End Function
Public Shared Function DESEncrypt(ByVal vabytSource As Byte(), ByVal vabytKey As Byte(), ByVal vabytIV As Byte()) As Byte()
Dim stream2 As New MemoryStream
Dim provider As New DESCryptoServiceProvider
Dim stream As New CryptoStream(stream2, provider.CreateEncryptor(vabytKey, vabytIV), CryptoStreamMode.Write)
stream.Write(vabytSource, 0, vabytSource.Length)
stream.Close()
Return stream2.ToArray
End Function
Public Shared Function DESEncrypt(ByVal vstrSource As String, ByVal vabytKey As Byte(), ByVal vabytIV As Byte()) As String
Return Encrypt.BAToHS(Encrypt.DESEncrypt(Encrypt.UniStrToByteArray(vstrSource), vabytKey, vabytIV))
End Function
Public Shared Function HSToBA(ByVal vstrData As String) As Byte()
Dim buffer As Byte()
Try
Dim num2 As Long = CLng(Math.Round(CDbl((CDbl(vstrData.Length) / 2))))
Dim buffer2 As Byte() = New Byte((CInt((num2 - 1)) + 1) - 1) {}
Dim num3 As Long = (num2 - 1)
Dim i As Long = 0
Do While (i <= num3)
Dim str As String = vstrData.Substring(CInt((i * 2)), 2)
buffer2(CInt(i)) = Convert.ToByte(str, &H10)
i = (i + 1)
Loop
buffer = buffer2
Catch exception1 As Exception
Throw
End Try
Return buffer
End Function
Public Shared Function USToBA(ByVal vstrFrom As String) As Byte()
Dim bytes As Byte()
Try
bytes = New UnicodeEncoding().GetBytes(vstrFrom)
Catch exception1 As Exception
Throw
End Try
Return bytes
End Function
End Class
上面這一段是編碼的Class,下面至一段是說明如何使用它
加密:
Encrypt.DESEncrypt("要編碼的文字", Encrypt.USToBA("KEY1"),Encrypt.USToBA("KEY2"))
解密:
Encrypt.DESDecrypt("要編碼的文字", Encrypt.USToBA("KEY1"),Encrypt.USToBA("KEY2"))
KEY1和KEY2是編碼時,對應的Key值,可以修改,但限定只能夠4碼,修改時記得要相對應!
以上這一些就是編碼的寫法跟用法了,至於如何套用到URL的編碼,各位可以依照自己的專案特性,來加以應用摟~~
另外還有一點就是各位比較關心的,就是用這樣的編碼出來的輸出結果到底有甚麼限制呢?
它編碼出來的規格是
輸出字元:0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f
每個字元的輸出位元:固定16碼(不管是中文或是英文)
沒有留言:
張貼留言