[Asp.Net]登录协同工作平台安全解决方案(优化版)
2016-07-22 21:58
856 查看
之前的加密解决方案,随着chrome版本45之后以及edge浏览器之后,无法识别插件。需要变更代码和驱动。 解决方案不变:
HTML:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="DzPlatForm.Logon" %> <%@ Register Assembly="Ext.Net" Namespace="Ext.Net" TagPrefix="ext" %> <html xmlns="http://www.w3.org/1999/xhtml"> <head id="Head1" runat="server"> <title>厦门赛特勒客户关系管理系统</title> <link rel="stylesheet" type="text/css" href="resources/css/main.css" /> <script src="Syunew6.js" type="text/javascript"></script><!--定要包含有我们的UK单元包--> <script type="text/javascript" language="javascript" > //加载皮肤 var setTheme = function () { Ext.net.DirectMethods.GetThemeUrl(cbTheme.getValue(), { success: function (result) { Ext.net.ResourceMgr.setTheme(result); } }); }; //回车出发 document.onkeydown = function (event) { e = event ? event : (window.event ? window.event : null); if (e.keyCode == 13) { //执行的方法 //alert('回车检测到了'); //Ext.net.DirectMethods.Login(); login(); } } var bConnect = 0; function load() { //如果是IE10及以下浏览器,则跳过不处理, if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) return; try { var s_pnp = new SoftKey6W(); s_pnp.Socket_UK.onopen = function () { bConnect = 1; //代表已经连接,用于判断是否安装了客户端服务 } //在使用事件插拨时,注意,一定不要关掉Sockey,否则无法监测事件插拨 s_pnp.Socket_UK.onmessage = function got_packet(Msg) { var PnpData = JSON.parse(Msg.data); if (PnpData.type == "PnpEvent")//如果是插拨事件处理消息 { if (PnpData.IsIn) { alert("UKEY已被插入,被插入的锁的路径是:" + PnpData.DevicePath); } else { alert("UKEY已被拨出,被拨出的锁的路径是:" + PnpData.DevicePath); } } } s_pnp.Socket_UK.onclose = function () { } } catch (e) { alert(e.name + ": " + e.message); return false; } } var digitArray = new Array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'); function toHex(n) { var result = '' var start = true; for (var i = 32; i > 0; ) { i -= 4; var digit = (n >> i) & 0xf; if (!start || digit != 0) { start = false; result += digitArray[digit]; } } return (result == '' ? '0' : result); } var login = function () { var IsCheck = 'N'; if (window.location.host == "117.25.XX.YYY:XXXX") { //如果是IE10及以下浏览器,则使用AVCTIVEX控件的方式 if (navigator.userAgent.indexOf("MSIE") > 0 && !navigator.userAgent.indexOf("opera") > -1) return Handle_IE10(); //判断是否安装了服务程序,如果没有安装提示用户安装 if (bConnect == 0) { window.alert("未能连接服务程序,请确定服务程序是否安装。"); return false; } var DevicePath, ret, n, mylen, ID_1, ID_2, addr; try { //由于是使用事件消息的方式与服务程序进行通讯, //好处是不用安装插件,不分系统及版本,控件也不会被拦截,同时安装服务程序后,可以立即使用,不用重启浏览器 //不好的地方,就是但写代码会复杂一些 var s_simnew1 = new SoftKey6W(); //创建UK类 s_simnew1.Socket_UK.onopen = function () { s_simnew1.ResetOrder(); //这里调用ResetOrder将计数清零,这样,消息处理处就会收到0序号的消息,通过计数及序号的方式,从而生产流程 } //写代码时一定要注意,每调用我们的一个UKEY函数,就会生产一个计数,即增加一个序号,较好的逻辑是一个序号的消息处理中,只调用我们一个UKEY的函数 s_simnew1.Socket_UK.onmessage = function got_packet(Msg) { var UK_Data = JSON.parse(Msg.data); //alert(Msg.data); if (UK_Data.type != "Process") return; //如果不是流程处理消息,则跳过 switch (UK_Data.order) { case 0: { s_simnew1.FindPort(0); //发送命令取UK的路径 } break; //!!!!!重要提示,如果在调试中,发现代码不对,一定要注意,是不是少了break,这个少了是很常见的错误 case 1: { if (UK_Data.LastError != 0) { window.alert("未发现加密锁,请插入加密锁"); s_simnew1.Socket_UK.close(); return false; } DevicePath = UK_Data.return_value; //获得返回的UK的路径 s_simnew1.GetID_1(DevicePath); //发送命令取ID_1 } break; case 2: { if (UK_Data.LastError != 0) { window.alert("返回ID号错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } ID_1 = UK_Data.return_value; //获得返回的UK的ID_1 s_simnew1.GetID_2(DevicePath); //发送命令取ID_2 } break; case 3: { if (UK_Data.LastError != 0) { window.alert("取得ID错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } ID_2 = UK_Data.return_value; //获得返回的UK的ID_2 frmlogin.KeyID.value = toHex(ID_1) + toHex(ID_2); s_simnew1.ContinueOrder(); //为了方便阅读,这里调用了一句继续下一行的计算的命令,因为在这个消息中没有调用我们的函数,所以要调用这个 } break; case 4: { //获取设置在锁中的用户名 //先从地址0读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr = 0; s_simnew1.YRead(addr, 1, "ffffffff", "ffffffff", DevicePath); //发送命令取UK地址0的数据 } break; case 5: { if (UK_Data.LastError != 0) { window.alert("读数据时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } s_simnew1.GetBuf(0); //发送命令从数据缓冲区中数据 } break; case 6: { if (UK_Data.LastError != 0) { window.alert("调用GetBuf时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } mylen = UK_Data.return_value; //获得返回的数据缓冲区中数据 //再从地址1读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr = 1; s_simnew1.YReadString(addr, mylen, "ffffffff", "ffffffff", DevicePath); //发送命令从UK地址1中取字符串 } break; case 7: { if (UK_Data.LastError != 0) { window.alert("读取字符串时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } // frmlogin.txtUserName.value = UK_Data.return_value; //获得返回的UK地址1的字符串 //获到设置在锁中的用户密码, //先从地址20读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr = 20; s_simnew1.YRead(addr, 1, "ffffffff", "ffffffff", DevicePath); //发送命令取UK地址20的数据 } break; case 8: { if (UK_Data.LastError != 0) { window.alert("读数据时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } s_simnew1.GetBuf(0); //发送命令从数据缓冲区中数据 } break; case 9: { if (UK_Data.LastError != 0) { window.alert("调用GetBuf时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } mylen = UK_Data.return_value; //获得返回的数据缓冲区中数据 //再从地址21读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr = 21; s_simnew1.YReadString(addr, mylen, "ffffffff", "ffffffff", DevicePath); //发送命令从UK地址21中取字符串 } break; case 10: { if (UK_Data.LastError != 0) { window.alert("读取字符串时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } // frmlogin.txtPassWord.value = UK_Data.return_value; //获得返回的UK中地址21的字符串 //这里返回对随机数的HASH结果 s_simnew1.EncString(frmlogin.rnd.value, DevicePath); //发送命令让UK进行加密操作 } break; case 11: { if (UK_Data.LastError != 0) { window.alert("进行加密运行算时错误,错误码为:" + UK_Data.LastError.toString()); s_simnew1.Socket_UK.close(); return false; } frmlogin.return_EncData.value = UK_Data.return_value; //获得返回的加密后的字符串 //!!!!!注意,这里一定要主动提交, //__doPostBack('Button1', ''); //所有工作处理完成后,关掉Socket s_simnew1.Socket_UK.close(); IsCheck = 'Y'; Ext.net.DirectMethods.Login(IsCheck); } break; } } s_simnew1.Socket_UK.onclose = function () { } return true; } catch (e) { alert(e.name + ": " + e.message); } } else { Ext.net.DirectMethods.Login(IsCheck); } } function Handle_IE10() { var DevicePath, ret, n, mylen; try { //建立操作我们的锁的控件对象,用于操作我们的锁 var s_simnew1; //创建控件 s_simnew1 = new ActiveXObject("Syunew6A.s_simnew6"); //查找是否存在锁,这里使用了FindPort函数 DevicePath = s_simnew1.FindPort(0); if (s_simnew1.LastError != 0) { window.alert("未发现加密锁,请插入加密锁。"); return false; } //'读取锁的ID frmlogin.KeyID.value = toHex(s_simnew1.GetID_1(DevicePath)) + toHex(s_simnew1.GetID_2(DevicePath)); if (s_simnew1.LastError != 0) { window.alert("返回ID号错误,错误码为:" + s_simnew1.LastError.toString()); return false; } //获取设置在锁中的用户名 //先从地址0读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" ret = s_simnew1.YRead(0, 1, "ffffffff", "ffffffff", DevicePath); mylen = s_simnew1.GetBuf(0); //再从地址1读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" frmlogin.UserName.value = s_simnew1.YReadString(1, mylen, "ffffffff", "ffffffff", DevicePath); if (s_simnew1.LastError != 0) { window.alert("读取用户名时错误,错误码为:" + s_simnew1.LastError.toString()); return false; } //获到设置在锁中的用户密码, //先从地址20读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" ret = s_simnew1.YRead(20, 1, "ffffffff", "ffffffff", DevicePath); mylen = s_simnew1.GetBuf(0); //再从地址21读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" frmlogin.Password.value = s_simnew1.YReadString(21, mylen, "ffffffff", "ffffffff", DevicePath); if (s_simnew1.LastError != 0) { window.alert("读取用户密码时错误,错误码为:" + s_simnew1.LastError.toString()); return false; } //这里返回对随机数的HASH结果 frmlogin.return_EncData.value = s_simnew1.EncString(frmlogin.rnd.value, DevicePath); if (s_simnew1.LastError != 0) { window.alert("进行加密运行算时错误,错误码为:" + s_simnew1.LastError.toString()); return false; } //!!!!!注意,这里一定要主动提交, //__doPostBack('Button1', ''); } catch (e) { alert(e.name + ": " + e.message + "。可能是没有安装相应的控件或插件"); } return true; } </script> <script type="text/javascript" language="javascript"> function reloadCode() { var obj = document.getElementById('imgCode'); obj.src = "VerifyCode.aspx?"; } </script> </head> <body onload="load()"> <form id="frmlogin" runat="server"> <ext:ResourceManager ID="ResourceManager1" runat="server"> </ext:ResourceManager> <ext:Window ID="WinLogin" runat="server" Collapsible="false" Height="270" Icon="PackageGreen" Title="系统登录" Width="300" Draggable="false" Resizable="false" Closable="false" Modal="true" Layout="FormLayout" ButtonAlign="Right" LabelAlign="Right" > <Items> <ext:Panel ID="p1" runat="server" Border="false" Height="70" BodyStyle="background-color:transparent;" > <Items> <ext:Image ID="imgbg" runat="server" ImageUrl="../resources/images/HeaderLogo.jpg" AnchorHorizontal="100%" Width="300" /> </Items> </ext:Panel> <ext:TextField ID="txtUserName" runat="server" FieldLabel="用户名" AllowBlank="false" LabelWidth="120" Width="300" EmptyText="请输入账号" AnchorHorizontal="80%" > </ext:TextField> <ext:TextField ID="txtPassWord" runat="server" FieldLabel="密 码" AllowBlank="false" LabelWidth="120" Width="110" InputType="Password" EmptyText="请输入密码" AnchorHorizontal="80%"> </ext:TextField> <ext:TextField ID="txtVerifyCode" runat="server" FieldLabel="验证码" AllowBlank="false" LabelWidth="120" Width="110" EmptyText="验证码" > </ext:TextField> <ext:Panel ID="Panel11" runat="server" Border="false" Height="50" BodyStyle="background-color:transparent;padding:0px 0px 6px 0px;"> <Content> <table style="width: 100%;"> <tr> <td style="width: 100px;"> </td> <td> <img id="imgCode" width="110" height="30" src="VerifyCode.aspx?" alt="看不清?点击更换" onclick="this.src=this.src+'?'" /> </td> <td style="font-size: 10pt;"> 看不清?点击图片更换 </td> </tr> <tr> <td colspan="3" style="font-size: 10pt; " align="center" > 运行环境:建议使用Chrome,IE8+浏览器,1024*768分辨率以上 </td> </tr> </table> </Content> </ext:Panel> </Items> <Buttons> <ext:Button ID="btnlogin" runat="Server" Text="登陆" Icon="Tick" > <Listeners> <Click Fn="login" /> </Listeners> </ext:Button> </Buttons> </ext:Window> <ext:TaskManager ID="TaskManager1" runat="server"> <Tasks> <ext:Task TaskID="Task1" Interval="1000" AutoRun="false"> <DirectEvents> <Update OnEvent="RefreshProgress" /> </DirectEvents> </ext:Task> </Tasks> </ext:TaskManager> <asp:HiddenField ID="KeyID" runat="server" ></asp:HiddenField> <asp:HiddenField ID="rnd" runat="server" ></asp:HiddenField> <asp:HiddenField ID="return_EncData" runat="server" ></asp:HiddenField> </form> </body> </html>
JS:
function SoftKey6W() { var u = document.URL; var url; if (u.substring(0, 5) == "https") { url = "wss://127.0.0.1:4007/xxx"; } else { url = "ws://127.0.0.1:4007/xxx"; } var Socket_UK; if (typeof MozWebSocket != "undefined") { Socket_UK = new MozWebSocket(url, "usbkey-protocol"); } else { this.Socket_UK = new WebSocket(url, "usbkey-protocol"); } this.FindPort = function (start) { var msg = { FunName: "FindPort", start: start }; this.Socket_UK.send(JSON.stringify(msg)); }; this.FindPort_2 = function (start, in_data, verf_data) { var msg = { FunName: "FindPort_2", start: start, in_data: in_data, verf_data: verf_data }; this.Socket_UK.send(JSON.stringify(msg)); }; this.FindPort_3 = function (start, in_data, verf_data) { var msg = { FunName: "FindPort_3", start: start, in_data: in_data, verf_data: verf_data }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetVersion = function (Path) { var msg = { FunName: "GetVersion", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetVersionEx = function (Path) { var msg = { FunName: "GetVersionEx", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetID_1 = function (Path) { var msg = { FunName: "GetID_1", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetID_2 = function (Path) { var msg = { FunName: "GetID_2", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sRead = function (Path) { var msg = { FunName: "sRead", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWrite = function (InData, Path) { var msg = { FunName: "sWrite", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWrite_2 = function (InData, Path) { var msg = { FunName: "sWrite_2", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWrite_2Ex = function (InData, Path) { var msg = { FunName: "sWrite_2Ex", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWriteEx = function (InData, Path) { var msg = { FunName: "sWriteEx", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWriteEx_New = function (InData, Path) { var msg = { FunName: "sWriteEx_New", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.sWrite_2Ex_New = function (InData, Path) { var msg = { FunName: "sWrite_2Ex_New", InData: InData, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetBuf = function (InData, pos) { var msg = { FunName: "SetBuf", InData: InData, pos: pos }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetBuf = function (pos) { var msg = { FunName: "GetBuf", pos: pos }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YRead = function (Address, len, HKey, LKey, Path) { var msg = { FunName: "YRead", Address: Address, len: len, HKey: HKey, LKey: LKey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YWrite = function (Address, len, HKey, LKey, Path) { var msg = { FunName: "YWrite", Address: Address, len: len, HKey: HKey, LKey: LKey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YReadString = function (Address, len, HKey, LKey, Path) { var msg = { FunName: "YReadString", Address: Address, len: len, HKey: HKey, LKey: LKey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YWriteString = function (InString, Address, HKey, LKey, Path) { var msg = { FunName: "YWriteString", InString: InString, Address: Address, HKey: HKey, LKey: LKey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetWritePassword = function (W_Hkey, W_Lkey, new_Hkey, new_Lkey, Path) { var msg = { FunName: "SetWritePassword", W_Hkey: W_Hkey, W_Lkey: W_Lkey, new_Hkey: new_Hkey, new_Lkey: new_Lkey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetReadPassword = function (W_Hkey, W_Lkey, new_Hkey, new_Lkey, Path) { var msg = { FunName: "SetReadPassword", W_Hkey: W_Hkey, W_Lkey: W_Lkey, new_Hkey: new_Hkey, new_Lkey: new_Lkey, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.DecString = function (InString, Key) { var msg = { FunName: "DecString", InString: InString, Key: Key }; this.Socket_UK.send(JSON.stringify(msg)); }; this.EncString = function (InString, Path) { var msg = { FunName: "EncString", InString: InString, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.EncString_New = function (InString, Path) { var msg = { FunName: "EncString_New", InString: InString, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.Cal = function (Path) { var msg = { FunName: "Cal", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.Cal_New = function (Path) { var msg = { FunName: "Cal_New", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetCal_2 = function (Key, Path) { var msg = { FunName: "SetCal_2", Key: Key, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetCal_New = function (Key, Path) { var msg = { FunName: "SetCal_New", Key: Key, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetEncBuf = function (InData, pos) { var msg = { FunName: "SetEncBuf", InData: InData, pos: pos }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetEncBuf = function (pos) { var msg = { FunName: "GetEncBuf", pos: pos }; this.Socket_UK.send(JSON.stringify(msg)); }; this.ReSet = function (Path) { var msg = { FunName: "ReSet", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.MacAddr = function () { var msg = { FunName: "MacAddr" }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetChipID = function (Path) { var msg = { FunName: "GetChipID", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.StarGenKeyPair = function (Path) { var msg = { FunName: "StarGenKeyPair", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GenPubKeyY = function () { var msg = { FunName: "GenPubKeyY" }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GenPubKeyX = function () { var msg = { FunName: "GenPubKeyX" }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GenPriKey = function () { var msg = { FunName: "GenPriKey" }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetPubKeyY = function (Path) { var msg = { FunName: "GetPubKeyY", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetPubKeyX = function (Path) { var msg = { FunName: "GetPubKeyX", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.GetSm2UserName = function (Path) { var msg = { FunName: "GetSm2UserName", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.Set_SM2_KeyPair = function (PriKey, PubKeyX, PubKeyY, sm2UserName, Path) { var msg = { FunName: "Set_SM2_KeyPair", PriKey: PriKey, PubKeyX: PubKeyX, PubKeyY: PubKeyY, sm2UserName: sm2UserName, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YtSign = function (SignMsg, Pin, Path) { var msg = { FunName: "YtSign", SignMsg: SignMsg, Pin: Pin, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YtSign_2 = function (SignMsg, Pin, Path) { var msg = { FunName: "YtSign_2", SignMsg: SignMsg, Pin: Pin, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YtVerfiy = function (id, SignMsg, PubKeyX, PubKeyY, VerfiySign, Path) { var msg = { FunName: "YtVerfiy", id: id, SignMsg: SignMsg, PubKeyX: PubKeyX, PubKeyY: PubKeyY, VerfiySign: VerfiySign, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SM2_DecString = function (InString, Pin, Path) { var msg = { FunName: "SM2_DecString", InString: InString, Pin: Pin, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SM2_EncString = function (InString, Path) { var msg = { FunName: "SM2_EncString", InString: InString, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.YtSetPin = function (OldPin, NewPin, Path) { var msg = { FunName: "YtSetPin", OldPin: OldPin, NewPin: NewPin, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.FindU = function (start) { var msg = { FunName: "FindU", start: start }; this.Socket_UK.send(JSON.stringify(msg)); }; this.FindU_2 = function (start, in_data, verf_data) { var msg = { FunName: "FindU_2", start: start, in_data: in_data, verf_data: verf_data }; this.Socket_UK.send(JSON.stringify(msg)); }; this.FindU_3 = function (start, in_data, verf_data) { var msg = { FunName: "FindU_3", start: start, in_data: in_data, verf_data: verf_data }; this.Socket_UK.send(JSON.stringify(msg)); }; this.IsUReadOnly = function (Path) { var msg = { FunName: "IsUReadOnly", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetUReadOnly = function (Path) { var msg = { FunName: "SetUReadOnly", Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.SetHidOnly = function (IsHidOnly, Path) { var msg = { FunName: "SetHidOnly", IsHidOnly: IsHidOnly, Path: Path }; this.Socket_UK.send(JSON.stringify(msg)); }; this.ResetOrder = function () { var msg = { FunName: "ResetOrder" }; this.Socket_UK.send(JSON.stringify(msg)); } this.ContinueOrder = function () { var msg = { FunName: "ContinueOrder" }; this.Socket_UK.send(JSON.stringify(msg)); } }
C#
String strData, m_StrEnc, Key, Flag; Flag = IsCheck; //Key:即增强算法密钥,这个要与设置在加密锁中的密钥一致 //增强算法密钥可以是每一把都不相同,也可以是都相同,如果是不相同的可以根据用户名在从数据库中获取对应的增强算法密钥,可以根据安全性及自身具体情况而定,这里使用了一个固定的值 // Key = "1234567890ABCDEF1234567890ABCDEF"; Key = idf.UkeyCode; //strData:要进行加密的数据 strData = rnd.Value.Trim();//Session["rnd"].ToString(); //'在服务器端对数据进行加密运算 m_StrEnc = Global.m_softkey.StrEnc(strData, Key); //比较客户端加密锁返回的加密结果与服务端的加密结果是否相符,如果相符就认为是合法用户,由于使用了随机数,从而实现了一次一密的高安全性,可以用于高安全性的身份验证 //这里在服务器端对随机数进行同样的加密运算 if (Flag == "N")//内网不需要比对 { Response.Redirect("Index.aspx"); } else { if (m_StrEnc == return_EncData.Value) { Response.Redirect("Index.aspx"); } else { Notification.Show(new NotificationConfig { Title = "提醒", Icon = Icon.Information, Html = "<font style='color:red;'>此UKEY与输入的用户不匹配!</font>" }); } }
相关文章推荐
- asp.net总结
- ASP.NET的三种开发模式
- sqlserver+asp.net+devextreme从零开始(1)
- Exception Handling in ASP.NET Web API webapi异常处理
- Asp.Net MVC2.0 Url 路由入门---实例篇
- Raspberry Pi 3安装配置Raspbian过程(2)
- 为iis设置用户
- vs 序列号密钥
- ASP.NET CORE 1.0 MVC API 文档用 SWASHBUCKLE SWAGGER实现
- ASP.NET服务器端控件RadioButtonList,DropDownList,CheckBoxList的取值、赋值用法
- FastReport.Net 在asp.net MVC中的运用
- org.aspectj.lang.JoinPoint-中文简要API
- ASP.NET MVC中前台页面提交数据到后台控制器
- AspectJ的切入点表达式---execution表达式详解
- asp.net解决高并发的方案.[转]
- Raspbian常见指令笔记
- ASP.NET Core 中文文档 第三章 原理(3)静态文件处理
- asp.net mvc 提交model 接收不了
- 配置asp.net网站的错误页
- hjr-ASP.NET:关于路由