首先我们在客户端进行对数据的加密:这里我们使用的是64位DES加密算法。
设置密钥(Key)和初始值(IV)可放在配置文件中:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
<
appSettings
>
<
add
key
="Key"
value
="fdautoit"
/>
<
add
key
="IV"
value
="FDAUTOIT"
/>
</
appSettings
>
*注:上面的值只有8个字节(64位)
在.cs文件中获取“Key”和“IV”
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
string
Key,Iv;
Key
=
ConfigurationManager.AppSettings[
"
Key
"
];
Iv
=
ConfigurationManager.AppSettings[
"
IV
"
];
定义一个加密方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
string
Encrypt(
string
p_strEncrypt)
{
//
SettheKeyandtheInitialVectorforEncrypt
byte
[]key
=
Encoding.UTF8.GetBytes(Key);
byte
[]iv
=
Encoding.UTF8.GetBytes(Iv);
//
Conventthestringtobyte[]oftheData
byte
[]byteData
=
Encoding.UTF8.GetBytes(p_strEncrypt);
//
SetMemoryspaceforsavetheData
MemoryStreammemoryData
=
new
MemoryStream();
//
//
DESdes=newDESCryptoServiceProvider();
//
RC2des=newRC2CryptoServiceProvider();
//
Rijndaeldes=newRijndaelManaged();
TripleDESdes
=
new
TripleDESCryptoServiceProvider();
des.Key
=
key;
des.IV
=
iv;
des.Mode
=
CipherMode.CBC;
//
CreatetheMethodwiththeKeyandIV
ICryptoTransformtransform
=
des.CreateEncryptor();
//
CreatetheEnCryptstream
CryptoStreamcryptostream
=
new
CryptoStream(memoryData,transform,CryptoStreamMode.Write);
//
writeintotheMemorystream
try
{
cryptostream.Write(byteData,
0
,byteData.Length);
}
catch
{
throw
new
Exception(
"
EncryptDatawrongofthewritetostream!
"
);
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
//
returnmemoryData.ToString();
return
Convert.ToBase64String(memoryData.ToArray());
}
在这个方法返回的是一个加密后的数据。
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
void
ValidServiceMethod()
{
//
EncrypttheusernameandpasswordofSoapHeader
string
m_strName
=
Encrypt(
"
admin
"
,EncryptionAlgorithm.Des);
string
m_strPwd
=
Encrypt(
"
admin
"
,EncryptionAlgorithm.Des);
//
newaSoapHeaderandaWebService
MySoapHeader myheader
=
new
MySoapHeader
();
MyServicemyservice
=
new
MyService();
myheader
.UserName
=
m_strName;
myheader
.PassWord
=
m_strPwd;
//
SettheSoapHeadervalidatetoService
myservice.FDSoapHeaderValue
=
myheader
;
//
CallMethodofwebservice
myservice.GetMoney();
}
这样就完成了加密的过程(用户名,密码,数据可以以参数的形式传入)
在服务 器端同样设置配置文件。这于客户端的是一模一样的。
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
<
appSettings
>
<
add
key
="Key"
value
="fdautoit"
/>
<
add
key
="IV"
value
="FDAUTOIT"
/>
</
appSettings
>
同样在代码文件中获取其值
编写解密方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
string
Decrypt(
string
p_strDecrypt)
{
//
SettheKeyandtheInitialVectorforDecrypt
byte
[]key
=
Encoding.UTF8.GetBytes(Key);
byte
[]iv
=
Encoding.UTF8.GetBytes(Iv);
//
Coventthestringtobyte[]withtheEncryptData
//
byte[]EncrypData=Encoding.UTF8.GetBytes(p_strDecrypt);
byte
[]EncrypData
=
Convert.FromBase64String(p_strDecrypt);
//
SettheMemorystreamSpaceforsavedata
MemoryStreammemoryData
=
new
MemoryStream();
//
CreateDESforDecrypt
DESCryptoServiceProviderdes
=
new
DESCryptoServiceProvider();
des.Key
=
key;
des.IV
=
iv;
des.Mode
=
CipherMode.CBC;
//
DecryptwiththekeyandInitialVector
ICryptoTransformtransform
=
des.CreateDecryptor();
//
SavetoMemoryStream
CryptoStreamcryptostream
=
new
CryptoStream(memoryData,transform,CryptoStreamMode.Write);
//
outputthedata
try
{
cryptostream.Write(EncrypData,
0
,EncrypData.Length);
}
catch
(Exceptionex)
{
throw
new
Exception(
"
writetostreamwrong!
"
+
ex.Message);
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
//
outputdata
return
Encoding.UTF8.GetString(memoryData.ToArray());
}
Soap头:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
public
class
MySoapHeader:SoapHeader
{
string
_name;
string
_passWord;
public
string
UserName
{
get
{
return
_name;}
set
{_name
=
value;}
}
public
string
PassWord
{
get
{
return
_passWord;}
set
{_passWord
=
value;}
}
}
更改上篇中的方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
public
bool
ValiHeader(
out
string
ReturnMsg)
{
MySoapHeader myheader=new MySoapHeader();
bool
flag
=
false
;
string
UserName=
Decrypt(myheader.UserName);
string PassWord=Decrypt(myheader.PassWord);
if
(UserName
==
"
admin
"
&&
PassWord
==
"
admin
"
)
{
flag
=
true
;
ReturnMsg
=
"
YouAreSuccessfully
"
;
}
else
{
ReturnMsg
=
"
YouAreFailted
"
;
}
return
flag;
}
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
[WebMethod]
[SoapHeader("header", Direction = SoapHeaderDirection.In)]
public
string
CheckHeader()
{
string
ReturnMsg
=
""
;
bool
IsTrue
=
ValiHeader(
out
ReturnMsg);
return
ReturnMsg;
}
如果方法:“ValiHeader”返回的是true 表示验证成功,如果返回的是false表示用户名和密码有误。
有关SoapHeader验证头密码核心代码就 是这样了。其中省略了很多代码。