自定义身份验证Soap头 进行加密解密
首先我们在客户端进行对数据的加密:这里我们使用的是64位DES加密算法。
设置密钥(Key)和初始值(IV)可放在配置文件中:
*注:上面的值只有8个字节(64位)
在.cs文件中获取“Key”和“IV”
定义一个加密方法:
这样就完成了加密的过程(用户名,密码,数据可以以参数的形式传入)
在服务 器端同样设置配置文件。这于客户端的是一模一样的。
编写解密方法:
Soap头:
更改上篇中的方法:
如果方法:“ValiHeader”返回的是true 表示验证成功,如果返回的是false表示用户名和密码有误。
有关SoapHeader验证头密码核心代码就 是这样了。其中省略了很多代码。
设置密钥(Key)和初始值(IV)可放在配置文件中:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
<
appSettings
>
< add key ="Key" value ="fdautoit" />
< add key ="IV" value ="FDAUTOIT" />
</ appSettings >
< add key ="Key" value ="fdautoit" />
< add key ="IV" value ="FDAUTOIT" />
</ appSettings >
*注:上面的值只有8个字节(64位)
在.cs文件中获取“Key”和“IV”
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
string
Key,Iv;
Key = ConfigurationManager.AppSettings[ " Key " ];
Iv = ConfigurationManager.AppSettings[ " IV " ];
Key = ConfigurationManager.AppSettings[ " Key " ];
Iv = ConfigurationManager.AppSettings[ " IV " ];
定义一个加密方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
string
Encrypt(
string
p_strEncrypt)
{
// SettheKeyandtheInitialVectorforEncrypt
byte []key = Encoding.UTF8.GetBytes(Key);
byte []iv = Encoding.UTF8.GetBytes(Iv);
// Conventthestringtobyte[]oftheData
byte []byteData = Encoding.UTF8.GetBytes(p_strEncrypt);
// SetMemoryspaceforsavetheData
MemoryStreammemoryData = new MemoryStream();
//
// DESdes=newDESCryptoServiceProvider();
// RC2des=newRC2CryptoServiceProvider();
// Rijndaeldes=newRijndaelManaged();
TripleDESdes = new TripleDESCryptoServiceProvider();
des.Key = key;
des.IV = iv;
des.Mode = CipherMode.CBC;
// CreatetheMethodwiththeKeyandIV
ICryptoTransformtransform = des.CreateEncryptor();
// CreatetheEnCryptstream
CryptoStreamcryptostream = new CryptoStream(memoryData,transform,CryptoStreamMode.Write);
// writeintotheMemorystream
try
{
cryptostream.Write(byteData, 0 ,byteData.Length);
}
catch
{
throw new Exception( " EncryptDatawrongofthewritetostream! " );
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
// returnmemoryData.ToString();
return Convert.ToBase64String(memoryData.ToArray());
}
在这个方法返回的是一个加密后的数据。
{
// SettheKeyandtheInitialVectorforEncrypt
byte []key = Encoding.UTF8.GetBytes(Key);
byte []iv = Encoding.UTF8.GetBytes(Iv);
// Conventthestringtobyte[]oftheData
byte []byteData = Encoding.UTF8.GetBytes(p_strEncrypt);
// SetMemoryspaceforsavetheData
MemoryStreammemoryData = new MemoryStream();
//
// DESdes=newDESCryptoServiceProvider();
// RC2des=newRC2CryptoServiceProvider();
// Rijndaeldes=newRijndaelManaged();
TripleDESdes = new TripleDESCryptoServiceProvider();
des.Key = key;
des.IV = iv;
des.Mode = CipherMode.CBC;
// CreatetheMethodwiththeKeyandIV
ICryptoTransformtransform = des.CreateEncryptor();
// CreatetheEnCryptstream
CryptoStreamcryptostream = new CryptoStream(memoryData,transform,CryptoStreamMode.Write);
// writeintotheMemorystream
try
{
cryptostream.Write(byteData, 0 ,byteData.Length);
}
catch
{
throw new Exception( " EncryptDatawrongofthewritetostream! " );
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
// returnmemoryData.ToString();
return Convert.ToBase64String(memoryData.ToArray());
}
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
void
ValidServiceMethod()
{
// EncrypttheusernameandpasswordofSoapHeader
string m_strName = Encrypt( " admin " ,EncryptionAlgorithm.Des);
string m_strPwd = Encrypt( " admin " ,EncryptionAlgorithm.Des);
// newaSoapHeaderandaWebService
MySoapHeader myheader = new MySoapHeader ();
MyServicemyservice = new MyService();
myheader .UserName = m_strName;
myheader .PassWord = m_strPwd;
// SettheSoapHeadervalidatetoService
myservice.FDSoapHeaderValue = myheader ;
// CallMethodofwebservice
myservice.GetMoney();
}
{
// EncrypttheusernameandpasswordofSoapHeader
string m_strName = Encrypt( " admin " ,EncryptionAlgorithm.Des);
string m_strPwd = Encrypt( " admin " ,EncryptionAlgorithm.Des);
// newaSoapHeaderandaWebService
MySoapHeader myheader = new MySoapHeader ();
MyServicemyservice = new MyService();
myheader .UserName = m_strName;
myheader .PassWord = m_strPwd;
// SettheSoapHeadervalidatetoService
myservice.FDSoapHeaderValue = myheader ;
// CallMethodofwebservice
myservice.GetMoney();
}
这样就完成了加密的过程(用户名,密码,数据可以以参数的形式传入)
在服务 器端同样设置配置文件。这于客户端的是一模一样的。
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
<
appSettings
>
< add key ="Key" value ="fdautoit" />
< add key ="IV" value ="FDAUTOIT" />
</ appSettings >
同样在代码文件中获取其值
< add key ="Key" value ="fdautoit" />
< add key ="IV" value ="FDAUTOIT" />
</ appSettings >
编写解密方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
private
string
Decrypt(
string
p_strDecrypt)
{
// SettheKeyandtheInitialVectorforDecrypt
byte []key = Encoding.UTF8.GetBytes(Key);
byte []iv = Encoding.UTF8.GetBytes(Iv);
// Coventthestringtobyte[]withtheEncryptData
// byte[]EncrypData=Encoding.UTF8.GetBytes(p_strDecrypt);
byte []EncrypData = Convert.FromBase64String(p_strDecrypt);
// SettheMemorystreamSpaceforsavedata
MemoryStreammemoryData = new MemoryStream();
// CreateDESforDecrypt
DESCryptoServiceProviderdes = new DESCryptoServiceProvider();
des.Key = key;
des.IV = iv;
des.Mode = CipherMode.CBC;
// DecryptwiththekeyandInitialVector
ICryptoTransformtransform = des.CreateDecryptor();
// SavetoMemoryStream
CryptoStreamcryptostream = new CryptoStream(memoryData,transform,CryptoStreamMode.Write);
// outputthedata
try
{
cryptostream.Write(EncrypData, 0 ,EncrypData.Length);
}
catch (Exceptionex)
{
throw new Exception( " writetostreamwrong! " + ex.Message);
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
// outputdata
return Encoding.UTF8.GetString(memoryData.ToArray());
}
{
// SettheKeyandtheInitialVectorforDecrypt
byte []key = Encoding.UTF8.GetBytes(Key);
byte []iv = Encoding.UTF8.GetBytes(Iv);
// Coventthestringtobyte[]withtheEncryptData
// byte[]EncrypData=Encoding.UTF8.GetBytes(p_strDecrypt);
byte []EncrypData = Convert.FromBase64String(p_strDecrypt);
// SettheMemorystreamSpaceforsavedata
MemoryStreammemoryData = new MemoryStream();
// CreateDESforDecrypt
DESCryptoServiceProviderdes = new DESCryptoServiceProvider();
des.Key = key;
des.IV = iv;
des.Mode = CipherMode.CBC;
// DecryptwiththekeyandInitialVector
ICryptoTransformtransform = des.CreateDecryptor();
// SavetoMemoryStream
CryptoStreamcryptostream = new CryptoStream(memoryData,transform,CryptoStreamMode.Write);
// outputthedata
try
{
cryptostream.Write(EncrypData, 0 ,EncrypData.Length);
}
catch (Exceptionex)
{
throw new Exception( " writetostreamwrong! " + ex.Message);
}
cryptostream.FlushFinalBlock();
cryptostream.Close();
// outputdata
return Encoding.UTF8.GetString(memoryData.ToArray());
}
Soap头:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
public
class
MySoapHeader:SoapHeader
{
string _name;
string _passWord;
public string UserName
{
get { return _name;}
set {_name = value;}
}
public string PassWord
{
get { return _passWord;}
set {_passWord = value;}
}
}
{
string _name;
string _passWord;
public string UserName
{
get { return _name;}
set {_name = value;}
}
public string PassWord
{
get { return _passWord;}
set {_passWord = value;}
}
}
更改上篇中的方法:
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
public
bool
ValiHeader(
out
string
ReturnMsg)
{
MySoapHeader myheader=new MySoapHeader();
bool flag = false ;
string UserName= Decrypt(myheader.UserName);
string PassWord=Decrypt(myheader.PassWord);
if (UserName == " admin " && PassWord == " admin " )
{
flag = true ;
ReturnMsg = " YouAreSuccessfully " ;
}
else
{
ReturnMsg = " YouAreFailted " ;
}
return flag;
}
{
MySoapHeader myheader=new MySoapHeader();
bool flag = false ;
string UserName= Decrypt(myheader.UserName);
string PassWord=Decrypt(myheader.PassWord);
if (UserName == " admin " && PassWord == " admin " )
{
flag = true ;
ReturnMsg = " YouAreSuccessfully " ;
}
else
{
ReturnMsg = " YouAreFailted " ;
}
return flag;
}
<!--<br><br>Code highlighting produced by Actipro CodeHighlighter (freeware)<br>http://www.CodeHighlighter.com/<br><br>-->
[WebMethod]
[SoapHeader("header", Direction = SoapHeaderDirection.In)]
public string CheckHeader()
{
string ReturnMsg = "" ;
bool IsTrue = ValiHeader( out ReturnMsg);
return ReturnMsg;
}
[SoapHeader("header", Direction = SoapHeaderDirection.In)]
public string CheckHeader()
{
string ReturnMsg = "" ;
bool IsTrue = ValiHeader( out ReturnMsg);
return ReturnMsg;
}
如果方法:“ValiHeader”返回的是true 表示验证成功,如果返回的是false表示用户名和密码有误。
有关SoapHeader验证头密码核心代码就 是这样了。其中省略了很多代码。