使用TripleDES加密解密密码

时间:2013-03-26 08:01:01

标签: asp.net

我正在登录应用程序,我必须使用TripleDES加密和解密密码,我有一套编码和编码加密工作正常但解密不工作它显示错误。

,错误是:

The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or a non-white space character among the padding characters. 

,编码为:

newuser.aspx.cs

using System;
using System.Web.UI;
using System.Data.SqlClient;
using System.Configuration;
using System.Security.Cryptography;
using System.Text;
using System.IO;

namespace WebApplication5
{
    public partial class WebForm6 : System.Web.UI.Page
    {
        SqlConnection connection;
        protected void Page_Load(object sender, EventArgs e)
        {
            connection = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            SqlConnection con1 = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
            con1.Open();

            SqlCommand cmd1 = new SqlCommand("select * from admin where USERNAME=@USERNAME and PASSWORD=@PASSWORD ", con1);
            cmd1.Parameters.AddWithValue("@username", txtUserName.Text);
            cmd1.Parameters.AddWithValue("@password", txtPassword.Text);
            SqlDataReader dr = cmd1.ExecuteReader();
            if (dr.HasRows)
            {
                ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('userName is already availables')</script>");

            }

            else
            {

                SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
                con.Open();
                string strQuery = "insert into admin( USERNAME,PASSWORD) values('" + txtUserName.Text +
                "','" + EncryptTripleDES(txtPassword.Text) + "')";
                connection = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
                connection.Open();
                SqlCommand cmd = new SqlCommand(strQuery, connection);
                cmd.ExecuteNonQuery();
                connection.Close();
                Response.Redirect("login.aspx");

            }

            con1.Close();
        }



        public static string EncryptTripleDES(string value)
        {
            TripleDESCryptoServiceProvider cryptoProvider = new TripleDESCryptoServiceProvider();
            MemoryStream memoryStream = new MemoryStream();
            CryptoStream cryptoStream = new CryptoStream(memoryStream, cryptoProvider.CreateEncryptor(), CryptoStreamMode.Write);
            StreamWriter streamWriter = new StreamWriter(cryptoStream);
            streamWriter.Write(value);
            streamWriter.Flush();
            cryptoStream.FlushFinalBlock();
            memoryStream.Flush();
            return Convert.ToBase64String(memoryStream.GetBuffer(), 0, Convert.ToInt32(memoryStream.Length));
        }

    }
}

login.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
using System.Security.Cryptography;
using System.IO;

namespace WebApplication5
{
    public partial class WebForm4 : System.Web.UI.Page
    {
        SqlConnection connection;
        protected void Page_Load(object sender, EventArgs e)
        {
            connection = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            SqlConnection con1 = new SqlConnection(ConfigurationManager.ConnectionStrings["TestQueryConnectionString"].ConnectionString);
            con1.Open();
            SqlCommand cmd1 = new SqlCommand("select * from admin where USERNAME=@USERNAME and PASSWORD=@PASSWORD ", con1);
            cmd1.Parameters.AddWithValue("@username", txtUserName.Text);
            cmd1.Parameters.AddWithValue("@password", EncryptTripleDES(DecryptTripleDES(txtPassword.Text)));
            SqlDataAdapter da = new SqlDataAdapter(cmd1);
            DataTable dt = new DataTable();
            da.Fill(dt);
            if (dt.Rows.Count > 0)
            {
                Response.Redirect("emplist.aspx");
            }
            else
            {
                ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>");
            }
            con1.Close();
        }
        protected void btnClear_Click(object sender, EventArgs e)
        {
            txtUserName.Text = "";
            txtPassword.Text = "";
        }



        public static string EncryptTripleDES(string value)
        {
            TripleDESCryptoServiceProvider cryptoProvider = new TripleDESCryptoServiceProvider();
            MemoryStream memoryStream = new MemoryStream();
            CryptoStream cryptoStream = new CryptoStream(memoryStream, cryptoProvider.CreateEncryptor(), CryptoStreamMode.Write);
            StreamWriter streamWriter = new StreamWriter(cryptoStream);
            streamWriter.Write(value);
            streamWriter.Flush();
            cryptoStream.FlushFinalBlock();
            memoryStream.Flush();
            return Convert.ToBase64String(memoryStream.GetBuffer(), 0, Convert.ToInt32(memoryStream.Length));
        }


        public static string DecryptTripleDES(string value)
        {
            TripleDESCryptoServiceProvider cryptoProvider = new TripleDESCryptoServiceProvider();
            byte[] buffer = Convert.FromBase64String(value);
            MemoryStream memoryStream = new MemoryStream(buffer);
            CryptoStream cryptoSteam = new CryptoStream(memoryStream, cryptoProvider.CreateDecryptor(), CryptoStreamMode.Read);
            StreamReader streamReader = new StreamReader(cryptoSteam);
            return streamReader.ReadToEnd();
        }

    }

}

并且plz帮我解释这个编码pbl ......,

1 个答案:

答案 0 :(得分:1)

我可以看到,问题出现在两个地方:

byte[] buffer = Convert.FromBase64String(value);

DecryptTripleDES()函数和

cmd1.Parameters.AddWithValue("@password", EncryptTripleDES(DecryptTripleDES(txtPassword.Text)));

在你的按钮提交处理程序。

在第一行,您尝试将Base64编码的字符串转换为字节数组。如果不是因为在这种情况下它可能只是用户输入到txtPassword控件中的一些随机文本或密码,那么一切都很好。

或者您希望用户手动加密密码,对其进行Base64编码,然后将其输入到txtPassword字段中?

尝试这样做:

cmd1.Parameters.AddWithValue("@password", EncryptTripleDES(txtPassword.Text));