asp.net 密碼加密服務

1. 下載類庫    Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll

                Microsoft.Practices.EnterpriseLibrary.Security.dll

                Microsoft.Practices.EnterpriseLibrary.Common

 2. web.config 配置

  <configSections>
    <section name="securityCryptographyConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration.CryptographySettings, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="true"/>
  </configSections>
  <securityCryptographyConfiguration>
    <hashProviders>
      <add name="MD5CryptoServiceProvider" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.MD5CryptoServiceProvider, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="RIPEMD160Managed" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.RIPEMD160Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="SHA1CryptoServiceProvider" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.SHA1CryptoServiceProvider, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="SHA1Managed" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.SHA1Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="SHA256Managed" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.SHA256Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="SHA384Managed" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.SHA384Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
      <add name="SHA512Managed" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" algorithmType="System.Security.Cryptography.SHA512Managed, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" saltEnabled="true"/>
    </hashProviders>
  </securityCryptographyConfiguration>

3.添加引用  類庫

4.類  方法

   /// <summary>
    /// 哈希加密算法枚舉
    /// </summary>
    public enum EnumHashProvider
    {
        /// <summary>
        /// MD5
        /// </summary>
        MD5CryptoServiceProvider = 1,
        /// <summary>
        /// RIPEMD160Managed
        /// </summary>
        RIPEMD160Managed,
        /// <summary>
        /// SHA1
        /// </summary>
        SHA1CryptoServiceProvider,
        /// <summary>
        /// SHA1Managed
        /// </summary>
        SHA1Managed,
        /// <summary>
        /// SHA256Managed
        /// </summary>
        SHA256Managed,
        /// <summary>
        /// SHA384Managed
        /// </summary>
        SHA384Managed,
        /// <summary>
        /// SHA512Managed
        /// </summary>
        SHA512Managed
    }

    /// <summary>
    /// 加密服務工具類
    /// </summary>
    public class CryptographyUtil
    {
        /// <summary>
        /// 根據隨機抽取的加密算法和隨機產生的散列字符串對源字符串進行加密
        /// </summary>
        /// <param name="plainText">要加密的字符串</param>
        /// <param name="saltText">散列字符串</param>
        /// <param name="hashProvider">哈希加密算法提供器</param>
        /// <returns>加密後的字符串</returns>
        public static string GetEncryptedHashText(string plainText, out string saltText, out int hashProvider)
        {
            Random radom = new Random();
            int hashProviderType = radom.Next(1, 8);
            hashProvider = hashProviderType;
            saltText = CreateSaltText();
            plainText += saltText;
            string encryptedText = Cryptographer.CreateHash(((EnumHashProvider)hashProvider).ToString(), plainText);
            return encryptedText;
        }

        /// <summary>
        /// 比較某一字符串是不是某一加密字符串的源字符串
        /// </summary>
        /// <param name="plainText">源字符串</param>
        /// <param name="encryptedText">加密後的字符串</param>
        /// <param name="saltText">加密用的散列值</param>
        /// <param name="hashProviderType">哈希加密算法提供器</param>
        /// <returns>true=源字符串和加密後的字符串同樣;false=源字符串和加密後的字符串不同</returns>
        public static bool CompareHashText(string plainText, string encryptedText, string saltText, int hashProviderType)
        {
            EnumHashProvider hashProvider = new EnumHashProvider();
            try
            {
                hashProvider = (EnumHashProvider)hashProviderType;
            }
            catch
            {
                return false;
            }
            bool matched = Cryptographer.CompareHash(hashProvider.ToString(), plainText + saltText, encryptedText);

            return matched;
        }

        /// <summary>
        /// 產生一個散列值
        /// </summary>
        /// <returns></returns>
        private static string CreateSaltText()
        {
            byte[] bytSalt = new byte[32];
            RNGCryptoServiceProvider rng;

            rng = new RNGCryptoServiceProvider();

            rng.GetBytes(bytSalt);

            return Convert.ToBase64String(bytSalt);
        }
    }

 /// <summary>
        /// 用戶名登陸
        /// </summary>
        /// <param name="userloginname">用戶名</param>
        /// <param name="userLogPassword">用戶密碼</param>
        /// <returns>用戶信息實體</returns>
        public tb_User UserLogin(string userLoginname, string userLogPassword)
        {
            tb_User dbclass = this.repository.UserLogin(userLoginname);
            if (dbclass == null)
            {
                return null;
            }
            if (!CryptographyUtil.CompareHashText(userLogPassword, dbclass.User_Password, dbclass.User_PasswordSalt, dbclass.User_PasswordFormat.Value))
            {
                return null;
            }
            return dbclass;
        }

     string user_Password;            string user_PasswordSalt;            int user_PasswordFormat;            //密碼加密            user_Password = CryptographyUtil.GetEncryptedHashText(password, out user_PasswordSalt, out user_PasswordFormat);            item.User_Password = user_Password;            item.User_PasswordFormat = user_PasswordFormat;            item.User_PasswordSalt = user_PasswordSalt;