SQL密码解密成功,但在C#Password中运行项目时无法获得解密密码
我已经在SQL Server中进行了加密和解密,但当我登录时,密码不会解密。 以下代码用于加密密码字段SQL密码解密成功,但在C#Password中运行项目时无法获得解密密码,c#,sql-server,C#,Sql Server,我已经在SQL Server中进行了加密和解密,但当我登录时,密码不会解密。 以下代码用于加密密码字段 insert into login values('admin',ENCRYPTBYPASSPHRASE('SHA2_256','admin')) select username, CONVERT(VARBINARY(50),DECRYPTBYPASSPHRASE('SHA2_256',pass))FROM LOGIN 下面的代码用于解密密码字段 insert into login val
insert into login values('admin',ENCRYPTBYPASSPHRASE('SHA2_256','admin'))
select username, CONVERT(VARBINARY(50),DECRYPTBYPASSPHRASE('SHA2_256',pass))FROM LOGIN
下面的代码用于解密密码字段
insert into login values('admin',ENCRYPTBYPASSPHRASE('SHA2_256','admin'))
select username, CONVERT(VARBINARY(50),DECRYPTBYPASSPHRASE('SHA2_256',pass))FROM LOGIN
但是当我登录时,显示的密码与C#
下面是不起作用的C代码
namespace login_Encrypt
{
公共部分类Form1:Form
{
//静态字符串解密;
公共表格1()
{
初始化组件();
}
private void login_Click(object sender, EventArgs e)
{
string uid = txtuser.Text;
string pwd = txtpass.Text;
string CPass = txtpass.Text.Trim();
SqlConnection con = new SqlConnection(@"Data Source=SANJAY;Initial Catalog=prectic;Integrated Security=True");
con.Open();
SqlCommand cmd = new SqlCommand("select * from login where username='" + txtuser.Text + "' AND pass='" + txtpass.Text + "'", con);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
DataTable ds = new DataTable();
sda.Fill(ds);
if (ds.Rows.Count > 0)
{
string t = ds.Rows[0]["pass"].ToString();
string Dec = Decrypt(t.ToString(), "SHA2_256");
//string NPass = (Dec + "MD5").ToLower();
lblmess.Visible = true;
lblmess.Text = "Matched";
}
else
{
lblmess.Text = "Sanjay";
}
}
/*if (ds.Tables[0].Rows.Count > 0)
{
user = ds.Tables[0].Rows[0]["username"].ToString();
pass = ds.Tables[0].Rows[0]["pass"].ToString();
con.Close();
Decrypt(pass);
if(user==txtuser.Text && decrypted==txtpass.Text)
{
lblmess.Text="success";
}
}*/
public string Decrypt(string input, string key)
{
byte[] inputArray = Convert.FromBase64String(input);
TripleDESCryptoServiceProvider tripleDES = new TripleDESCryptoServiceProvider();
MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider();
tripleDES.Key = MD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(key));
//tripleDES.Key = UTF8Encoding.UTF8.GetBytes(key);
tripleDES.Mode = CipherMode.ECB;
tripleDES.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tripleDES.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(inputArray, 0, inputArray.Length);
tripleDES.Clear();
return UTF8Encoding.UTF8.GetString(resultArray);
}
}
}
private void login_Click(object sender, EventArgs e)
{
string uid = txtuser.Text;
string pwd = txtpass.Text;
string CPass = txtpass.Text.Trim();
SqlConnection con = new SqlConnection(@"Data Source=SANJAY;Initial Catalog=prectic;Integrated Security=True");
con.Open();
SqlCommand cmd = new SqlCommand("select * from login where username='" + txtuser.Text + "' AND pass='" + txtpass.Text + "'", con);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
DataTable ds = new DataTable();
sda.Fill(ds);
if (ds.Rows.Count > 0)
{
string t = ds.Rows[0]["pass"].ToString();
string Dec = Decrypt(t.ToString(), "SHA2_256");
//string NPass = (Dec + "MD5").ToLower();
lblmess.Visible = true;
lblmess.Text = "Matched";
}
else
{
lblmess.Text = "Sanjay";
}
}
/*if (ds.Tables[0].Rows.Count > 0)
{
user = ds.Tables[0].Rows[0]["username"].ToString();
pass = ds.Tables[0].Rows[0]["pass"].ToString();
con.Close();
Decrypt(pass);
if(user==txtuser.Text && decrypted==txtpass.Text)
{
lblmess.Text="success";
}
}*/
public string Decrypt(string input, string key)
{
byte[] inputArray = Convert.FromBase64String(input);
TripleDESCryptoServiceProvider tripleDES = new TripleDESCryptoServiceProvider();
MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider();
tripleDES.Key = MD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(key));
//tripleDES.Key = UTF8Encoding.UTF8.GetBytes(key);
tripleDES.Mode = CipherMode.ECB;
tripleDES.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tripleDES.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(inputArray, 0, inputArray.Length);
tripleDES.Clear();
return UTF8Encoding.UTF8.GetString(resultArray);
}
}
有人知道如何在运行时解密密码吗?请给我一个解决方案。SQL可以解密密码吗?然后向我们展示不起作用的C。你试过了吗?为什么只使用50字节?加密密钥可能更大。请包括
登录
的表架构。我怀疑问题在于C#是en/解密UTF-16编码字符串,但您的SQL是en/解密varchar
。密码永远不应该加密。您应该对它们进行加密和散列