C# MD5加密中的特殊字符
我在C#和SQL Server中遇到了MD5加密问题,它只发生在具有特殊字符的行上 下面是c#中的代码: 然后将其与我在C#中创建的哈希进行比较,以检查数据库中数据的完整性。这对于没有特殊字符的所有行都非常有效,但对于包含任何特殊字符(如é或ö)的所有行都无效 这是我不久前遇到的一个问题,但任务因其他优先级而暂停,我不记得我已经尝试过什么解决方案,我记得我尝试过一些改变C#中字符串编码的解决方案,但没有一个有效 我做错了什么C# MD5加密中的特殊字符,c#,sql-server,cryptography,md5,cryptographic-hash-function,C#,Sql Server,Cryptography,Md5,Cryptographic Hash Function,我在C#和SQL Server中遇到了MD5加密问题,它只发生在具有特殊字符的行上 下面是c#中的代码: 然后将其与我在C#中创建的哈希进行比较,以检查数据库中数据的完整性。这对于没有特殊字符的所有行都非常有效,但对于包含任何特殊字符(如é或ö)的所有行都无效 这是我不久前遇到的一个问题,但任务因其他优先级而暂停,我不记得我已经尝试过什么解决方案,我记得我尝试过一些改变C#中字符串编码的解决方案,但没有一个有效 我做错了什么 提前感谢。我在代码中使用这种加密和解密方法,我已经用特殊字符进行了测试
提前感谢。我在代码中使用这种加密和解密方法,我已经用特殊字符进行了测试,它的工作对我来说很好。我会给你我的代码plz测试这一次,我希望它会工作你 TableFilter是一个公共类文件,该文件包含加密和解密方法。除此之外,您无法在.cs页上编写这两个方法
public static string Encrypt(string toEncrypt, bool useHashing = true)
{
byte[] keyArray;
byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);
System.Configuration.AppSettingsReader settingsReader =
new AppSettingsReader();
// Get the key from config file
string key = (string)settingsReader.GetValue("EncryptionKey",
typeof(String));
//System.Windows.Forms.MessageBox.Show(key);
//If hashing use get hashcode regards to your key
if (useHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
//Always release the resources and flush data
// of the Cryptographic service provide. Best Practice
hashmd5.Clear();
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(key);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
//set the secret key for the tripleDES algorithm
tdes.Key = keyArray;
//mode of operation. there are other 4 modes.
//We choose ECB(Electronic code Book)
tdes.Mode = CipherMode.ECB;
//padding mode(if any extra byte added)
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateEncryptor();
//transform the specified region of bytes array to resultArray
byte[] resultArray =
cTransform.TransformFinalBlock(toEncryptArray, 0,
toEncryptArray.Length);
//Release resources held by TripleDes Encryptor
tdes.Clear();
//Return the encrypted data into unreadable string format
return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}
public static string Decrypt(string cipherString, bool useHashing = true)
{
byte[] keyArray;
//get the byte code of the string
byte[] toEncryptArray = Convert.FromBase64String(cipherString);
System.Configuration.AppSettingsReader settingsReader =
new AppSettingsReader();
//Get your key from config file to open the lock!
string key = (string)settingsReader.GetValue("EncryptionKey",
typeof(String));
if (useHashing)
{
//if hashing was used get the hash code with regards to your key
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
//release any resource held by the MD5CryptoServiceProvider
hashmd5.Clear();
}
else
{
//if hashing was not implemented get the byte code of the key
keyArray = UTF8Encoding.UTF8.GetBytes(key);
}
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
//set the secret key for the tripleDES algorithm
tdes.Key = keyArray;
//mode of operation. there are other 4 modes.
//We choose ECB(Electronic code Book)
tdes.Mode = CipherMode.ECB;
//padding mode(if any extra byte added)
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(
toEncryptArray, 0, toEncryptArray.Length);
//Release resources held by TripleDes Encryptor
tdes.Clear();
//return the Clear decrypted TEXT
return UTF8Encoding.UTF8.GetString(resultArray);
}
:用于文本框字符串(代替txtpassword.text put testingé123ö以便于理解)
:Web.config
最后,我无法使用MD5找到一个好的解决方案,我转到了SHA256,它使用了以下答案:
看起来您已经将
nvarchar
数据压缩为varchar
,这是肯定的:将破坏许多非ASCII字符。尝试在整个过程中使用nvarchar
?另外:“从SQL Server 2016(13.x)开始,除SHA2_256和SHA2_512之外的所有算法都已弃用。较旧的算法(不推荐)将继续工作,但会引发弃用事件。”-服务器不希望您为此使用MD5。您的用户不希望您为此使用MD5。并且:它要求您发送超出必要范围的未加密密码。在我看来,您应该尽快使用salt和强(读:慢)散列算法(如PBKDF2、bcrypt或scrypt.var encoding=new ascienceoding())进行散列,可能是立即在应用层进行;将删除不可打印的字符。@jdweng它肯定会删除任何非ASCII字符,你说得对;使用控制字符应该没问题,但如果不是对密码进行哈希运算,请重命名该函数。如果您实际上是在对密码进行哈希运算,请停止使用MD5。注意,加密与散列不同(即使散列是加密散列);不正确地使用这些词可能会引起一些混淆。您通常不会加密散列。对行数据进行散列不需要安全地进行,如果散列只是用于在其他受信任的环境中加速查找或检测差异,但对密码进行散列没有这样的借口。
CONVERT(VARCHAR(32), HashBytes('MD5',CONVERT(VARCHAR(MAX),CONVERT(VARCHAR(MAX),ISNULL([Field1],''))+ISNULL([Field2],'')+ISNULL([Field3],'')+CONVERT(VARCHAR(MAX),ISNULL([Field4],''))+ISNULL(CONVERT(VARCHAR(MAX),[Field5]),'')+ISNULL(CONVERT(VARCHAR(MAX),Field6]),'')+CONVERT(VARCHAR(MAX),Field7]))+SUBSTRING(CONVERT(VARCHAR(32),HashBytes('MD5',CONVERT(VARCHAR(MAX),CONVERT(VARCHAR(MAX),ISNULL([Field1],''))+ISNULL([Field2],'')+ISNULL([Field3],'')+CONVERT(VARCHAR(MAX),ISNULL([Field4],''))+ISNULL(CONVERT(VARCHAR(MAX),Field5]),'')+ISNULL(CONVERT(VARCHAR(MAX),[Field6]),'')+CONVERT(VARCHAR(MAX),Field7]))) 2), 1, )), 2)
public static string Encrypt(string toEncrypt, bool useHashing = true)
{
byte[] keyArray;
byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);
System.Configuration.AppSettingsReader settingsReader =
new AppSettingsReader();
// Get the key from config file
string key = (string)settingsReader.GetValue("EncryptionKey",
typeof(String));
//System.Windows.Forms.MessageBox.Show(key);
//If hashing use get hashcode regards to your key
if (useHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
//Always release the resources and flush data
// of the Cryptographic service provide. Best Practice
hashmd5.Clear();
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(key);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
//set the secret key for the tripleDES algorithm
tdes.Key = keyArray;
//mode of operation. there are other 4 modes.
//We choose ECB(Electronic code Book)
tdes.Mode = CipherMode.ECB;
//padding mode(if any extra byte added)
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateEncryptor();
//transform the specified region of bytes array to resultArray
byte[] resultArray =
cTransform.TransformFinalBlock(toEncryptArray, 0,
toEncryptArray.Length);
//Release resources held by TripleDes Encryptor
tdes.Clear();
//Return the encrypted data into unreadable string format
return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}
public static string Decrypt(string cipherString, bool useHashing = true)
{
byte[] keyArray;
//get the byte code of the string
byte[] toEncryptArray = Convert.FromBase64String(cipherString);
System.Configuration.AppSettingsReader settingsReader =
new AppSettingsReader();
//Get your key from config file to open the lock!
string key = (string)settingsReader.GetValue("EncryptionKey",
typeof(String));
if (useHashing)
{
//if hashing was used get the hash code with regards to your key
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
//release any resource held by the MD5CryptoServiceProvider
hashmd5.Clear();
}
else
{
//if hashing was not implemented get the byte code of the key
keyArray = UTF8Encoding.UTF8.GetBytes(key);
}
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
//set the secret key for the tripleDES algorithm
tdes.Key = keyArray;
//mode of operation. there are other 4 modes.
//We choose ECB(Electronic code Book)
tdes.Mode = CipherMode.ECB;
//padding mode(if any extra byte added)
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(
toEncryptArray, 0, toEncryptArray.Length);
//Release resources held by TripleDes Encryptor
tdes.Clear();
//return the Clear decrypted TEXT
return UTF8Encoding.UTF8.GetString(resultArray);
}
login_Model.Password = TableFilter.Encrypt("testingé123ö");
<add key="EncryptionKey" value="encyptionkeyvalue"/>