MD5相关类:
System.Security.Cryptography.MD5
System.Security.Cryptography.MD5CryptoServiceProvider()
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(strSource, "MD5")
SHA1相关类:
System.Security.Cryptography.SHA1
System.Security.Cryptography.SHA1CryptoServiceProvider()
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(strSource, "SHA1")
获取由SHA1加密的字符串
public string EncryptToSHA1(string str)
{
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
byte[] str1 = Encoding.UTF8.GetBytes(str);
byte[] str2 = sha1.ComputeHash(str1);
sha1.Clear();
(sha1 as IDisposable).Dispose();
return Convert.ToBase64String(str2);
}
---------------------------------------------------------------------------------------------------------
获取由MD5加密的字符串
public string EncryptToMD5(string str)
{
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
byte[] str1 = Encoding.UTF8.GetBytes(str);
byte[] str2 = md5.ComputeHash(str1, 0, str1.Length);
md5.Clear();
(md5 as IDisposable).Dispose();
return Convert.ToBase64String(str2);
}
-----------------------------------------------------------------------
这些加密函数都是在服务器端执行,也就是说,当用户输入密码后,从客户端到服务器端传输时,用户的密码没有任何保护,很危险。银行的做法是在客户端安装ActiveX控件,在客户端就把一些重要信息进行加密,再发送。