溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
加密方法有很多,以下是其中一種簡單的簽名模式
1、首先客戶端通過webapi按照IP地址,時間戳,隨機數生成簽名,并傳遞序列號
private Result_Sign Valid()
{
string ServerIP = "192.168.1.6";// HttpContext.Request.ServerVariables.Get("Local_Addr").ToString(); //地址
string timestamp = DateTimeToStamp(DateTime.Now); //時間戳
string nonce = ST.WEB.App_Start.Common.CreateValidateCode(6);//隨機數
string SignStr = SignatureString(ServerIP, timestamp, nonce);//生成簽名
string appseq = ConfigurationManager.AppSettings["DPSeq"]; //產品序列號
string Url = string.Format("http://www.abc.com:89/api/Valid?signature={0}×tamp={1}&nonce={2}&appseq={3}", SignStr, timestamp, nonce, appseq);//POST發送URL
string resStr = ST.WEB.App_Start.Common.Get_Http(Url, 12000);
Result_Sign resJson = new Result_Sign()
{
code = "-1",
message = ""
};
if (resStr.Substring(0, 2) != "錯誤")
{
resJson = JsonConvert.DeserializeObject<Result_Sign>(resStr);
}
return resJson;
}
// DateTime時間格式轉換為Unix時間戳格式
private string DateTimeToStamp(DateTime time)
{
System.DateTime startTime = TimeZone.CurrentTimeZone.ToLocalTime(new System.DateTime(1970, 1, 1));
return ((int)(time - startTime).TotalSeconds).ToString();
}
//生成簽名串
private string SignatureString(string appIP, string timestamp, string nonce)
{
string[] ArrTmp = { appIP, timestamp, nonce };
Array.Sort(ArrTmp);
string tmpStr = string.Join("", ArrTmp);
tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1");
return tmpStr.ToLower();
}
//生成隨機數
public static string CreateValidateCode(int length)
{
int[] randMembers = new int[length];
int[] validateNums = new int[length];
string validateNumberStr = "";
//生成起始序列值
int seekSeek = unchecked((int)DateTime.Now.Ticks);
Random seekRand = new Random(seekSeek);
int beginSeek = (int)seekRand.Next(0, Int32.MaxValue - length * 10000);
int[] seeks = new int[length];
for (int i = 0; i < length; i++)
{
beginSeek += 10000;
seeks[i] = beginSeek;
}
//生成隨機數字
for (int i = 0; i < length; i++)
{
Random rand = new Random(seeks[i]);
int pownum = 1 * (int)Math.Pow(10, length);
randMembers[i] = rand.Next(pownum, Int32.MaxValue);
}
//抽取隨機數字
for (int i = 0; i < length; i++)
{
string numStr = randMembers[i].ToString();
int numLength = numStr.Length;
Random rand = new Random();
int numPosition = rand.Next(0, numLength - 1);
validateNums[i] = Int32.Parse(numStr.Substring(numPosition, 1));
}
for (int i = 0; i < length; i++)
{
validateNumberStr += validateNums[i].ToString();
}
return validateNumberStr;
}
/// <summary>
/// 獲取遠程服務器ATN結果
/// </summary>
/// <param name="strUrl">指定URL路徑地址</param>
/// <param name="timeout">超時時間設置</param>
/// <returns>服務器ATN結果</returns>
public static string Get_Http(string strUrl, int timeout)
{
string strResult;
try
{
HttpWebRequest myReq = (HttpWebRequest)HttpWebRequest.Create(strUrl);
myReq.Timeout = timeout;
HttpWebResponse HttpWResp = (HttpWebResponse)myReq.GetResponse();
Stream myStream = HttpWResp.GetResponseStream();
StreamReader sr = new StreamReader(myStream, Encoding.Default);
StringBuilder strBuilder = new StringBuilder();
while (-1 != sr.Peek())
{
strBuilder.Append(sr.ReadLine());
}
strResult = strBuilder.ToString();
}
catch (Exception exp)
{
strResult = "錯誤:" + exp.Message;
}
return strResult;
}
2、服務器端獲取數據并驗證返回結果
[HttpGet]
public Result_Sign Sign(string signature, string timestamp, string nonce, string appseq)
{
Result_Sign sign = new Result_Sign()
{
code="0",
message="fault"
};
if (Tool.ValidateSignature(signature, timestamp, nonce, appseq))
{
sign.code = "1";
sign.message = "success";
}
return sign;
}
/// <summary>
/// 檢查應用接入的數據完整性
/// </summary>
/// <param name="signature">加密簽名內容</param>
/// <param name="timestamp">時間戳</param>
/// <param name="nonce">隨機字符串</param>
/// <param name="appseq">序列號</param>
/// <returns></returns>
public static bool ValidateSignature(string signature, string timestamp, string nonce, string appseq)
{
bool result = false;
Register item = Cache.GetBySeq(appseq);//獲取序列號相關信息
if (item != null)
{
if (DateTime.Parse(item.ExpireDT) < DateTime.Now.Date) //是否過期
{
return result;
}
#region 校驗簽名參數的來源是否正確
string[] ArrTmp = { item.IP, timestamp, nonce };
Array.Sort(ArrTmp);
string tmpStr = string.Join("", ArrTmp);
tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1");
tmpStr = tmpStr.ToLower();
if (tmpStr == signature && isNumberic(timestamp))
{ //驗證成功
DateTime dtTime = StampToDateTime(timestamp);
double minutes = DateTime.Now.Subtract(dtTime).TotalMinutes;
if (minutes < 5) //時間不能大于5分鐘
{
result = true;
}
}
#endregion
}
return result;
}
/// <summary>
/// 時間戳轉時間
/// </summary>
/// <param name="timeStamp"></param>
/// <returns></returns>
private static DateTime StampToDateTime(string timeStamp)
{
DateTime dateTimeStart = TimeZone.CurrentTimeZone.ToLocalTime(new DateTime(1970, 1, 1));
long lTime = long.Parse(timeStamp + "0000000");
TimeSpan toNow = new TimeSpan(lTime);
return dateTimeStart.Add(toNow);
}
/// <summary>
/// 是否為數字
/// </summary>
/// <param name="message"></param>
/// <returns></returns>
protected static bool isNumberic(string message)
{
System.Text.RegularExpressions.Regex rex =
new System.Text.RegularExpressions.Regex(@"^\d+$");
if (rex.IsMatch(message))
{
return true;
}
else
return false;
}
public class Result_Sign
{
public string code { set; get; }
public string message { set; get; }
}
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
