我正在实现一个 CustomMembership 提供程序,第一部分工作,登录,注册等(我现在从http://msdn.microsoft.com/en-us/library/vstudio/w8h3skw9 选择了validationKey 和decriptionKey( v=vs.100).aspx )。
我的网络配置:
<system.web>
<machineKey validationKey="32E35872597989D14CC1D5D9F5B1E94238D0EE32CF10AA2D2059533DF6035F4F" decryptionKey="B179091DBB2389B996A526DE8BCD7ACFDBCAB04EF1D085481C61496F693DF5F4"/>
<membership defaultProvider="CustomMembershipProvider">
<providers>
<clear />
<add name="CustomMembershipProvider" type="CustomMembership.CustomMembership.CustomMembershipProvider" connectionStringName="TestMembershipEntities" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" passwordFormat="Encrypted" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="CustomRoleProvider">
<providers>
...
现在我需要使用 MD5。
EncryptPassword
如果我在 MachineKey 中设置验证属性,该方法选择正确的算法?
switch (PasswordFormat)
{
case MembershipPasswordFormat.Clear:
break;
case MembershipPasswordFormat.Encrypted:
byte[] encryptedPass = EncryptPassword(Encoding.Unicode.GetBytes(password));
encodedPassword = Convert.ToBase64String(encryptedPass);
break;
case MembershipPasswordFormat.Hashed:
HMACSHA1 hash = new HMACSHA1();
hash.Key = HexToByte(machineKey.ValidationKey);
encodedPassword = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
break;
default:
throw new ProviderException("Unsupported password format.");
}
更改机器密钥
<machineKey validationKey="32E35872597989D14CC1D5D9F5B1E94238D0EE32CF10AA2D2059533DF6035F4F" decryptionKey="B179091DBB2389B996A526DE8BCD7ACFDBCAB04EF1D085481C61496F693DF5F4"
validation="MD5" decryption="Auto" />
如果我这样做,我会收到以下错误@Html.AntiForgeryToken()
:
**ConfigurationErrorsException was unhandled...**
When using <machineKey compatibilityMode="Framework45" /> or the MachineKey.Protect and MachineKey.Unprotect APIs,
the 'validation' attribute must be one of these values: SHA1, HMACSHA256, HMACSHA384, HMACSHA512, or alg:[KeyedHashAlgorithm].
我需要编写自定义代码来加密/解密 MD5case MembershipPasswordFormat.Encrypted:
或我需要做什么,谢谢。