I'm looking at the source code for the .net membership provider, and it sqlmembershipprovider.cs there are calls to EncryptPassword and DecryptPassword but I don't see the method anywhere in the source.
我正在查看.net成员资格提供程序的源代码,并且sqlmembershipprovider.cs有对EncryptPassword和DecryptPassword的调用,但我没有在源代码中看到任何方法。
What algorithm are they using? Isn't the source for that released also?
他们使用什么算法?这也不是发布的来源吗?
4 个解决方案
#1
3
SqlMembershipProvider derives from MembershipProvider from which it inherits EncryptPassword() and DecryptPassword().
SqlMembershipProvider派生自MembershipProvider,它继承EncryptPassword()和DecryptPassword()。
Looking though the code with Reflector, it looks like the algorithm is DES if the key is 8 bytes long and AES (Rijndael) otherwise.
通过Reflector查看代码,如果密钥长度为8个字节,则算法似乎是DES,否则为AES(Rijndael)。
#2
0
SqlMembershipProvider uses System.Web.Security.MembershipProvider as its base class. The EncryptPassword and DecryptPassword methods are being called on the base class.
SqlMembershipProvider使用System.Web.Security.MembershipProvider作为其基类。在基类上调用EncryptPassword和DecryptPassword方法。
Fire up .NET Reflector and point it at System.Web.Security.MembershipProvider and you'll see how they do it.
启动.NET Reflector并将其指向System.Web.Security.MembershipProvider,您将看到他们是如何做到的。
#3
0
Although the encryption code is "public", the default encryption of the membership provider is based on the unique machine key.
虽然加密代码是“公共”,但成员资格提供程序的默认加密基于唯一的机器密钥。
#4
0
Pretty sure the base Decrypt/EncryptPassword use the standard .NET implementation of AES, perhaps with a key defined somewhere, probably machine specific
非常确定基本的Decrypt / EncryptPassword使用AES的标准.NET实现,可能在某处定义了一个键,可能是特定于机器的
See the AesManaged class.
请参阅AesManaged类。
#1
3
SqlMembershipProvider derives from MembershipProvider from which it inherits EncryptPassword() and DecryptPassword().
SqlMembershipProvider派生自MembershipProvider,它继承EncryptPassword()和DecryptPassword()。
Looking though the code with Reflector, it looks like the algorithm is DES if the key is 8 bytes long and AES (Rijndael) otherwise.
通过Reflector查看代码,如果密钥长度为8个字节,则算法似乎是DES,否则为AES(Rijndael)。
#2
0
SqlMembershipProvider uses System.Web.Security.MembershipProvider as its base class. The EncryptPassword and DecryptPassword methods are being called on the base class.
SqlMembershipProvider使用System.Web.Security.MembershipProvider作为其基类。在基类上调用EncryptPassword和DecryptPassword方法。
Fire up .NET Reflector and point it at System.Web.Security.MembershipProvider and you'll see how they do it.
启动.NET Reflector并将其指向System.Web.Security.MembershipProvider,您将看到他们是如何做到的。
#3
0
Although the encryption code is "public", the default encryption of the membership provider is based on the unique machine key.
虽然加密代码是“公共”,但成员资格提供程序的默认加密基于唯一的机器密钥。
#4
0
Pretty sure the base Decrypt/EncryptPassword use the standard .NET implementation of AES, perhaps with a key defined somewhere, probably machine specific
非常确定基本的Decrypt / EncryptPassword使用AES的标准.NET实现,可能在某处定义了一个键,可能是特定于机器的
See the AesManaged class.
请参阅AesManaged类。