Home>

This article uses rsa asymmetric encryption and base64 to simply implement offline registration code generation and verification functions.Interested friends follow us to learn

The main idea is that the provider holds the key,Encrypt client ID or time stamp through rsa,Encrypted into a not too bad registration code through base64,It is then distributed to clients.

After the client resolves base64, it verifies whether the registration code matches the local ID or time ID through the public key it holds.

First, generate the public key

rsacryptoserviceprovider cryptor=new rsacryptoserviceprovider ();

file.writealltext ("privatekey.xml", cryptor.toxmlstring (true));

file.writealltext ("publickey.xml", cryptor.toxmlstring (false));

In order to facilitate long-term storage, it is directly stored in the file.

To avoid losing the client's public key,I prefer to compile the public key directly into the validator,But this also means that if the key is replaced,The old verification program cannot check the newly generated registration code.

Second, generate a registration code

static string createregcode (string mac, datetime date)
 {
   rsacryptoserviceprovider cryptor=new rsacryptoserviceprovider ();
   cryptor.fromxmlstring (file.readalltext ("privatekey.xml"));
   string signature=string.format ("[{}] [{}]", mac, date.tostring ("yyyy-mm-dd"));
   byte [] regcodebytes=cryptor.signdata (
     encoding.utf.getbytes (signature),     "sha");
   return convert.tobasestring (regcodebytes);
 }

This method is to generate a registration code by encrypting the combination of mac and date,Some points to note:

1. mac in the parameter is the address of the client 2. The file on the fourth line is the key file generated in the previous step

3. Since only verification is considered,So the client must also know the date in the parameter

Third, verify the registration code

static bool verify (string regcode)
 {
   const string public_key="";
   try
   {
     rsacryptoserviceprovider cryptor=new rsacryptoserviceprovider ();
     cryptor.fromxmlstring (public_key);
     byte [] signeddata=convert.frombasestring (regcode);
     bool today=cryptor.verifydata (
       encoding.utf.getbytes (string.format ("[{}] [{}]", datetime.now.tostring ("yyyy-mm-dd"))),       "sha", signeddata);
     bool machinetoday=cryptor.verifydata (
       encoding.utf.getbytes (string.format ("[{}] [{}]", mac, datetime.now.tostring ("yyyy-mm-dd"))),       "sha", signeddata);
     bool forever=cryptor.verifydata (
       encoding.utf.getbytes (string.format ("[{}] [{}]", mac, environment.machinename)),       "sha", signeddata);
     return today || machinetoday || forever;
   }
   catch
   {
     return false;
   }
 }

This method validates three types of registration codes:available today, locally available today, and permanently available.

requires attention:

1. The public key in the third line is the content of publickey.xml in the first step

2. The macs on lines 14 and 17 are the client's physical address,As for how to get it is not the focus of this article,Please look at the official Baidu

3. Considering that the registration code filled in by the client may not be legal base64 text, it is necessary to catch the exception during parsing.

In fact, rsacryptoserviceprovider also provides a decryption method.This way you can verify more types of verification codes.

c
  • Previous JS dynamic date and time acquisition method
  • Next ASPNET operations on txt files (read, write, save)