MVC4使用哪种加密? [英] What encryption does MVC4 use?

问题描述

我们如何找出MVC4使用的加密方式?我注意到有一个SALT选项，但是在WebSecurity()模块中似乎也没有使用.

How do we find out what encryption MVC4 uses? I notice there is an option for a SALT but this also seems not to be used in the WebSecurity() module.

我想知道使用的标准以及是否可以轻松升级到最新的SHA

I would like to know the standard used and if it is easily possible to upgrade to the latest SHA

推荐答案

根据下面的链接Default Hashing Algorithm Is Now HMACSHA256:

http://www.asp.net/whitepapers/aspnet4/breaking-changes

默认哈希算法现在为HMACSHA256

ASP.NET同时使用加密和哈希算法来帮助保护数据，例如表单身份验证cookie和视图状态.默认情况下，ASP.NET 4现在使用HMACSHA256算法对Cookie和视图状态进行哈希操作.较早版本的ASP.NET使用较旧的HMACSHA1算法.

Default Hashing Algorithm Is Now HMACSHA256

ASP.NET uses both encryption and hashing algorithms to help secure data such as forms authentication cookies and view state. By default, ASP.NET 4 now uses the HMACSHA256 algorithm for hash operations on cookies and view state. Earlier versions of ASP.NET used the older HMACSHA1 algorithm.

如果您运行的ASP.NET 2.0/ASP.NET 4混合环境中的数据(如表单身份验证cookie)必须在.NET Framework版本之间运行，则您的应用程序可能会受到影响.要将ASP.NET 4 Web应用程序配置为使用较旧的HMACSHA1算法，请在Web.config文件中添加以下设置:

Your applications might be affected if you run mixed ASP.NET 2.0/ASP.NET 4 environments where data such as forms authentication cookies must work across.NET Framework versions. To configure an ASP.NET 4 Web application to use the older HMACSHA1 algorithm, add the following setting in the Web.config file:

<machineKey validation="SHA1" />

这篇关于MVC4使用哪种加密?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！