MVC4使用哪种加密? [英] What encryption does MVC4 use?
问题描述
我们如何找出MVC4使用的加密方式?我注意到有一个SALT选项,但是在WebSecurity()
模块中似乎也没有使用.
How do we find out what encryption MVC4 uses? I notice there is an option for a SALT but this also seems not to be used in the WebSecurity()
module.
我想知道使用的标准以及是否可以轻松升级到最新的SHA
I would like to know the standard used and if it is easily possible to upgrade to the latest SHA
推荐答案
根据下面的链接Default Hashing Algorithm Is Now HMACSHA256
:
http://www.asp.net/whitepapers/aspnet4/breaking-changes
默认哈希算法现在为HMACSHA256
ASP.NET同时使用加密和哈希算法来帮助保护数据,例如表单身份验证cookie和视图状态.默认情况下,ASP.NET 4现在使用HMACSHA256算法对Cookie和视图状态进行哈希操作.较早版本的ASP.NET使用较旧的HMACSHA1算法.
Default Hashing Algorithm Is Now HMACSHA256
ASP.NET uses both encryption and hashing algorithms to help secure data such as forms authentication cookies and view state. By default, ASP.NET 4 now uses the HMACSHA256 algorithm for hash operations on cookies and view state. Earlier versions of ASP.NET used the older HMACSHA1 algorithm.
如果您运行的ASP.NET 2.0/ASP.NET 4混合环境中的数据(如表单身份验证cookie)必须在.NET Framework版本之间运行,则您的应用程序可能会受到影响.要将ASP.NET 4 Web应用程序配置为使用较旧的HMACSHA1算法,请在Web.config文件中添加以下设置:
Your applications might be affected if you run mixed ASP.NET 2.0/ASP.NET 4 environments where data such as forms authentication cookies must work across.NET Framework versions. To configure an ASP.NET 4 Web application to use the older HMACSHA1 algorithm, add the following setting in the Web.config file:
<machineKey validation="SHA1" />
这篇关于MVC4使用哪种加密?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!