有些項目尤其是winform或者是wpf項目,針對一些工具形式的小項目,不想軟件流出去之后,懂程序的的拿到手之后一看配置文件就知道了我們數據庫的用戶名和密碼,如果外網能訪問的話,那就麻煩大了。所以這里為了防止項目外泄之后這些信息不被別人看到,我們就需要對鏈接字符串或者其他重要信息進行加密,用的時候在解密。
思路:使用兩個數對連接字符串進行加密,再用這兩個數進行解密。
|
1
|
<add key="configstring" value="4hsxbrnxtken0zokdewfe501tksqlzuyj0zf+c7s5+gpd1sbwbiuh4pg6jefgcnctfr0qfw8fn40m/s8xmqq+8srl8tamlo23z6gsmaqjom="/> |
直接上代碼:
1:定義一個初始化源數據的類。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
public class configinformation { private static configinformation _configinformation; public configinformation instance { get { if (_configinformation == null) { _configinformation = new configinformation(); } return _configinformation; } } // 數據庫鏈接字符串加解密 key value public static string key = "27e167e9-2660-4bc1-bea0-c8781a9f01cb"; public static string vector = "8280d587-f9bf-4127-bbfa-5e0b4b672958"; } |
2:加解密方法:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
/// <summary> /// 加密 解密 /// </summary> public class decryptandencryptionhelper { private readonly symmetricalgorithm _symmetricalgorithm; private const string defkey = "qazwsxedcrfvtgb!@#$%^&*(tgbrfvedcwsxqaz)(*&^%$#@!"; private string _key = ""; public string key { get { return _key; } set { if (!string.isnullorempty(value)) { _key = value; } else { _key = defkey; } } } private const string defiv = "tgbrfvedcwsxqaz)(*&^%$#@!qazwsxedcrfvtgb!@#$%^&*("; private string _iv = ""; public string iv { get { return _iv; } set { if (!string.isnullorempty(value)) { _iv = value; } else { _iv = defiv; } } } public decryptandencryptionhelper() { _symmetricalgorithm = new rijndaelmanaged(); } public decryptandencryptionhelper(string key, string iv) { _symmetricalgorithm = new rijndaelmanaged(); _key = string.isnullorempty(key) ? defkey : key; _iv = string.isnullorempty(iv) ? defiv : iv; } /// <summary> /// get key /// </summary> /// <returns>密鑰</returns> private byte[] getlegalkey() { _symmetricalgorithm.generatekey(); byte[] byttemp = _symmetricalgorithm.key; int keylength = byttemp.length; if (_key.length > keylength) _key = _key.substring(0, keylength); else if (_key.length < keylength) _key = _key.padright(keylength, '#'); return asciiencoding.ascii.getbytes(_key); } /// <summary> /// get iv /// </summary> private byte[] getlegaliv() { _symmetricalgorithm.generateiv(); byte[] byttemp = _symmetricalgorithm.iv; int ivlength = byttemp.length; if (_iv.length > ivlength) _iv = _iv.substring(0, ivlength); else if (_iv.length < ivlength) _iv = _iv.padright(ivlength, '#'); return asciiencoding.ascii.getbytes(_iv); } /// <summary> /// encrypto 加密 /// </summary> public string encrypto(string source) { byte[] bytin = utf8encoding.utf8.getbytes(source); memorystream ms = new memorystream(); _symmetricalgorithm.key = getlegalkey(); _symmetricalgorithm.iv = getlegaliv(); icryptotransform encrypto = _symmetricalgorithm.createencryptor(); cryptostream cs = new cryptostream(ms, encrypto, cryptostreammode.write); cs.write(bytin, 0, bytin.length); cs.flushfinalblock(); ms.close(); byte[] bytout = ms.toarray(); return convert.tobase64string(bytout); } /// <summary> /// decrypto 解密 /// </summary> public string decrypto(string source) { byte[] bytin = convert.frombase64string(source); memorystream ms = new memorystream(bytin, 0, bytin.length); _symmetricalgorithm.key = getlegalkey(); _symmetricalgorithm.iv = getlegaliv(); icryptotransform encrypto = _symmetricalgorithm.createdecryptor(); cryptostream cs = new cryptostream(ms, encrypto, cryptostreammode.read); streamreader sr = new streamreader(cs); return sr.readtoend(); } } |
3:使用
|
1
2
3
4
5
6
|
// 獲取加密的鏈接字符串,然后解密string enstring = configurationmanager.appsettings["configstring"];decryptandencryptionhelper helper = new decryptandencryptionhelper(configinformation.key, configinformation.vector);// 明文var configstr = helper.decrypto(enstring); return configstr; |
這樣至少保證了數據的不外泄。
注意:這個加密和解密的算法方法,應該放在服務器。通過請求加解密方法。不應該放在本地代碼里,技術牛的的人,把你的項目反編譯一樣可以看到源代碼。
我們在把加密源數據找出來。
所以這個加解密代碼不能寫在本地,必須部署到安全的服務器上。
總結
以上所述是小編給大家介紹的c# 數據庫鏈接字符串加密解密工具代碼詳解,希望對大家有所幫助,如果大家有任何疑問請給我留言,小編會及時回復大家的。在此也非常感謝大家對服務器之家網站的支持!
原文鏈接:http://www.cnblogs.com/wendj/p/9019160.html
