时间:2021-12-14 10:43:22 | 栏目:.NET代码 | 点击:次
有些项目尤其是WinForm或者是WPF项目,针对一些工具形式的小项目,不想软件流出去之后,懂程序的的拿到手之后一看配置文件就知道了我们数据库的用户名和密码,如果外网能访问的话,那就麻烦大了。所以这里为了防止项目外泄之后这些信息不被别人看到,我们就需要对链接字符串或者其他重要信息进行加密,用的时候在解密。
思路:使用两个数对连接字符串进行加密,再用这两个数进行解密。
<add key="ConfigString" value="4HsXBRNXTkeN0ZoKdEwFE501TKSqLZUyJ0Zf+C7s5+gPd1SbWBiuh4PG6jeFgcnCTFr0QFW8FN40m/S8xmQq+8srL8taMLO23z6GSmaQJoM="/>
直接上代码:
1:定义一个初始化源数据的类。
public class ConfigInformation { private static ConfigInformation _configInformation; public ConfigInformation Instance { get { if (_configInformation == null) { _configInformation = new ConfigInformation(); } return _configInformation; } } // 数据库链接字符串加解密 Key Value public static String Key = "27e167e9-2660-4bc1-bea0-c8781a9f01cb"; public static String Vector = "8280d587-f9bf-4127-bbfa-5e0b4b672958"; }
2:加解密方法:
/// <summary> /// 加密 解密 /// </summary> public class DecryptAndEncryptionHelper { private readonly SymmetricAlgorithm _symmetricAlgorithm; private const String DefKey = "qazwsxedcrfvtgb!@#$%^&*(tgbrfvedcwsxqaz)(*&^%$#@!"; private String _key = ""; public String Key { get { return _key; } set { if (!String.IsNullOrEmpty(value)) { _key = value; } else { _key = DefKey; } } } private const String DefIV = "tgbrfvedcwsxqaz)(*&^%$#@!qazwsxedcrfvtgb!@#$%^&*("; private String _iv = ""; public String IV { get { return _iv; } set { if (!String.IsNullOrEmpty(value)) { _iv = value; } else { _iv = DefIV; } } } public DecryptAndEncryptionHelper() { _symmetricAlgorithm = new RijndaelManaged(); } public DecryptAndEncryptionHelper(String Key, String IV) { _symmetricAlgorithm = new RijndaelManaged(); _key = String.IsNullOrEmpty(Key) ? DefKey : Key; _iv = String.IsNullOrEmpty(IV) ? DefIV : IV; } /// <summary> /// Get Key /// </summary> /// <returns>密钥</returns> private byte[] GetLegalKey() { _symmetricAlgorithm.GenerateKey(); byte[] bytTemp = _symmetricAlgorithm.Key; int KeyLength = bytTemp.Length; if (_key.Length > KeyLength) _key = _key.Substring(0, KeyLength); else if (_key.Length < KeyLength) _key = _key.PadRight(KeyLength, '#'); return ASCIIEncoding.ASCII.GetBytes(_key); } /// <summary> /// Get IV /// </summary> private byte[] GetLegalIV() { _symmetricAlgorithm.GenerateIV(); byte[] bytTemp = _symmetricAlgorithm.IV; int IVLength = bytTemp.Length; if (_iv.Length > IVLength) _iv = _iv.Substring(0, IVLength); else if (_iv.Length < IVLength) _iv = _iv.PadRight(IVLength, '#'); return ASCIIEncoding.ASCII.GetBytes(_iv); } /// <summary> /// Encrypto 加密 /// </summary> public string Encrypto(string Source) { byte[] bytIn = UTF8Encoding.UTF8.GetBytes(Source); MemoryStream ms = new MemoryStream(); _symmetricAlgorithm.Key = GetLegalKey(); _symmetricAlgorithm.IV = GetLegalIV(); ICryptoTransform encrypto = _symmetricAlgorithm.CreateEncryptor(); CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Write); cs.Write(bytIn, 0, bytIn.Length); cs.FlushFinalBlock(); ms.Close(); byte[] bytOut = ms.ToArray(); return Convert.ToBase64String(bytOut); } /// <summary> /// Decrypto 解密 /// </summary> public string Decrypto(string Source) { byte[] bytIn = Convert.FromBase64String(Source); MemoryStream ms = new MemoryStream(bytIn, 0, bytIn.Length); _symmetricAlgorithm.Key = GetLegalKey(); _symmetricAlgorithm.IV = GetLegalIV(); ICryptoTransform encrypto = _symmetricAlgorithm.CreateDecryptor(); CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Read); StreamReader sr = new StreamReader(cs); return sr.ReadToEnd(); } }
3:使用
// 获取加密的链接字符串,然后解密 string enString = ConfigurationManager.AppSettings["ConfigString"]; DecryptAndEncryptionHelper helper = new DecryptAndEncryptionHelper(ConfigInformation.Key, ConfigInformation.Vector); // 明文 var configStr = helper.Decrypto(enString); return configStr;
这样至少保证了数据的不外泄。
注意:这个加密和解密的算法方法,应该放在服务器。通过请求加解密方法。不应该放在本地代码里,技术牛的的人,把你的项目反编译一样可以看到源代码。
我们在把加密源数据找出来。
所以这个加解密代码不能写在本地,必须部署到安全的服务器上。
总结