前言:
这一节提供一个简单的功能,这个功能看似简单,找了一下没找到EF链接数据库串的加密帮助文档,只能自己写了,这样也更加符合自己的加密要求
- 有时候我们发布程序为了避免程序外的SQL链接串明文暴露,需要进行一些加密手段!
- 加密主要分几类:对称加密,非对称加密,散列算法(自己百度脑补,这里不再多说)
- 我这里选择AES 256位的加密,主要加密速度算法快,安全性高,资源消耗低。
- 公司一直在使用AES加密来加密一些小数据量的数据,比较方法和安全
这是我选择加密AES的理由,当然你可以选择其他有名的加密算法,比如MD5,SHA,3DES.(注:大公司应该都是禁止自行写算法的来加解密的)
知识点:
数据的使用跟我们登录流程基本都是一样的,获取加密链接串,然后解密使用
所以我们需要:
- 加密类
- 加密工具
- EF在何处使用链接字符串
1.加密类
???using System;using System.Collections.Generic;using System.Linq;using System.Text;using System.Threading.Tasks;using System.Security.Cryptography;using System.IO;namespace Apps.Common{ ???public class AESEncryptHelper ???{ ???????/// <summary> ???????/// 获取密钥 ???????/// </summary> ???????private static string Key ???????{ ???????????get { return @")O[NB]6,YF}+efcaj{+oESb9d8>Z‘e9M"; } ???????} ???????/// <summary> ???????/// 获取向量 ???????/// </summary> ???????private static string IV ???????{ ???????????get { return @"L+\~f4,Ir)b$=pkf"; } ???????} ???????#region 参数是byte[]类型 ???????/// <summary> ???????/// AES加密 ???????/// </summary> ???????/// <param name="Data">被加密的明文</param> ???????/// <param name="Key">密钥</param> ???????/// <param name="Vector">向量</param> ???????/// <returns>密文</returns> ???????public static Byte[] AESEncrypt(Byte[] Data, String Key, String Vector) ???????{ ???????????Byte[] bKey = new Byte[32]; ???????????Array.Copy(Encoding.UTF8.GetBytes(Key.PadRight(bKey.Length)), bKey, bKey.Length); ???????????Byte[] bVector = new Byte[16]; ???????????Array.Copy(Encoding.UTF8.GetBytes(Vector.PadRight(bVector.Length)), bVector, bVector.Length); ???????????Byte[] Cryptograph = null; // 加密后的密文 ???????????Rijndael Aes = Rijndael.Create(); ???????????try ???????????{ ???????????????// 开辟一块内存流 ???????????????using (MemoryStream Memory = new MemoryStream()) ???????????????{ ???????????????????// 把内存流对象包装成加密流对象 ???????????????????using (CryptoStream Encryptor = new CryptoStream(Memory, ????????????????????Aes.CreateEncryptor(bKey, bVector), ????????????????????CryptoStreamMode.Write)) ???????????????????{ ???????????????????????// 明文数据写入加密流 ???????????????????????Encryptor.Write(Data, 0, Data.Length); ???????????????????????Encryptor.FlushFinalBlock(); ???????????????????????Cryptograph = Memory.ToArray(); ???????????????????} ???????????????} ???????????} ???????????catch ???????????{ ???????????????Cryptograph = null; ???????????} ???????????return Cryptograph; ???????} ???????/// <summary> ???????/// AES解密 ???????/// </summary> ???????/// <param name="Data">被解密的密文</param> ???????/// <param name="Key">密钥</param> ???????/// <param name="Vector">向量</param> ???????/// <returns>明文</returns> ???????public static Byte[] AESDecrypt(Byte[] Data, String Key, String Vector) ???????{ ???????????Byte[] bKey = new Byte[32]; ???????????Array.Copy(Encoding.UTF8.GetBytes(Key.PadRight(bKey.Length)), bKey, bKey.Length); ???????????Byte[] bVector = new Byte[16]; ???????????Array.Copy(Encoding.UTF8.GetBytes(Vector.PadRight(bVector.Length)), bVector, bVector.Length); ???????????Byte[] original = null; // 解密后的明文 ???????????Rijndael Aes = Rijndael.Create(); ???????????try ???????????{ ???????????????// 开辟一块内存流,存储密文 ???????????????using (MemoryStream Memory = new MemoryStream(Data)) ???????????????{ ???????????????????// 把内存流对象包装成加密流对象 ???????????????????using (CryptoStream Decryptor = new CryptoStream(Memory, ???????????????????Aes.CreateDecryptor(bKey, bVector), ???????????????????CryptoStreamMode.Read)) ???????????????????{ ???????????????????????// 明文存储区 ???????????????????????using (MemoryStream originalMemory = new MemoryStream()) ???????????????????????{ ???????????????????????????Byte[] Buffer = new Byte[1024]; ???????????????????????????Int32 readBytes = 0; ???????????????????????????while ((readBytes = Decryptor.Read(Buffer, 0, Buffer.Length)) > 0) ???????????????????????????{ ???????????????????????????????originalMemory.Write(Buffer, 0, readBytes); ???????????????????????????} ???????????????????????????original = originalMemory.ToArray(); ???????????????????????} ???????????????????} ???????????????} ???????????} ???????????catch ???????????{ ???????????????original = null; ???????????} ???????????return original; ???????} ???????#endregion ???????#region 参数是string类型 ?????????????/// <summary> ???????/// AES加密 ???????/// </summary> ???????/// <param name="plainStr">明文字符串</param> ???????/// <returns>密文</returns> ???????public static string AESEncrypt(string plainStr) ???????{ ???????????byte[] bKey = Encoding.UTF8.GetBytes(Key); ???????????byte[] bIV = Encoding.UTF8.GetBytes(IV); ???????????byte[] byteArray = Encoding.UTF8.GetBytes(plainStr); ???????????string encrypt = null; ???????????Rijndael aes = Rijndael.Create(); ???????????using (MemoryStream mStream = new MemoryStream()) ???????????{ ???????????????using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(bKey, bIV), CryptoStreamMode.Write)) ???????????????{ ???????????????????cStream.Write(byteArray, 0, byteArray.Length); ???????????????????cStream.FlushFinalBlock(); ???????????????????encrypt = Convert.ToBase64String(mStream.ToArray()); ???????????????} ???????????} ???????????aes.Clear(); ???????????return encrypt; ???????} ???????/// <summary> ???????/// AES加密 ???????/// </summary> ???????/// <param name="plainStr">明文字符串</param> ???????/// <param name="returnNull">加密失败时是否返回 null,false 返回 String.Empty</param> ???????/// <returns>密文</returns> ???????public static string AESEncrypt(string plainStr, bool returnNull) ???????{ ???????????string encrypt = AESEncrypt(plainStr); ???????????return returnNull ? encrypt : (encrypt == null ? String.Empty : encrypt); ???????} ???????/// <summary> ???????/// AES解密 ???????/// </summary> ???????/// <param name="encryptStr">密文字符串</param> ???????/// <returns>明文</returns> ???????public static string AESDecrypt(string encryptStr) ???????{ ???????????byte[] bKey = Encoding.UTF8.GetBytes(Key); ???????????byte[] bIV = Encoding.UTF8.GetBytes(IV); ???????????byte[] byteArray = Convert.FromBase64String(encryptStr); ???????????string decrypt = null; ???????????Rijndael aes = Rijndael.Create(); ???????????using (MemoryStream mStream = new MemoryStream()) ???????????{ ???????????????using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateDecryptor(bKey, bIV), CryptoStreamMode.Write)) ???????????????{ ???????????????????cStream.Write(byteArray, 0, byteArray.Length); ???????????????????cStream.FlushFinalBlock(); ???????????????????decrypt = Encoding.UTF8.GetString(mStream.ToArray()); ???????????????} ???????????} ???????????aes.Clear(); ???????????return decrypt; ???????} ???????/// <summary> ???????/// AES解密 ???????/// </summary> ???????/// <param name="encryptStr">密文字符串</param> ???????/// <param name="returnNull">解密失败时是否返回 null,false 返回 String.Empty</param> ???????/// <returns>明文</returns> ???????public static string AESDecrypt(string encryptStr, bool returnNull) ???????{ ???????????string decrypt = AESDecrypt(encryptStr); ???????????return returnNull ? decrypt : (decrypt == null ? String.Empty : decrypt); ???????} ???????#endregion ???????#region 256位AES加密算法 ???????/// <summary> ???????/// 256位AES加密 ???????/// </summary> ???????/// <param name="toEncrypt"></param> ???????/// <returns></returns> ???????public static string Encrypt(string toEncrypt) ???????{ ???????????// 256-AES key ???????????????byte[] keyArray = UTF8Encoding.UTF8.GetBytes(Key); ???????????byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt); ???????????RijndaelManaged rDel = new RijndaelManaged(); ???????????rDel.Key = keyArray; ???????????rDel.Mode = CipherMode.ECB; ???????????rDel.Padding = PaddingMode.PKCS7; ???????????ICryptoTransform cTransform = rDel.CreateEncryptor(); ???????????byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); ???????????return Convert.ToBase64String(resultArray, 0, resultArray.Length); ???????} ???????/// <summary> ???????/// 256位AES解密 ???????/// </summary> ???????/// <param name="toDecrypt"></param> ???????/// <returns></returns> ???????public static string Decrypt(string toDecrypt) ???????{ ???????????// 256-AES key ???????????????byte[] keyArray = UTF8Encoding.UTF8.GetBytes(Key); ???????????byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); ???????????RijndaelManaged rDel = new RijndaelManaged(); ???????????rDel.Key = keyArray; ???????????rDel.Mode = CipherMode.ECB; ???????????rDel.Padding = PaddingMode.PKCS7; ???????????ICryptoTransform cTransform = rDel.CreateDecryptor(); ???????????byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); ???????????return UTF8Encoding.UTF8.GetString(resultArray); ???????} ???????#endregion ???}}网上一抓一大把,自己搜索想要的加密类啦!
2.加密工具
加密工具这个网上抓不到,需要自己结合加密类来开发,这个不用我带领大伙来开发吧,好吧
新建一个WinFrom程序,命名Apps.EncryptHelper,引用你加密类的所在的类库,或者直接放到Apps.EncryptHelper下就可以
从工具栏拉取2个TextBox和2个Button排版好,基本页面就做完了,最后分别双击两个按钮进入事件实现代码
using System;using System.Collections.Generic;using System.ComponentModel;using System.Data;using System.Drawing;using System.Linq;using System.Text;using System.Threading.Tasks;using System.Windows.Forms;using Apps.Common;namespace Apps.EncryptHelper{ ???public partial class Encrypt : Form ???{ ???????public Encrypt() ???????{ ???????????InitializeComponent(); ???????} ???????//加密 ???????private void btnEncrypt_Click(object sender, EventArgs e) ???????{ ???????????if (string.IsNullOrEmpty(txtSourceText.Text)) ???????????{ ???????????????MessageBox.Show("没数据加毛密-_-!"); ???????????????return; ???????????} ???????????else ???????????{ ??????????????txtResultText.Text = AESEncryptHelper.Encrypt(txtSourceText.Text); ???????????} ???????} ???????//解密 ???????private void btnDecrypt_Click(object sender, EventArgs e) ???????{ ???????????if (string.IsNullOrEmpty(txtSourceText.Text)) ???????????{ ???????????????MessageBox.Show("没数据解毛密-_-!"); ???????????????return; ???????????} ???????????else if (!IsBase64Formatted(txtSourceText.Text)) ???????????{ ???????????????MessageBox.Show("别逗了,我只认识被我加过密的?"); ???????????????return; ???????????} ???????????else ???????????{ ???????????????txtResultText.Text = AESEncryptHelper.Decrypt(txtSourceText.Text); ???????????} ???????} ???????public static bool IsBase64Formatted(string input) ???????{ ???????????try ???????????{ ???????????????Convert.FromBase64String(input); ???????????????return true; ???????????} ???????????catch ???????????{ ???????????????return false; ???????????} ???????} ???}}几十行代码,解决车房老婆问题!运行....
.
3.结合进EF
这块还是比较容易搞定的
第一:找到web.config的connectionStrings的EF链接串
第二:把修改对应Key串的Value
?<connectionStrings> ???<add name="DBContainer" connectionString="ka7ocMA8nEYPjbQYUlVwbsmTeIdxKGE+ZfXAu3/0eMhVRP+iN+9ECpY/lItoY9vfZVDA9EVgmMzH/8Z0rxRIhGPRhVMFWliBuJ9RDGtHbqRY02voyLbrZ7IiXRnXyhlLFsvgj23KXnHl8J6jxB1QNsmuUxPlqnD6HP9y5RQq2EJ//OT+uKqhVC1qUqVzdY+XR6HX/O5jGk6kJGk3Nk83qo09eBOundO7OdxQG9SXPUYNyZjhyx9YV2/1UbghuxHrxHrAuxiE4mJLqH/rusjAy8d3LS/ROiiBszSY+I400Ce4NigDwZaG679yvBKBQ5pg" providerName="System.Data.EntityClient" /> ?</connectionStrings>
第三:找到EF读取串的地方
这里必须读取解密后发的字符串,所以我们再写一个方法来获取解密后的字符串ConfigPara
using System;using System.Collections.Generic;using System.Linq;using System.Text;using System.Threading.Tasks;namespace Apps.Common{ ???public class ConfigPara ???{ ???????public static string EFDBConnection { ???????????get { ???????????????string connection = System.Configuration.ConfigurationManager.ConnectionStrings["DBContainer"].ConnectionString; ???????????????return AESEncryptHelper.Decrypt(connection); ???????????} ???????} ???}}注意修改后也是没有用的,会回档,因为这个类是根据T4生成的,所以我们必须修改T4
修改对应红框的位置!
搞破坏的,难道你现在还能看懂我的连接串?:-)
ok。实现加密,运行正常
大家赶快把他继承到系统里面!
谢谢大家!
ASP.NET MVC5+EF6+EasyUI 后台管理系统(62)-EF链接串加密
原文地址:https://www.cnblogs.com/sjqq/p/8889464.html