程序编辑当中安全是比较重要的,很多文件我们需要进行加密才能确保其安全,现在流行的加密就是md5加密,md5加密虽说是不可逆的,但是现在网上有专破解md5的机构,使得md5不再安全。
其实我们可以利用对称算法SymmetricAlgorithm的抽象基类实现带私钥的加密/解密算法。例如:我们可以对数据库连接字符串进行加密,即使我们的程序有漏洞,黑客侵入到源码服务器,但是我们的数据库字符串是加密的,黑客也无法得到数据库连接地址,这就不能够修改数据库信息。
下面提供对称算法SymmetricAlgorithm的抽象基类实现带私钥的加密/解密算法的封装类,把代码复制,命名cs文件名为:conn.cs。
/*开始
using System.Collections;
using System.Configuration;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Text.RegularExpressions;
namespace chat.comm
{
/// <summary>
/// 数据库连接加密解密程序
/// </summary>
public class conn
{
private SymmetricAlgorithm mobjCryptoService;
private string DecKey;
private string DecIV;
public conn()
{
mobjCryptoService = new RijndaelManaged();
DecKey = "asdfsdfsdf534534543*(&(^)(*(*)/KVwgPDwDhEB1c2qPEQOuUI7Wxu/Lh%(HilFiqWr4uJ$j!y6&(*jkP87jH7";
DecIV = "JKHJLJK(*&^&)&HKLJKLJL$NauRU7cEQjADEewXXQxJW(u%g6HJ($jh7&!hg4ui%$hjk";
}
/// <summary>
/// 获得数据库连接
/// </summary>
/// <returns>数据库连接字符串</returns>
public string GetConnString()
{
string getConnectionString = ConfigurationSettings.AppSettings["ConnString"];
string strConn = Decrypto(getConnectionString);
return strConn;
}
/// <summary>
/// 加密数据库连接
/// </summary>
/// <returns>加密数据库连接字符串</returns>
public string EnGetConnString()
{
string getConnectionString = ConfigurationSettings.AppSettings["ConnString"];
string strConn = Encrypto(getConnectionString);
return strConn;
}
/// <summary>
/// 获得密钥
/// </summary>
/// <returns>密钥</returns>
private byte[] GetLegalKey()
{
string sTemp = DecKey;
mobjCryptoService.GenerateKey();
byte[] bytTemp = mobjCryptoService.Key;
int KeyLength = bytTemp.Length;
if (sTemp.Length > KeyLength)
sTemp = sTemp.Substring(0, KeyLength);
else if (sTemp.Length < KeyLength)
sTemp = sTemp.PadRight(KeyLength, ' ');
return ASCIIEncoding.ASCII.GetBytes(sTemp);
}
/// <summary>
/// 获得初始向量IV
/// </summary>
/// <returns>初试向量IV</returns>
private byte[] GetLegalIV()
{
string sTemp = DecIV;
mobjCryptoService.GenerateIV();
byte[] bytTemp = mobjCryptoService.IV;
int IVLength = bytTemp.Length;
if (sTemp.Length > IVLength)
sTemp = sTemp.Substring(0, IVLength);
else if (sTemp.Length < IVLength)
sTemp = sTemp.PadRight(IVLength, ' ');
return ASCIIEncoding.ASCII.GetBytes(sTemp);
}
/// <summary>
/// 加密方法
/// </summary>
/// <param name="Source">待加密的串</param>
/// <returns>经过加密的串</returns>
public string Encrypto(string Source)
{
byte[] bytIn = UTF8Encoding.UTF8.GetBytes(Source);
MemoryStream ms = new MemoryStream();
mobjCryptoService.Key = GetLegalKey();
mobjCryptoService.IV = GetLegalIV();
ICryptoTransform encrypto = mobjCryptoService.CreateEncryptor();
CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Write);
cs.Write(bytIn, 0, bytIn.Length);
cs.FlushFinalBlock();
ms.Close();
byte[] bytOut = ms.ToArray();
return Convert.ToBase64String(bytOut);
}
/// <summary>
/// 解密方法
/// </summary>
/// <param name="Source">待解密的串</param>
/// <returns>经过解密的串</returns>
public string Decrypto(string Source)
{
byte[] bytIn = Convert.FromBase64String(Source);
MemoryStream ms = new MemoryStream(bytIn, 0, bytIn.Length);
mobjCryptoService.Key = GetLegalKey();
mobjCryptoService.IV = GetLegalIV();
ICryptoTransform encrypto = mobjCryptoService.CreateDecryptor();
CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Read);
StreamReader sr = new StreamReader(cs);
return sr.ReadToEnd();
}
}
}
/*结束
例如我们要对数据库连接字符串加密:Data Source=RGGF-9265FDC038\SQL2000;User ID=sa;Password=sa123456。
调用conn.cs代码为:string connStr = new conn().EnGetConnString(),把加密后的字符串放到web.config当中。程序中需要调用数据库连接字符串的时候,只需解密就可以了:string connStr = new conn().GetConnString(),