EF--Codefirst 加密數據庫連接字符串
一.加密SQL連接符
public LifeHelpContext() : base("SQLConnectionString"){ } public LifeHelpContext(string sql =@"DataSource=.;UserID=sa;PassWord=123456;InitialCatalog=TestDb;MultipleActiveResultSets=True;") : base(sql) //當sql省略時的時候,給定一個數據庫連接字符串{ }
LifeHelpContext 繼承的是 DbContext�,public LifeHelpContext() : base("SQLConnectionString")��,可以是App.Config或(Web.config) 里的數據庫連接字符串 Name值等�。
數據庫連接字符串:connectionString="Data Source=.;User ID=sa;Password=123456;Initial Catalog=TestDb;MultipleActiveResultSets=True;" />
<connectionStrings><add name="SQLConnectionString" PRoviderName="System.Data.SqlClient"connectionString="Data Source=.;User ID=sa;Password=123456;Initial Catalog=TestDb;MultipleActiveResultSets=True;" /><add name="TestSQLConnection" providerName="System.Data.SqlClient"connectionString="Data Source=.;User ID=sa;Password=123456;Initial Catalog=TestDb2;MultipleActiveResultSets=True;" /></connectionStrings>
可以配置同一類型數據庫不同地址,比如開發版��、測試版等�����,也可以配置多數據庫類型(EF支持的數據庫(MSSQL����、Oracle等)。也可以直接寫 數據庫連接�����,直接寫數據庫方便加密連接���。
二.加密算法
2.1 加密用的是DES加密
_iv = "67^%*(&(*Ghx7!rNIfb&95GUY86GfghUb#er57HBh(u%g6HJ($jhWk7&!hg4ui%$hjk"; //iv 向量 /// <summary> /// 加密文本 /// </summary> /// <param name="encryptoContext"></param> /// <param name="cryptoKey"></param> /// <returns></returns> public string EncryptContext(string encryptoContext, string cryptoKey) { //取 8 位 key cryptoKey = cryptoKey.PadLeft(8, '0').Substring(0, 8); //設置加密的 key���,其值來自參數 byte[] key = Encoding.UTF8.GetBytes(cryptoKey); //設置加密的 iv 向量����,這里使用硬編碼演示 byte[] iv = Encoding.UTF8.GetBytes(_iv); //將需要加密的正文放進 byte 數組 byte[] context = Encoding.UTF8.GetBytes(encryptoContext); using (DESCryptoServiceProvider des = new DESCryptoServiceProvider()) { using (MemoryStream ms = new MemoryStream()) { using (CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, iv), CryptoStreamMode.Write)) { cs.Write(context, 0, context.Length); //將緩沖區數據寫入����,然后清空緩沖區 cs.FlushFinalBlock(); } //從內存流返回結果,并編碼為 base64string return Convert.ToBase64String(ms.ToArray()); } } }
2.2 解密部分
/// <summary> /// 解密文本 /// </summary> /// <param name="decryptoContext"></param> /// <returns></returns> public string DecryptContext(string decryptoContext, string cryptoKey) { //取 8 位 key cryptoKey = cryptoKey.PadLeft(8, '0').Substring(0, 8); //設置解密的 key��,其值來自參數 byte[] key = Encoding.UTF8.GetBytes(cryptoKey); //設置解密的 iv 向量��,這里使用硬編碼演示 byte[] iv = Encoding.UTF8.GetBytes(_iv); //將解密正文返回到 byte 數組���,加密時編碼為 base64string �����,這里要使用 FromBase64String 直接取回 byte 數組 byte[] context = Convert.FromBase64String(decryptoContext); using (DESCryptoServiceProvider des = new DESCryptoServiceProvider()) { using (MemoryStream ms = new MemoryStream()) { using (CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(key, iv), CryptoStreamMode.Write)) { cs.Write(context, 0, context.Length); //將當前緩沖區寫入綁定的內存流��,然后清空緩沖區 cs.FlushFinalBlock(); } //從內存流返回值,并編碼到 UTF8 輸出原文 return Encoding.UTF8.GetString(ms.ToArray()); } } }
2.3 業務層�����,定義基類調用解密經過加密過的數據連接字符串
public class BllBase { protected readonly LifeHelpContext Dal; protected BllBase() { FileEncrypt fileEncrypt = new FileEncrypt(); string trConnection = ConfigurationManager.ConnectionStrings["SQLConnectionString"].ConnectionString; if (fileEncrypt.SqlConnectionIsEncrypted(trConnection,"19880125")) { trConnection = fileEncrypt.DecryptContext(trConnection); } Dal = new LifeHelpContext(trConnection); } } /// <summary> /// 驗證是否符合指定的連接字符串格式 /// </summary> /// <param name="content"></param> /// <returns></returns> public bool SqlConnectionIsEncrypted(string content) { Regex regex = new Regex(@"Data Source=(/S+);User ID=(/S+);Password=(/S+);Initial Catalog=(.+)"); return !regex.IsMatch(content); }
