由于安全需要,我们发布的程序不应该将连接字符串直接暴露给终端用户,所以有必要对配置文件中的连接字符串加密。
这里简要介绍在安装程序中为连接字符串加密的方法(针对winform程序)。
[RunInstaller(true)]
public class InstallAction : Installer
{
public override void Install(System.Collections.IDictionary stateSaver)
{
base.Install(stateSaver);
mEncryptConfig();
}
/// <summary>
/// 安装路径
/// </summary>
private string _installPath
{
get
{
return Context.Parameters["TARGETDIR"];
}
}
/// <summary>
/// 配置文件路径 configuration file path
/// </summary>
private string XmlPath
{
get
{
return Path.Combine(_installPath, @""); 在线教程
}
}
private void mEncryptConfig()
{
XmlDocument doc = new XmlDocument();
doc.Load(XmlPath);
XmlNode connectionStringsNode = doc.SelectSingleNode("/configuration/connectionStrings");//查找connectionstring结点
DESProtectedConfigurationProvider provider = new DESProtectedConfigurationProvider();
XmlElement newConnectionStringsNode = doc.CreateElement("EncryptedData");
newConnectionStringsNode.InnerXml = provider.Encrypt(connectionStringsNode).InnerXml;//加密字符串
connectionStringsNode.RemoveAll();
connectionStringsNode.AppendChild(newConnectionStringsNode as XmlNode);//删除并替换connectionstring结点 45398 it55学习IT知识,享受IT生活 4dfkjn
XmlAttribute configProtectionAtt = doc.CreateAttribute("configProtectionProvider");
configProtectionAtt.Value = "DESProtectedConfigurationProvider";
connectionStringsNode.Attributes.Append(configProtectionAtt);
doc.Save(XmlPath);
}
}
然后创建用于加密解密的类DESProtectedConfigurationProvider.cs
代码如下
public class DESProtectedConfigurationProvider : ProtectedConfigurationProvider
{
//Set Key and IV
private byte[] desKey = { 23, 44, 54, 12, 42, 77, 45, 33 };
private byte[] desIV = { 39, 48, 5, 32, 55, 46, 30, 99 };
//Create DES provider
private DESCryptoServiceProvider mProvider = new DESCryptoServiceProvider(); 在线教程
private string pName;
// Gets the provider name.
public override string Name
{
get { return pName; }
}
// Performs provider initialization.
public override void Initialize(string name,
NameValueCollection config)
{
pName = name;
}
public override System.Xml.XmlNode Decrypt(XmlNode encryptedNode)
{
string decryptedData = DecryptString(encryptedNode.InnerText);
xmlDoc.PreserveWhitespace = true;
xmlDoc.LoadXml(decryptedData);
}
public override System.Xml.XmlNode Encrypt(XmlNode node)
{
string encryptedData = EncryptString(node.OuterXml);
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.LoadXml("<EncryptedData>" +
encryptedData + "</EncryptedData>");
return xmlDoc.DocumentElement;
}
// Encrypts a configuration section and returns
// the encrypted XML as a string.
private string EncryptString(string encryptValue)
{
// Create a memory stream.
MemoryStream ms = new MemoryStream();
// CSP DES key.
CryptoStream encStream = new CryptoStream(ms, mProvider.CreateEncryptor(desKey, desIV), CryptoStreamMode.Write);
// Create a StreamWriter to write a string
// to the stream.
StreamWriter sw = new StreamWriter(encStream);
// Write the plaintext to the stream.
sw.WriteLine(encryptValue);
// Close the StreamWriter and CryptoStream.
sw.Close();
encStream.Close();
// the memory stream.
string encryptedValue = Convert.ToBase64String(ms.ToArray());
// Close the memory stream.
ms.Close(); sflj kg^&fgd
// Return the encrypted byte array.
return encryptedValue;
}
// Decrypts an encrypted configuration section and
// returns the unencrypted XML as a string.
private string DecryptString(string encryptedValue)
{
// Create a memory stream to the passed buffer.
MemoryStream ms = new MemoryStream(Convert.FromBase64String(encryptedValue));
// Create a CryptoStream using the memory stream and the
// CSP DES key.
CryptoStream encStream = new CryptoStream(ms, mProvider.CreateDecryptor(desKey, desIV), CryptoStreamMode.Read);
// Create a StreamReader for reading the stream.
StreamReader sr = new StreamReader(encStream);
// Read the stream as a string.
string val = sr.ReadToEnd();
// Close the streams.
sr.Close();
encStream.Close();
ms.Close();
return val;
}
} http:// /
在安装程序中将该项目一起输出。
ok,一切完毕。
