加密解密模塊可以滿足常用的對(duì)稱加解密和hash功能要求。在應(yīng)用中加入模塊,需要下面的步驟:
1)添加對(duì)模塊的程序集引用。添加對(duì)程序集Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll的引用。
2)添加對(duì)程序集Microsoft.Practices.ObjectBuilder2.dll和Microsoft.Practices.EnterpriseLibrary.Common.dll的引用。
3)在需要模塊功能的文件中引入命名空間
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
4)在代碼中使用模塊提供的功能
典型的功能
1、使用對(duì)稱加密算法加密數(shù)據(jù)
1.1加密結(jié)果是string形式
代碼
???????????? // Encrypt?the?Sensitive?Data?String
???????????? string ?encryptedContentBase64 = Cryptographer?.EncryptSymmetric?( " symmProvider " ,"password " );
????????????
?
1.2加密結(jié)果是bytep[]形式
?
???????????? byte []valueToEncrypt = System.Text.Encoding?.Unicode?.GetBytes?( " passowrd " );
???????????? byte ?[]encryptedContents = Cryptographer?.EncryptSymmetric?( " symmProvider " ,valueToEncrypt?);
?
1.3使用的時(shí)候有兩點(diǎn)需要注意
- 確保symmProvider是在配置中存在的對(duì)稱加解密算法,配置了適當(dāng)?shù)乃惴ā?
- 敏感數(shù)據(jù)應(yīng)該及時(shí)從內(nèi)存中清空。Array.Clear方法就是這個(gè)功能,在內(nèi)存中保留敏感數(shù)據(jù)是很危險(xiǎn)的。
2、使用對(duì)稱加密算法解密數(shù)據(jù)
2.1解密字符串
代碼
???????????? string ?encryptedContentBase64 = Cryptographer?.EncryptSymmetric?( " symmProvider ","S ensitiveData " );
????????????
???????????? // Decrypt?the?base64?encoded?string
???????????? string ?readableString = string .Empty?;
????????????readableString? = Cryptographer?.DecryptSymmetric?( " symmProvider " ,encryptedContentBase64?);
????????
?
2.2解密字符數(shù)組
代碼
???????????? byte []valueToEncrypt = System.Text.Encoding?.Unicode?.GetBytes?( " passowrd " );
???????????? byte ?[]encryptedContents = Cryptographer?.EncryptSymmetric?( " summProvider " ,valueToEncrypt?);
????????????
???????????? byte []decryptContents = Cryptographer?.DecryptSymmetric?( " symmProvider " ,encryptedContentBase64?);
???????????? string ?plainText = ( new ?System.Text.UnicodeEncoding?()).GetString?(decryptContents?);
? 2.3需要注意的地方
確保在配置文件中配置了正確的算法provider。
3、獲取數(shù)據(jù)的hash值
3.1獲取hash值
?
代碼
???????????? byte ?[]valutHash = ( new ?System.Text.UnicodeEncoding?()).GetBytes?( " password " );
???????????? byte []generatedHash = Cryptographer?.CreateHash?( " hashProvider " ,valutHash?);
????????????Array?.Clear?(generatedHash?, 0 ,generatedHash.Length?);
?
3.2注意的地方
- CreateHash方法有兩個(gè)重載,區(qū)別就是方法的返回值一個(gè)是string,一個(gè)是byte[]。
- 確保在配置中配置了相應(yīng)的hash? provider
- 及時(shí)清空敏感數(shù)據(jù),在內(nèi)存中保留敏感數(shù)據(jù)是很危險(xiǎn)的。你應(yīng)該知道,內(nèi)存中的值可以被寫回硬盤,因?yàn)椴僮飨到y(tǒng)會(huì)將數(shù)據(jù)寫到交換文件中。如果系統(tǒng)崩潰,系統(tǒng)有可能將內(nèi)存中的數(shù)據(jù)丟到硬盤上。
4、檢查hash值和文本是否匹配
?
?
代碼
???????????? byte ?[]valutHash = ( new ?System.Text.UnicodeEncoding?()).GetBytes?( " password " );
???????????? byte []generatedHash = Cryptographer?.CreateHash?( " hashProvider " ,valutHash?);
????????????
???????????? byte ?[]stringToCompare = ( new ?System.Text.UnicodeEncoding?()).GetBytes?( " TestValue " );
???????????? bool ?comparisionSuccessed = Cryptographer?.CompareHash?( " hashProvider " ,stringToCompare?,generatedHash?);
?
?
需要注意的是,一定要確保配置了適當(dāng)?shù)膆ash provider。
?
擴(kuò)展和修改加解密模塊
一、創(chuàng)建一個(gè)自定義的hash 算法provider
1、創(chuàng)建一個(gè)類
2、子文件中添加引用
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration;
3、讓類實(shí)現(xiàn)IHashProvider接口
4、添加ConfigurationElementType特性,添加CustomHashProviderData作為特性的參數(shù)。
5、添加構(gòu)造函數(shù),參數(shù)是NameValueCollection類型
6、實(shí)現(xiàn)接口的兩個(gè)方法
?
代碼
using ?System.Collections.Generic;
using ?Microsoft.Practices.EnterpriseLibrary.Common;
using ?Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using ?Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using ?Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration;
namespace ?BeautyCode.ConApp
{
????[ConfigurationElementType?( typeof ?(CustomHashProviderData?))]
???? public ? class ?MyHashProvider:IHashProvider?
????{
????????
???????? public ?MyHashProvider?(System.Collections.Specialized.NameValueCollection?attributes)
????????{
????????}
???????? public ? byte []?CreateHash( byte []?plaintext)
????????{
???????????? throw ? new ?NotImplementedException();
????????}
????????
???????? public ? bool ?CompareHash( byte []?plaintext,? byte []?hashedtext)
????????{
???????????? throw ? new ?NotImplementedException();
????????}
????}
}
?
?
二、創(chuàng)建一個(gè)自定義的對(duì)稱加解密算法
2.1添加一個(gè)類文件
2.2添加引用
using System;
using System.Collections.Generic;
using Microsoft.Practices.EnterpriseLibrary.Common;
using Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration;
2.3實(shí)現(xiàn)接口ISymmetricCryptoProvider
2.4添加ConfigurationElementType特性,參數(shù)是CustomSymmetricCryptoProviderData類型
2.5添加構(gòu)造函數(shù),參數(shù)是NameValueCollection類型
2.6實(shí)現(xiàn)接口的Encrypt和Decrypt方法
?
代碼
using ?System.Collections.Generic;
using ?Microsoft.Practices.EnterpriseLibrary.Common;
using ?Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using ?Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using ?Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration;
namespace ?BeautyCode.ConApp
{
????[ConfigurationElementType?( typeof ?(CustomSymmetricCryptoProviderData?))]
???? public ? class ?MySymmetricCryptoProvider:ISymmetricCryptoProvider?
????{
???????? public ?MySymmetricCryptoProvider?(System.Collections.Specialized.NameValueCollection?attributes)
????????{}
????????
???????? public ? byte []?Encrypt( byte []?plaintext)
????????{
???????????? throw ? new ?NotImplementedException();
????????}
????????
???????? public ? byte []?Decrypt( byte []?ciphertext)
????????{
???????????? throw ? new ?NotImplementedException();
????????}
????}
????
}
?
未完待續(xù)。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。
更多文章、技術(shù)交流、商務(wù)合作、聯(lián)系博主
微信掃碼或搜索:z360901061
微信掃一掃加我為好友
QQ號(hào)聯(lián)系: 360901061
您的支持是博主寫作最大的動(dòng)力,如果您喜歡我的文章,感覺我的文章對(duì)您有幫助,請(qǐng)用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點(diǎn)擊下面給點(diǎn)支持吧,站長非常感激您!手機(jī)微信長按不能支付解決辦法:請(qǐng)將微信支付二維碼保存到相冊(cè),切換到微信,然后點(diǎn)擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對(duì)您有幫助就好】元
