【发布时间】:2014-10-27 10:37:39
【问题描述】:
我有以下 SQLDataSource:
<asp:SqlDataSource ID="myDataSource" runat="server" ConnectionString="<%$ ConnectionStrings:myConnString %>" SelectCommand="SELECT [ID], [Name] FROM [myTable] WHERE (([IsActive] = @IsActive))">
<SelectParameters>
<asp:Parameter DefaultValue="True" Name="IsActive" Type="Boolean" />
</SelectParameters>
</asp:SqlDataSource>
我正在使用以下方法加密和解密我的连接字符串:
const string initVector = "4s}T*3Rka&5Z2qE_";
const string saltValue = "Ly8$}7Qm9Fi*x2=D";
const string passPhrase = "K!i3nL9_P=y5o6}Z";
const int keySize = 256;
const int passwordIterations = 13;
public static string Decrypt(string cipherText)
{
string strReturn = string.Empty;
try
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
RijndaelManaged symmetricKey = default(RijndaelManaged);
symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = null;
plainTextBytes = new byte[cipherTextBytes.Length + 1];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
strReturn = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
catch (Exception ex)
{
strReturn = null;
}
return strReturn;
}
public static string Encrypt(string plainText)
{
string strReturn = string.Empty;
try
{
byte[] initVectorBytes = null;
initVectorBytes = System.Text.Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = null;
saltValueBytes = System.Text.Encoding.ASCII.GetBytes(saltValue);
byte[] plainTextBytes = null;
plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
Rfc2898DeriveBytes password = default(Rfc2898DeriveBytes);
password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = null;
int intKeySize = 0;
intKeySize = Convert.ToInt32((keySize / 8));
keyBytes = password.GetBytes(intKeySize);
System.Security.Cryptography.RijndaelManaged symmetricKey = default(System.Security.Cryptography.RijndaelManaged);
symmetricKey = new System.Security.Cryptography.RijndaelManaged();
symmetricKey.Mode = System.Security.Cryptography.CipherMode.CBC;
System.Security.Cryptography.ICryptoTransform encryptor = default(System.Security.Cryptography.ICryptoTransform);
encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
System.IO.MemoryStream memoryStream = default(System.IO.MemoryStream);
memoryStream = new System.IO.MemoryStream();
System.Security.Cryptography.CryptoStream cryptoStream = default(System.Security.Cryptography.CryptoStream);
cryptoStream = new System.Security.Cryptography.CryptoStream(memoryStream, encryptor, System.Security.Cryptography.CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = null;
cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = null;
cipherText = Convert.ToBase64String(cipherTextBytes);
strReturn = cipherText;
}
catch (Exception ex)
{
strReturn = null;
}
return strReturn;
}
我的问题是,如何将Decrypt(connString) 放在 SQL 数据源上,而将 SQL 数据源放在 html 源中?
谢谢。
【问题讨论】:
-
我可能错了,但我怀疑唯一的方法是使用
ObjectDataSource。我认为SqlDataSource对象的想法是快速轻松地实现标准案例,这是不适合的类别。
标签: c# asp.net encryption