如何在C＃中的visual studio中创建设置时保护文件？ [英] How to protect a file when creating setup in visual studio in C#?

问题描述

我的项目有xml文件，我创建了安装程序。但在创建安装程序后，xml文件将被读写。所以我想在创建设置或其他方式时保护xml文件。

我该怎么做？



请建议我。 ....

I have xml file with my project and i create setup. but after creating setup the xml file will be read and write. So i want to protect the xml file while creating setup or some other way.
How can i do that?

Please Suggest me.....

推荐答案

请参阅我对该问题的评论。你可以考虑：1）回顾你的想法;也许你真的不需要任何保护; 2）加密，3）设置文件权限; 4）以前方法的某种组合。



首先，您需要了解您几乎不能发展100％保护，只因为您的应用程序可以做什么这个文件，一些有经验的用户也可以。您无法为您的应用程序提供比用户更多的权限。所以，你的保护可能更具有一些防范功能，在这个意义上非常强大，但并不是在完全保护的意义上。



我会先考虑密码学。我建议结合两种技术：加密散列函数和加密。首先，加密将保护文件不被阅读和理解其内容。此外，哈希将对文件进行任何随机更改加密不可行。当用户更改文件中的任何内容时，您的代码将检测到该文件，并且该文件将被视为已损坏;他们使用必须重新安装应用程序。



所以，请参阅：

http://en.wikipedia.org/wiki/Cryptographic_hash_function [ ^ ]，

http：// en。 wikipedia.org/wiki/Cryptography [ ^ ]。



这是你可以做的：1）计算你的文件的加密哈希函数，2）把哈希值和文件放在同一个流中，一块之后另外，3）加密它的结果; 4）以静态只读字节数组的形式将加密密钥存储在应用程序中。我希望您了解如何还原此操作并还原该文件。至于哈希值，您从流中读取它，读取/解密原始文件，计算其哈希值并与已存储的值进行比较。任何差异都意味着文件被破坏了。



特定算法的选择并不重要，但对于加密，对称算法（看看下面的链接就足够了。



你在.NET FCL中拥有一切：

http://msdn.microsoft.com/en-us/library/System.Security。密码学％28v = vs.110％29.aspx [ ^ ]，

http://msdn.microsoft.com/en-us/library/system.security.cryptography.asymmetricalgorithm%28v=vs.110% 29.aspx [ ^ ]，

http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgorithm%28v=vs.110%29.aspx [ ^ ]，

http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm%28v=vs.110%29.aspx [ ^ ]。br />


现在，关于文件权限的使用。同样，您应该记住，您不能为您的应用程序提供比用户更多的权限。所以，我不会认真对待它。但是为了防止傻瓜式保护，以下架构可以起作用：您为文件提供管理权限（用于读取，写入或两者）。这意味着您需要为您的应用程序提供管理权限，这需要通过请求用户确认来提升权限（UAC请求对话框，另请参阅：http://en.wikipedia.org/wiki/User_Account_Control [ ^ ]）。所以，这个解决方案也会有些烦人，不仅效率很低。



尽管如此，我会描述一下，以防万一。您可以通过在程序集中添加和嵌入适当的应用程序清单来避免以管理员身份运行应用程序。然后，从一开始就通过运行应用程序简单地自动请求提升。具体方法如下： http://msdn.microsoft.com/en-us/library/bb756929.aspx [ ^ ]。

-SA

Please see my comment to the question. You can consider: 1) reviewing you idea; maybe you don't really need any protection; 2) cryptography, 3) setting file permission; 4) some combination of the previous approaches.

First of all, you need to understand that you hardly can develop 100% protection, just because whatever your application can do with this file, some experienced user can do, too. You cannot give your application more permission than you user can get. So, your "protection" could be more of some fool-proof feature, pretty strong in this sense, but not in the sense of total protection.

I would first consider cryptography. I would advise to combine two techniques: cryptographic hash function and encryption. Encryption will, first of all, protect the file from reading and understanding its content. In addition, hash will make any random change to the file cryptographically infeasible. When a user change anything in the file, it will be detected by your code and the file will be considered broken; they use will have to re-install the application.

So, please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[^],
http://en.wikipedia.org/wiki/Cryptography[^].

Here is what you can do: 1) calculate cryptographic hash function of your file, 2) put the hash value and the file in the same stream, one piece after another, 3) encrypt the result of it; 4) store the encryption key(s) in your application in the forms of static readonly array of bytes. I hope you understand how to revert this operation and restore the file. As to the hash value, you read it from the stream, read/decrypt the original file, calculate its hash and compare with the has your stored. Any difference means that the file was broken.

The selection of particular algorithms is not really critical, but for encryption, a symmetric algorithm (see the links below) will be enough.

You have it all in .NET FCL:
http://msdn.microsoft.com/en-us/library/System.Security.Cryptography%28v=vs.110%29.aspx[^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.asymmetricalgorithm%28v=vs.110%29.aspx[^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgorithm%28v=vs.110%29.aspx[^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm%28v=vs.110%29.aspx[^].

Now, about the use of file permissions. Again, you should remember that you cannot give your application more permission than the user can get. So, I would not take it seriously. But for the fool-proof protection, the following schema could work: you give administrative permissions to the file (for reading, writing, or both). It means that you need to give administrative permissions to your application, which will require elevation of the permission by requesting confirmation from the user (UAC request dialog, see also: http://en.wikipedia.org/wiki/User_Account_Control[^]). So, this solution will also be somewhat annoying, not only pretty inefficient.

Nevertheless, I'll describe it, just in case. You can avoid the need to run your application "As Administrator" by adding and embedding appropriate application manifest in your assembly. Then the elevation will be simply automatically requested by running the application, from the very beginning. This is how: http://msdn.microsoft.com/en-us/library/bb756929.aspx[^].

—SA

这篇关于如何在C＃中的visual studio中创建设置时保护文件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！