在C#.net中加密xml标记值 [英] Encrypting xml tag values in C#.net
本文介绍了在C#.net中加密xml标记值的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个xml文件,该文件将用于存储登录信息(用户ID和密码)
我想对XML中存在的密码值进行加密
另外,我想使此XML文件只能由admin
编辑.
请帮帮我!
I have an xml file which will be used for storing login information (user ID and password)
I want to encrypt the password value present in the XML
Also , i want to make this XML file to be editable only by admin
Please help me !!!
推荐答案
存储密码的整个想法是错误的.密码(以原始形式表示,由密码用户创建密码的方式)永远不会存储在任何地方.如果您考虑一下,您将了解身份验证永远不需要它.听起来怪怪的?然后继续阅读.
安全地处理密码的最典型方法之一是使用密码哈希函数,该函数具有其重要属性之一:它的倒置不可行.有关更多详细信息,请参见:
http://en.wikipedia.org/wiki/Cryptographic_hash_function [ http://en.wikipedia.org/wiki/SHA-2 [ http://en.wikipedia.org/wiki/MD5 [ http://en.wikipedia.org/wiki/Sha1 [ http://msdn.microsoft.com/en-us/library/system. security.cryptography.hashalgorithm.aspx [ ^ ].
关于问题的第二部分:是的,应该限制具有身份验证数据的文件的访问. Windows提供了基于用户的访问控制(通过ACL),那么问题是什么呢?请从这里开始:
http://msdn.microsoft.com/zh-我们/library/windows/desktop/aa374872%28v=vs.85%29.aspx [
The whole idea to store a password is wrong. Passwords (I mean, in their original form, how they are created by the password users) are never stored anywhere. If you think about it, you will understand that authentication never needs it. Sounds weird? Then keep reading.
One of the most typical ways of dealing with passwords securely is using a cryptographic hash function, some function with one of its important properties: it''s inversion is infeasible. For further detail, please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[^].
When a user creates a password, its hash function is stored. So, no one can restore the original password, no matter what are the privileges. During authentication, a hash (obtained by calling the same function using user input) is compared with stored hash. Simple, isn''t it?
I would recommend to use one of the functions from the SHA-2 family:
http://en.wikipedia.org/wiki/SHA-2[^].
It''s important not to use MD5 or SHA-1 for any security purposes: these functions are found broken, so using them is unsafe. Please see:
http://en.wikipedia.org/wiki/MD5[^],
http://en.wikipedia.org/wiki/Sha1[^].
With .NET, you have the cryptographic hash functions already implemented for you:
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm.aspx[^].
As to the second part of the question: yes, the file with authentication data should be limited in access. Windows provides user-based access control (via ACL), so what''s the problem? Please start here:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa374872%28v=vs.85%29.aspx[^].
Further detail on access control depends on your settings: who is defined as admin, how she/he gets admin privileges, what''s your application type, etc. I don''t have this information to give you more concrete advice, but you can read about access control and apply it to your security schema. If you face some problems, ask more specific question and supply relevant information needed to resolve a problem.
Good luck,
—SA
这篇关于在C#.net中加密xml标记值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
