SQLite的安全的Windows Phone 8.1 [英] SQLite secure Windows Phone 8.1

问题描述

我有Windows通用应用程序。在这个程序我使用SQLite，我需要确保该文件。它被保存在LocalFolder和用户有权访问他

I have windows universal app. In this app I use SQLite and I need secure this file. It is saved in the LocalFolder and user has access to him.

我只需要设置为我的应用程序或设置密码，这个数据库或任何其他访问。 拜托，你知道的扩展，可以帮助我？

I need set access only for my APP or set password for this database or anything else. Please, Do you know about extension that can help me?

感谢

推荐答案

在Windows应用商店API，你会发现一些命名空间，我认为你可以用你的目的：的 Windows.Security.Cryptography ，的 Windows.Security.Cryptography.Core 和<一href="http://msdn.microsoft.com/en-us/library/windows/apps/windows.security.cryptography.dataprotection.aspx"相对=nofollow> Windows.Security.Cryptography.DataProtection 。

In Windows Store API you will find some namespaces, which I think you can use for your purpose: Windows.Security.Cryptography, Windows.Security.Cryptography.Core and Windows.Security.Cryptography.DataProtection.

马腾Bodewes评论后可进行编辑的 - 增加了随机初始化向量

Edited after Maarten Bodewes comment - added randomized initialization vector.

加密一些数据的一个很简单的例子可以是这样的：

A very simple example of encrypting some data can look like this:

/// <summary>
/// Method encrypting data in source file and saving to target file
/// </summary>
/// <param name="backupKey">secret key</param>
/// <param name="sourceFile">source file with data</param>
/// <param name="targetFile">encrypted file</param>
public static async Task EncryptFile(string backupKey, StorageFile sourceFile, StorageFile targetFile)
{
    SymmetricKeyAlgorithmProvider algorithm = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
    IBuffer keymaterial = CryptographicBuffer.ConvertStringToBinary(backupKey, BinaryStringEncoding.Utf8);
    IBuffer initVector = CryptographicBuffer.GenerateRandom(32);
    CryptographicKey key = algorithm.CreateSymmetricKey(keymaterial);           
    IBuffer output = CryptographicEngine.Encrypt(key, await FileIO.ReadBufferAsync(sourceFile), initVector);           
    await Windows.Storage.FileIO.WriteTextAsync(targetFile, CryptographicBuffer.EncodeToBase64String(initVector) + CryptographicBuffer.EncodeToBase64String(output));
}

/// <summary>
/// Method decrypting a file
/// </summary>
/// <param name="backupKey">secret key</param>
/// <param name="encryptedFile">source file with encrypted data</param>
/// <returns>buffer with devrypted data</returns>
public static async Task<IBuffer> DecryptFile(string backupKey, StorageFile encryptedFile)
{
    string entry = await Windows.Storage.FileIO.ReadTextAsync(encryptedFile);
    IBuffer initVector = CryptographicBuffer.DecodeFromBase64String(entry.Substring(0, 44));
    IBuffer input = CryptographicBuffer.DecodeFromBase64String(entry.Substring(44));
    SymmetricKeyAlgorithmProvider algorithm = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
    IBuffer keymaterial = CryptographicBuffer.ConvertStringToBinary(backupKey, BinaryStringEncoding.Utf8);
    CryptographicKey key = algorithm.CreateSymmetricKey(keymaterial);
    IBuffer inputDecrypted = CryptographicEngine.Decrypt(key, input, initVector);
    Debug.WriteLine("Encrypted message: {0}", CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, inputDecrypted));
    return inputDecrypted;
}

我测试过这样的：

I've tested it like this:

private const string mySuperSecretKey = @"s3cr3tsadjfjlksdfj@^&^$)(ojfaapsojowejiwfpkwfvz";
private async void firstBtn_Click(object sender, RoutedEventArgs e)
{
    var sourceFile = await Package.Current.InstalledLocation.GetFileAsync("TestMessage.txt");
    var targetFile = await ApplicationData.Current.LocalFolder.CreateFileAsync("EncryptedMessage.txt", CreationCollisionOption.ReplaceExisting);
    await EncryptFile(mySuperSecretKey, sourceFile, targetFile);            
}

private async void secondBtn_Click(object sender, RoutedEventArgs e)
{
    var sourceFile = await ApplicationData.Current.LocalFolder.GetFileAsync("EncryptedMessage.txt");
    var dataDecrypted = await DecryptFile(mySuperSecretKey, sourceFile);
}

以上code，当然是非常简单的，应该加以改进，但也许会帮助你开始。也请记住，保护你的密钥，它不是那么难反编译的包。

The above code is of course very simple and should be improved, but maybe will help you to start. Also please remember to protect your secret key, it's not so hard to decompile the package.

这篇关于SQLite的安全的Windows Phone 8.1的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！