从codeBehind C#解密的SqlDataSource [英] Decrypt SQLDataSource from CodeBehind C#
问题描述
结果
我有以下的SqlDataSource:结果
I have the following SQLDataSource:
<asp:SqlDataSource ID="myDataSource" runat="server" ConnectionString="<%$ ConnectionStrings:myConnString %>" SelectCommand="SELECT [ID], [Name] FROM [myTable] WHERE (([IsActive] = @IsActive))">
<SelectParameters>
<asp:Parameter DefaultValue="True" Name="IsActive" Type="Boolean" />
</SelectParameters>
</asp:SqlDataSource>
我加密,并使用以下方法解密我的ConnectionString:
I am Encrypting and Decrypting my connectionstring using the following method:
const string initVector = "4s}T*3Rka&5Z2qE_";
const string saltValue = "Ly8$}7Qm9Fi*x2=D";
const string passPhrase = "K!i3nL9_P=y5o6}Z";
const int keySize = 256;
const int passwordIterations = 13;
public static string Decrypt(string cipherText)
{
string strReturn = string.Empty;
try
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
RijndaelManaged symmetricKey = default(RijndaelManaged);
symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = null;
plainTextBytes = new byte[cipherTextBytes.Length + 1];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
strReturn = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
catch (Exception ex)
{
strReturn = null;
}
return strReturn;
}
public static string Encrypt(string plainText)
{
string strReturn = string.Empty;
try
{
byte[] initVectorBytes = null;
initVectorBytes = System.Text.Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = null;
saltValueBytes = System.Text.Encoding.ASCII.GetBytes(saltValue);
byte[] plainTextBytes = null;
plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
Rfc2898DeriveBytes password = default(Rfc2898DeriveBytes);
password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = null;
int intKeySize = 0;
intKeySize = Convert.ToInt32((keySize / 8));
keyBytes = password.GetBytes(intKeySize);
System.Security.Cryptography.RijndaelManaged symmetricKey = default(System.Security.Cryptography.RijndaelManaged);
symmetricKey = new System.Security.Cryptography.RijndaelManaged();
symmetricKey.Mode = System.Security.Cryptography.CipherMode.CBC;
System.Security.Cryptography.ICryptoTransform encryptor = default(System.Security.Cryptography.ICryptoTransform);
encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
System.IO.MemoryStream memoryStream = default(System.IO.MemoryStream);
memoryStream = new System.IO.MemoryStream();
System.Security.Cryptography.CryptoStream cryptoStream = default(System.Security.Cryptography.CryptoStream);
cryptoStream = new System.Security.Cryptography.CryptoStream(memoryStream, encryptor, System.Security.Cryptography.CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = null;
cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = null;
cipherText = Convert.ToBase64String(cipherTextBytes);
strReturn = cipherText;
}
catch (Exception ex)
{
strReturn = null;
}
return strReturn;
}
我的问题是,我怎样才能把解密(CONNSTRING)在HTML源的SQL数据源,而SQL数据源?结果
My Question is, how can I put Decrypt(connString) on the SQL DataSource while the SQL Data Source in html source?
感谢您。
推荐答案
您需要使用自定义的防爆pressionBuilder ,以实现这一目标。
You need to use a custom ExpressionBuilder to achieve this.
步骤:
-
定义自定义类:
Define a custom class:
[出pression preFIX(MyConnectionEx pression)]
[出pressionEditor(MyConnectionEx pressionEditor)]
公共类MyConnectionStringEx pressionBuilder:防爆pressionBuilder
{
}
[ExpressionPrefix("MyConnectionExpression")] [ExpressionEditor("MyConnectionExpressionEditor")] public class MyConnectionStringExpressionBuilder : ExpressionBuilder { }
请参阅本:<一href=\"http://msdn.microsoft.com/en-us/library/system.web.compilation.ex$p$pssionbuilder(v=vs.110).aspx\" rel=\"nofollow\">http://msdn.microsoft.com/en-us/library/system.web.compilation.ex$p$pssionbuilder(v=vs.110).aspx
在该样本,而不是GetEvalData方法,用你的方法,执行以下操作:
从读取配置文件加密的连接字符串。
使用您的解密方法,并返回数据作为对象。
Reads the encrypted connection string from the config file. Uses your Decrypt method and returns the data as an object.
- 确保您与此自定义前pression建设者细节更新你的web.config。
然后就可以开始使用防爆pression建设者。
then you can start using the Expression builder.
这篇关于从codeBehind C#解密的SqlDataSource的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
