C# 如何在C中加密/保护MS Access 2007数据库文件?
我有一个程序,可以使用简单的数据库密码访问/添加/删除MS access 2007文件中的条目 但我的目标是修改我的文件,使其更加安全。我想加密我的文件,如果可能的话,使用用户选择的加密,并且只有当用户提供正确的用户名和密码时,才能访问它 我该怎么做?如何加密文件?我怎样才能让它让用户能够进行身份验证 请具体说明,首选假人示例: 编辑:如果我使用AES加密文件中的每个条目,会更安全吗?我应该这样做,让数据库文件没有密码吗 这就是我此时访问文件的方式:C# 如何在C中加密/保护MS Access 2007数据库文件?,c#,cryptography,ms-access-2007,C#,Cryptography,Ms Access 2007,我有一个程序,可以使用简单的数据库密码访问/添加/删除MS access 2007文件中的条目 但我的目标是修改我的文件,使其更加安全。我想加密我的文件,如果可能的话,使用用户选择的加密,并且只有当用户提供正确的用户名和密码时,才能访问它 我该怎么做?如何加密文件?我怎样才能让它让用户能够进行身份验证 请具体说明,首选假人示例: 编辑:如果我使用AES加密文件中的每个条目,会更安全吗?我应该这样做,让数据库文件没有密码吗 这就是我此时访问文件的方式: // May be public so we
// May be public so we can display
// content of file from different forms.
public void DisplayFileContent(string filePath)
{
// Creating an object allowing me connecting to the database.
OleDbConnection objOleDbConnection = new OleDbConnection();
// Creating command object.
objOleDbConnection.ConnectionString =
"Provider=Microsoft.ACE.OLEDB.12.0;" +
"Data Source=" + filePath + ";" +
"Persist Security Info=False;" +
"Jet OLEDB:Database Password=" + storedAuth.Password + ";";
OleDbCommand objOleDbCommand = new OleDbCommand();
objOleDbCommand.Connection = objOleDbConnection;
objOleDbCommand.CommandText = "Select * FROM PersonalData";
// Create a data reader.
OleDbDataReader readPersonalData;
try
{
// Open database connection.
objOleDbConnection.Open();
// Associate data reader with the command.
readPersonalData = objOleDbCommand.ExecuteReader();
// Counting all entries.
int countEntries = 0;
// Clearing the textbox before proceeding.
txtDisplay.Text = string.Empty;
if (readPersonalData.HasRows)
{
while (readPersonalData.Read())
{
// Count all entries read from the reader.
countEntries++;
txtDisplay.Text += "=== Entry ID: " + readPersonalData.GetValue(0) + " ===" + Environment.NewLine;
txtDisplay.Text += "Type: " + readPersonalData.GetValue(1) + Environment.NewLine;
if (!readPersonalData.IsDBNull(2)) txtDisplay.Text += "URL: " + readPersonalData.GetValue(2) + Environment.NewLine;
if (!readPersonalData.IsDBNull(3)) txtDisplay.Text += "Software Name: " + readPersonalData.GetValue(3) + Environment.NewLine;
if (!readPersonalData.IsDBNull(4)) txtDisplay.Text += "Serial Code: " + readPersonalData.GetValue(4) + Environment.NewLine;
if (!readPersonalData.IsDBNull(5)) txtDisplay.Text += "User Name: " + readPersonalData.GetValue(5) + Environment.NewLine;
if (!readPersonalData.IsDBNull(6)) txtDisplay.Text += "Password: " + readPersonalData.GetValue(6) + Environment.NewLine;
txtDisplay.Text += Environment.NewLine;
}
}
else
{
txtDisplay.Text = "There is nothing to display! You must add something so I can display something here.";
}
// Displaying number of entries in the status bar.
tsslStatus.Text = "A total of " + countEntries + " entries.";
// Selecting 0 character to make sure text
// isn't completly selected.
txtDisplay.SelectionStart = 0;
}
我的EncryptDecrypt.cs文件:
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
namespace Password_Manager
{
class EncryptDecrypt
{
string input, userName, password;
RijndaelManaged Crypto = new RijndaelManaged();
public EncryptDecrypt()
{
}
public EncryptDecrypt(string input, string userName, string password)
{
this.input = input;
this.userName = userName;
this.password = password;
}
public string Encrypt(string PlainText, string pass, string usrName)
{
string HashAlgorithm = "SHA1";
int PasswordIterations = 2;
string InitialVector = "OFRna73m*aze01xY";
int KeySize = 256;
this.input = PlainText;
if (string.IsNullOrEmpty(PlainText))
return "";
byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector);
byte[] SaltValueBytes = Encoding.ASCII.GetBytes(usrName);
byte[] PlainTextBytes = Encoding.UTF8.GetBytes(PlainText);
PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(pass, SaltValueBytes, HashAlgorithm, PasswordIterations);
byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8);
RijndaelManaged SymmetricKey = new RijndaelManaged();
SymmetricKey.Mode = CipherMode.CBC;
byte[] CipherTextBytes = null;
using (ICryptoTransform Encryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes))
{
using (MemoryStream MemStream = new MemoryStream())
{
using (CryptoStream CryptoStream = new CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write))
{
CryptoStream.Write(PlainTextBytes, 0, PlainTextBytes.Length);
CryptoStream.FlushFinalBlock();
CipherTextBytes = MemStream.ToArray();
MemStream.Close();
CryptoStream.Close();
}
}
}
SymmetricKey.Clear();
return Convert.ToBase64String(CipherTextBytes);
}
public string Decrypt(string CipherText, string pass, string usrName)
{
string HashAlgorithm = "SHA1";
int PasswordIterations = 2;
string InitialVector = "OFRna73m*aze01xY";
int KeySize = 256;
if (string.IsNullOrEmpty(CipherText))
return "";
byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector);
byte[] SaltValueBytes = Encoding.ASCII.GetBytes(usrName);
byte[] CipherTextBytes = Convert.FromBase64String(CipherText);
PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(pass, SaltValueBytes, HashAlgorithm, PasswordIterations);
byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8);
RijndaelManaged SymmetricKey = new RijndaelManaged();
SymmetricKey.Mode = CipherMode.CBC;
byte[] PlainTextBytes = new byte[CipherTextBytes.Length];
int ByteCount = 0;
using (ICryptoTransform Decryptor = SymmetricKey.CreateDecryptor(KeyBytes, InitialVectorBytes))
{
using (MemoryStream MemStream = new MemoryStream(CipherTextBytes))
{
using (CryptoStream CryptoStream = new CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read))
{
ByteCount = CryptoStream.Read(PlainTextBytes, 0, PlainTextBytes.Length);
MemStream.Close();
CryptoStream.Close();
}
}
}
SymmetricKey.Clear();
return Encoding.UTF8.GetString(PlainTextBytes, 0, ByteCount);
}
}
}
绝对不要加密数据并将加密的数据保存在数据库中,您最终会遇到如下查询:select field1,field2 from table,其中field1='$WDFV%$:@@{%SASDH!fjdkj',并且您的所有字段都必须是文本。这严重破坏了使用RDBMS的目标 access DB可以进行密码保护和加密。请参见2010年的说明,但也有指向2007年的链接 但是,如果您将其用作winforms gui的后端,并且您不希望用户键入密码,则必须将密码存储在某个位置,如果确定的用户知道密码,则可以提取密码
如果保护敏感数据不受未经授权的用户的攻击是一个优先事项,那么访问是一个错误的选择。如果现在在项目中更改已经太迟,那么以后就不要再使用它。我并不是想借此诋毁MS Access,但这可能只是升级到SQL Server或其他已经具有加密功能的RDBMS吗?@David Str阿顿:嗯,我已经有了一些MS Access的经验,我已经做了半个月的程序了。我不想在我的程序到期前两周改变主意。如果我只留下未加密的ID呢?我只按ID搜索/删除。我不能在这里使用网络。文件是*.ACCDB。我不能使用任何服务器。我想让它成为一个尽我所能安全。尽我所能最安全。我正在使用ADOX从C创建一个文件,然后在此时设置密码。如何从C进行加密?加密工作在二进制数据上,您必须将其转换为文本以存储在数据库中。您的客户只需说我希望能够按日期筛选此表你突然有了一个痛苦的世界。在c中进行加密是一个非常广泛的主题。阅读system.security.cryptography命名空间中的类型。我对这种情况没有问题,但你指出了这一点很好。我只是简单地按ID添加/删除数据。我有一段完美的代码,它使用盐密码读取数据由AES加密/解密的y文本。