Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/300.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 从Web.config读取自定义加密连接字符串_C#_Asp.net_Encryption - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 从Web.config读取自定义加密连接字符串

C# 从Web.config读取自定义加密连接字符串

c# asp.net encryption

C# 从Web.config读取自定义加密连接字符串,c#,asp.net,encryption,C#,Asp.net,Encryption,我有一个现有的ASP.NET项目,其中连接字符串在Web.config文件中使用C#中的自定义加密函数进行加密,并将加密字符串保存到Web.config文件中,如下所示 <add name="ConnectionString" connectionString="+tj/H0V/Wpa+UBWzHvOfuL4GPyoDssypPKfeRdUU1FnfHw+phOEBLpRne/ytv1v8gs7P0DoSC7rhN2aPWG3uZZvSis5f/Dqu53HgsRH8m44=" provi

我有一个现有的ASP.NET项目,其中连接字符串在Web.config文件中使用C#中的自定义加密函数进行加密,并将加密字符串保存到Web.config文件中,如下所示

<add name="ConnectionString" connectionString="+tj/H0V/Wpa+UBWzHvOfuL4GPyoDssypPKfeRdUU1FnfHw+phOEBLpRne/ytv1v8gs7P0DoSC7rhN2aPWG3uZZvSis5f/Dqu53HgsRH8m44=" providerName="System.Data.SqlClient" />

<asp:SqlDataSource ID="PeriodsDataSource" runat="server" ConnectionString="<%$ ConnectionStrings:ConnectionString %>"
事实证明,这是一个非常简单的解决方案,可以在SqlDataSource的Init事件中更新SqlDataSource.ConnectionString,如下所示:

    protected void SqlDataSource_Init(object sender, EventArgs e)
    {
        string connectionString = Encryption.Decrypt(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString, "XXXXXX");
        SqlDataSource.ConnectionString = connectionString;
    }
这就是我实施的解决方案

asp:SqlDataSource
ConnectionString
%$
字符表示它是一个表达式,因此进行计算。我们可以创建自己的自定义表达式

创建一个类似这样的
类,扩展
ExpressionBuilder


namespace YourNameSpace
{
    [ExpressionPrefix("EncryptedExpressionStrings")]
    public class EncryptedConnectionStringExpressionBuilder : ExpressionBuilder
    {
        private static string DecryptConnectionString(string cipherText)
        {
            return Encryption.Decrypt(cipherText);
        }
        public static ConnectionStringSettings GetConnectionStringSettings(string connectionStringName)
        {           
            return ConfigurationManager.ConnectionStrings[connectionStringName];
        }
        public static string GetConnectionString(string connectionStringName)
        {
            string decryptedConnectionString = null;
            System.Web.Caching.Cache connectionStringCache = new System.Web.Caching.Cache();
            if (connectionStringCache["connectionString"] == null)
            {
                ConnectionStringSettings settings = GetConnectionStringSettings(connectionStringName);
                decryptedConnectionString = DecryptConnectionString(settings.ConnectionString);
                connectionStringCache.Insert("connectionString", decryptedConnectionString);
            }
           else
           {
               decryptedConnectionString = (string)connectionStringCache["connectionString"];
            }
            return decryptedConnectionString;
        }
        public static string GetConnectionStringProviderName(string connectionStringName)
        {
            ConnectionStringSettings settings = GetConnectionStringSettings(connectionStringName);          
            return settings.ProviderName;
        }
        public override CodeExpression GetCodeExpression(BoundPropertyEntry entry, object parsedData, ExpressionBuilderContext context)
        {
            Pair pair = DirectCast<Pair>(parsedData);
            string text = pair.First.ToString();
            if (Convert.ToBoolean(pair.Second))
            {
                return new CodeMethodInvokeExpression(new CodeTypeReferenceExpression(base.GetType()), "GetConnectionString", new CodeExpression[] { new CodePrimitiveExpression() { Value = text } });
            }
            else
            {
                return new CodeMethodInvokeExpression(new CodeTypeReferenceExpression(base.GetType()), "GetConnectionStringProviderName", new CodeExpression[] { new CodePrimitiveExpression() { Value = text } });
        }
        static T DirectCast<T>(object o) where T : class
        {
            T value = o as T;
            if (value == null && o != null)
            {
                throw new InvalidCastException();
            }
            return value;
        }
    }


然后声明加密的连接字符串


<connectionStrings>
    <add name="EncryptedSqlDBConnectionString" connectionString="nWCfxsad8lkdyLWERODVxd3Ox..."
</connectionStrings>



这意味着您可以对
web.config
中的连接字符串进行加密,但仍然可以对
asp.SqlDataSource
connectionString
进行求值。您是否尝试更改加密函数中的编码,该函数只包含字母数字,如哈希字符串。@dave35谢谢您的评论,但是我看不出这会有什么帮助,因为它仍然不是有效的ConnectionString,因为在被引用之前它仍然需要解密。你不能将加密的连接字符串包装到一个属性中,为页面解密一次吗?@BFG我想你得到的错误是因为你的配置字符串中有特殊字符。顺便说一句,你知道你可以用微软的工具加密整个web.config文件吗?@DarrenWood这是一个非常简单的解决方案,可以在SqlDataSource的Init事件中更新SqlDataSource.ConnectionString。。。请看我的答案和我自己的问题,以备将来参考。

<compilation>
    <expressionBuilders>
        <add expressionPrefix="EncryptedExpressionStrings" type="YourNameSpace.EncryptedConnectionStringExpressionBuilder"/>
     </expressionBuilders>
</compilation>



<connectionStrings>
    <add name="EncryptedSqlDBConnectionString" connectionString="nWCfxsad8lkdyLWERODVxd3Ox..."
</connectionStrings>



<asp:SqlDataSource runat="server" ID="YourID" ConnectionString="<%$ EncryptedExpressionStrings:EncryptedSqlDBConnectionString %>" SelectCommand="SELECT * FROM YourDBTable" />