怎么给网站做推广,工作组赴平凉事故现场,港口建设申报网站,如何在ftp做网站.NET Core 数据库连接字符串加密与解密 一、实战#xff1a;控制台加密解密工具开发1. 基本功能实现加密解密 2. 动态输入秘钥与需要加密的内容3. 整个源码: 每次把数据库密码直接写在配置文件里#xff0c;我都感觉像是在大街上裸奔——虽然大家都这么做#xff0c;但总觉得… .NET Core 数据库连接字符串加密与解密 一、实战控制台加密解密工具开发1. 基本功能实现加密解密 2. 动态输入秘钥与需要加密的内容3. 整个源码: 每次把数据库密码直接写在配置文件里我都感觉像是在大街上裸奔——虽然大家都这么做但总觉得哪里不对劲。 想想看我们把最重要的数据库密码就这么明晃晃地写在appsettings.json里。万一哪天配置文件不小心泄露了黑客们简直就像拿到了金库钥匙我们的数据就全暴露了
别担心给数据库密码穿衣服没你想的那么难。今天我要分享的就是一个超级实用的方法
用个神奇的小工具把密码加密 把加密后的乱码存到配置文件里 程序运行时再自动解密使用 这样就算有人看到你的配置文件也只是一堆看不懂的乱码再也不用担心密码泄露了
这里使用的是AES加密算法 AES高级加密标准是一种对称加密算法使用128/192/256位密钥对128位数据块进行加密通过多轮替换、移位和混淆操作确保安全性广泛应用于网络通信、文件加密等领域。 一、实战控制台加密解密工具开发
1. 基本功能实现
这里推荐使用控制台程序来将字符串加密首先创建一个控制台程序。EncryptConnectStrings,然后再默认的Program.cs文件中创建两个方法EncryptConnectionString、DecryptConnectionString分别负责加密和解密. 然后还需要增加一个变量用于保存秘钥
public static string encryptionKey EncryptionKey;加密
接下来就是加密的方法EncryptConnectionString static void EncryptConnectionString(string encryptionKey){ var connectionString ServermyServer;DatabasemyDB;UsermyUser;PasswordmyPass;;try{ if (string.IsNullOrEmpty(connectionString )){Console.WriteLine(\n加密字符串为空);return;}using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)){byte[] plainBytes Encoding.UTF8.GetBytes(connectionString );cryptoStream.Write(plainBytes, 0, plainBytes.Length);}string encrypted Convert.ToBase64String(memoryStream.ToArray());Console.WriteLine(\n加密成功);Console.WriteLine(加密后的结果:);Console.WriteLine(encrypted);// 生成可直接粘贴到appsettings.json的内容Console.WriteLine(\nappsettings.json 配置片段:);Console.WriteLine($\ConnectionStrings\: {{\n \YourConnection\: \{encrypted}\\n}});}catch (Exception ex){Console.WriteLine($加密失败: {ex.Message});}}这里生成的字符串可以直接复制到.Net Core项目使用,.Net Core项目的配置在后面介绍
解密
解密方法为DecryptConnectionString
static void DecryptConnectionString(string encryptionKey)
{var encryptedString wzeN1u22aXwFr47U7PVzUEnk5rVdkBcGYLNABI01zDKSyQ2QjQPmPvJFdDDa940CUik79nkwCv/jtWFUIjDw;if (string.IsNullOrEmpty(encryptedString)){Console.WriteLine(错误加密字符串不能为空);return;}try{using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);var cipherBytes Convert.FromBase64String(encryptedString);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write)){cryptoStream.Write(cipherBytes, 0, cipherBytes.Length);}string decrypted Encoding.UTF8.GetString(memoryStream.ToArray());Console.WriteLine(\n解密成功);Console.WriteLine(原始连接字符串:);Console.WriteLine(decrypted);}catch (Exception ex){Console.WriteLine($解密失败: {ex.Message});}
}可以看到解密后的字符串和加密之前一样,那就对了
2. 动态输入秘钥与需要加密的内容
上面实现了基本功能,但是如果批量加密的时候每次都要重启一下程序,很麻烦,所以这里修改为动态输入秘钥与字符串(也可以固定死秘钥). 在main方法中修改: static void Main(string[] args){Console.WriteLine(数据库连接字符串加密/解密工具);Console.WriteLine();// 1. 获取加密密钥string encryptionKey GetEncryptionKey();bool continueRunning true;while (continueRunning){// 2. 选择操作模式Console.WriteLine(\n[选择操作]);Console.WriteLine(1. 加密连接字符串);Console.WriteLine(2. 解密连接字符串);Console.Write(请选择(1/2): );var choice Console.ReadLine();switch (choice){case 1:EncryptConnectionString(encryptionKey);break;case 2:DecryptConnectionString(encryptionKey);break;default:Console.WriteLine(无效选择请重新输入);break;}// 3. 询问用户是否继续continueRunning AskToContinue();}Console.WriteLine(\n程序结束按任意键退出...);Console.ReadKey();}增加方法AskToContinue用于询问是否继续 static bool AskToContinue(){Console.Write(\n是否继续其他操作(Y/N): );var response Console.ReadLine()?.Trim().ToUpper();return response Y;}增加一个方法用于将加密与解密的内容保存到文件中去,防止丢失 static void SaveToFile(string content, string fileName){try{File.WriteAllText(fileName, content);Console.WriteLine($结果已保存到: {Path.GetFullPath(fileName)});}catch (Exception ex){Console.WriteLine($保存文件失败: {ex.Message});}}然后是加密解密的方法
static string Encrypt(string plainText, string encryptionKey)
{if (string.IsNullOrEmpty(plainText)) return plainText;using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)){byte[] plainBytes Encoding.UTF8.GetBytes(plainText);cryptoStream.Write(plainBytes, 0, plainBytes.Length);}return Convert.ToBase64String(memoryStream.ToArray());
}static string Decrypt(string cipherText, string encryptionKey)
{if (string.IsNullOrEmpty(cipherText)) return cipherText;using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);var cipherBytes Convert.FromBase64String(cipherText);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write)){cryptoStream.Write(cipherBytes, 0, cipherBytes.Length);}return Encoding.UTF8.GetString(memoryStream.ToArray());
}选择加密或者解密后运行的方法:
static void EncryptConnectionString(string encryptionKey)
{Console.WriteLine(\n[加密模式]);Console.Write(请输入要加密的连接字符串: );var connectionString Console.ReadLine();if (string.IsNullOrEmpty(connectionString)){Console.WriteLine(错误连接字符串不能为空);return;}try{string encrypted Encrypt(connectionString, encryptionKey);Console.WriteLine(\n加密成功);Console.WriteLine(加密后的结果:);Console.WriteLine(encrypted);// 生成可直接粘贴到appsettings.json的内容Console.WriteLine(\nappsettings.json 配置片段:);Console.WriteLine($\ConnectionStrings\: {{\n \YourConnection\: \{encrypted}\\n}});// 保存到文件SaveToFile(encrypted, encrypted_connection.txt);}catch (Exception ex){Console.WriteLine($加密失败: {ex.Message});}
}static void DecryptConnectionString(string encryptionKey)
{Console.WriteLine(\n[解密模式]);Console.Write(请输入要解密的连接字符串: );var encryptedString Console.ReadLine();if (string.IsNullOrEmpty(encryptedString)){Console.WriteLine(错误加密字符串不能为空);return;}try{string decrypted Decrypt(encryptedString, encryptionKey);Console.WriteLine(\n解密成功);Console.WriteLine(原始连接字符串:);Console.WriteLine(decrypted);// 保存到文件SaveToFile(decrypted, decrypted_connection.txt);}catch (Exception ex){Console.WriteLine($解密失败: {ex.Message});}
}获取秘钥的方法,如果需要手动输入秘钥则取消下面的注释即可. static string GetEncryptionKey(){return MyAppSecureKey;//Console.Write(\n请输入加密密钥(至少16个字符): );//var key Console.ReadLine();//if (string.IsNullOrEmpty(key) || key.Length 16)//{// Console.WriteLine(错误密钥必须至少16个字符);// return GetEncryptionKey(); // 递归调用直到获取有效密钥//}//return key;}3. 整个源码:
using System;
using System.Security.Cryptography;
using System.Text;
using System.IO;
using EncryptConnectStrings;class Program
{static void Main(string[] args){Console.WriteLine(数据库连接字符串加密/解密工具);Console.WriteLine();// 1. 获取加密密钥string encryptionKey GetEncryptionKey();bool continueRunning true;while (continueRunning){// 2. 选择操作模式Console.WriteLine(\n[选择操作]);Console.WriteLine(1. 加密连接字符串);Console.WriteLine(2. 解密连接字符串);Console.Write(请选择(1/2): );var choice Console.ReadLine();switch (choice){case 1:EncryptConnectionString(encryptionKey);break;case 2:DecryptConnectionString(encryptionKey);break;default:Console.WriteLine(无效选择请重新输入);break;}// 3. 询问用户是否继续continueRunning AskToContinue();}Console.WriteLine(\n程序结束按任意键退出...);Console.ReadKey();}static string GetEncryptionKey(){return MyAppSecureKey123!#;//Console.Write(\n请输入加密密钥(至少16个字符): );//var key Console.ReadLine();//if (string.IsNullOrEmpty(key) || key.Length 16)//{// Console.WriteLine(错误密钥必须至少16个字符);// return GetEncryptionKey(); // 递归调用直到获取有效密钥//}//return key;}static void EncryptConnectionString(string encryptionKey){Console.WriteLine(\n[加密模式]);Console.Write(请输入要加密的连接字符串: );var connectionString Console.ReadLine();if (string.IsNullOrEmpty(connectionString)){Console.WriteLine(错误连接字符串不能为空);return;}try{string encrypted Encrypt(connectionString, encryptionKey);Console.WriteLine(\n加密成功);Console.WriteLine(加密后的结果:);Console.WriteLine(encrypted);// 生成可直接粘贴到appsettings.json的内容Console.WriteLine(\nappsettings.json 配置片段:);Console.WriteLine($\ConnectionStrings\: {{\n \YourConnection\: \{encrypted}\\n}});// 保存到文件SaveToFile(encrypted, encrypted_connection.txt);}catch (Exception ex){Console.WriteLine($加密失败: {ex.Message});}}static void DecryptConnectionString(string encryptionKey){Console.WriteLine(\n[解密模式]);Console.Write(请输入要解密的连接字符串: );var encryptedString Console.ReadLine();if (string.IsNullOrEmpty(encryptedString)){Console.WriteLine(错误加密字符串不能为空);return;}try{string decrypted Decrypt(encryptedString, encryptionKey);Console.WriteLine(\n解密成功);Console.WriteLine(原始连接字符串:);Console.WriteLine(decrypted);// 保存到文件SaveToFile(decrypted, decrypted_connection.txt);}catch (Exception ex){Console.WriteLine($解密失败: {ex.Message});}}static bool AskToContinue(){Console.Write(\n是否继续其他操作(Y/N): );var response Console.ReadLine()?.Trim().ToUpper();return response Y;}static void SaveToFile(string content, string fileName){try{File.WriteAllText(fileName, content);Console.WriteLine($结果已保存到: {Path.GetFullPath(fileName)});}catch (Exception ex){Console.WriteLine($保存文件失败: {ex.Message});}}static string Encrypt(string plainText, string encryptionKey){if (string.IsNullOrEmpty(plainText)) return plainText;using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write)){byte[] plainBytes Encoding.UTF8.GetBytes(plainText);cryptoStream.Write(plainBytes, 0, plainBytes.Length);}return Convert.ToBase64String(memoryStream.ToArray());}static string Decrypt(string cipherText, string encryptionKey){if (string.IsNullOrEmpty(cipherText)) return cipherText;using var aes Aes.Create();var pdb new Rfc2898DeriveBytes(encryptionKey,new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });aes.Key pdb.GetBytes(32);aes.IV pdb.GetBytes(16);var cipherBytes Convert.FromBase64String(cipherText);using var memoryStream new MemoryStream();using (var cryptoStream new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write)){cryptoStream.Write(cipherBytes, 0, cipherBytes.Length);}return Encoding.UTF8.GetString(memoryStream.ToArray());}
}
