This document is maintained at: http://wiki.entlib.net.cn/EntlibHelp31CryptographyApplicationBlock.ashx
In its original state, encrypt the applicationProgramBlocks can be used in typical encryption scenarios. However, in many cases, You have to customize the behavior of some encrypted application blocks to better adapt to the specific needs of the application. There are two ways to customize application blocks, expand and modify them.
Extended encryption application block
Extends the encryption application block through the specified extension point. Typically, these extensions are customized classes you write. These classes implement specific interfaces or derive from an abstract class. Because these custom classes already exist in the application space, you do not need to modify or recreate the Application Block. Another option is to use configuration settings to specify the extension.
Now
You can create new encryption providers other than those provided by the Application Block to expand the application block. To do this, implement the interfaces contained in the Application Block. To help you use custom
You can use the Enterprise Library configuration console to specify custom hash and symmetric providers. For more information, see extended encryption application blocks.
Modify the encrypted Application Block
To modify the encrypted application blockSource code. These modifications may or may not require configuration changes. Because it is a SourceCodeSo the Application Block must be rebuilt before the modification takes effect. You must also prepare to handle support and version issues. For more information, see modify the encrypted application block.
Extended encryption application block
Encryption application blocks are designed for different applications and general application blocks. The extension allows you to adapt to application blocks to meet the needs of any specific application. You can add custom encryption providers to extend the functions of application blocks. Typically, these custom providers are third-party encryption providers.
Extended encryption application block
- Create a new custom class and add it to the project.
- The validation class implements the required interfaces, constructors, and methods.
- Create a common object in the Enterprise Library console.
- Specifies the type name of the custom class.
- The attributes of a personalized object can specify any custom configuration attributes.
Create a custom hashAlgorithmProviders
1. Create a new class and add it to the project. 2. (Optional) Add the following using Statement (C #) or imports Statement (Visual Basic) to the top of the source code file. C #
Using Microsoft. Practices. enterpriselibrary. Common. configuration;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography. configuration;
Visual Basic
Imports Microsoft. Practices. enterpriselibrary. Common. Configuration
Imports Microsoft. Practices. enterpriselibrary. Security. Cryptography
Imports Microsoft. Practices. enterpriselibrary. Security. cryptography. Configuration
Note:For visual basic projects, you can use the reference pages of the project designer to manage references and import namespaces. To access the reference page, select a project node in the solution browser.ProjectClickAttribute. When the project designer appears, clickReferenceLabel.
3. Specify the class implementationIhashprovider. 4. Add class attributesConfigurationelementtype, The parameter of the specified attribute isCustomhashproviderdata. C #
[Configurationelementtype (typeof (mhmhashproviderdata)]
Public class myhashprovider: ihashprovider
Visual Basic
<Configurationelementtype (GetType (mhmhashproviderdata)> _
Public class myhashprovider: Implements ihashprovider
5. Add ownershipNamevaluecollectionType parameter constructor. C #
Public myhashprovider (namevaluecollection attributes)
{
}
Visual Basic
Public sub new (byval attributes as namevaluecollection)
End sub
6. AddCreatehashAndComparehashMethod to the class, and then implement the required behavior. C #
Public byte [] createhash (byte [] plaintext)
{
}
Public bool comparehash (byte [] plaintext, byte [] hashedtext)
{
}
Visual Basic
Public Function createhash (byval plaintext as byte ()
End Function
Public Function comparehash (byval plaintext as byte (), byval hashedtext as byte () as Boolean
End Function
Create a custom symmetric encryption algorithm provider
1. Create a new class and add it to the project. 2. (Optional) Add the following using Statement (C #) or imports Statement (Visual Basic) to the top of the source code file. C #
Using Microsoft. Practices. enterpriselibrary. Common. configuration;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography. configuration;
Visual Basic
Imports Microsoft. Practices. enterpriselibrary. Common. Configuration
Imports Microsoft. Practices. enterpriselibrary. Security. Cryptography
Imports Microsoft. Practices. enterpriselibrary. Security. cryptography. Configuration
Note:For visual basic projects, you can use the reference pages of the project designer to manage references and import namespaces. To access the reference page, select a project node in the solution browser.ProjectClickAttribute. When the project designer appears, clickReferenceLabel.
3. Specify the class implementationIsypolicriccryptoprovider. 4. Add class attributesConfigurationelementtype, SpecifyCustomsymmetriccryptoproviderdataType is the attribute parameter. C #
[Configurationelementtype (typeof (customsymmetriccryptoproviderdata)]
Public class mycustomencryptionprovider: isypolicriccryptoprovider
Visual Basic
<Configurationelementtype (GetType (custom1_riccryptoproviderdata)> _
Public class mycustomencryptionprovider: Implements isypolicriccryptoprovider
5. AddNamevaluecollectionIs the constructor of the parameter. C #
Public mockcustomsymmetricprovider (namevaluecollection attributes)
{
}
Visual Basic
Public sub new (byval attributes as namevaluecollection)
End sub
6. AddEncryptAndDecryptMethod to the class and implement the required behavior. C #
Public byte [] encrypt (byte [] plaintext)
{
}
Public byte [] decrypt (byte [] ciphertext)
{
}
Visual Basic
Public Function encrypt (byval plaintext as byte ()
End Function
Public Function decrypt (byval ciphertext as byte ()
End Function
Modify the encrypted Application Block
Encryption application blocks are designed for different applications and general application blocks. The extension allows you to adapt to application blocks to meet the needs of any specific application. However, to add new features to the Application Block, you must modify the source code (the application block contains the source code and binary code .)
Suggestions for modifying encrypted application blocks
Use the following best practices when modifying source code:
- Read the encryption application block design section in the text to understand how the Application Block works.
- If you have modified a lot of code or want to use the custom version of the application block with the original version, consider modifying the namespace of the encrypted application block. Note that changing the namespace of an Application Block requires updating all other application blocks and applications that use encrypted application blocks to adapt to the new namespace.
- Use a strong name. Strong names allow the Assembly to be uniquely identified, versioned, and integrity verified. This will have to generate your own key pair to sign the modified version of the application block. For more information, see strong naming assembly and version manual. Another option is to select a custom version without signature, but to reference it as a weak name.
- To make the modification take effect, you must re-compile the code. Open the Visual Studio solution file of the encrypted application block and recreate the entire solution.
Modify Key Management Code
Enterprise Library implements key management based on dpapi. You can use this implementation, or adapt code based on its model to meet your organization's key management needs. Use the following guidelines to modify the application block source code to implement a custom key management solution:
- ModifyKeymanagerClass. Used when the application block is runningKeymanagerClass to read and write keys. This class is placed inSecurity. CryptographyProject.
- Modify or replace the source code of the cryptographic key wizard. This wizard is part of the application block design component. You canSecurity. cryptography. configuration. DesignFind the source code for the wizard in the project.
- Modify the source code when running the encryption key wizard. Configure the console to run this wizard when adding an encrypted hash algorithm provider or adding a symmetric algorithm provider to the application configuration. You canAddhashalgorithmprovidernodecommandClass andAddsymmetricalgorithmprovidernodecommandClass. You canSecurity. cryptography. configuration. DesignFind the source code of these classes in the project.
More information
For more information, see the following resources:
- How to: store asypolicric keys in a key container
- Icspasypolicricalgorithm. importcspblob Method
- Icspasypolicricalgorithm. exportcspblob Method