After that, we will introduce the new module cryptographer in the Enterprise Library. This module plays an important role in most daily projects, for example: the website member password, ID card number, and website configuration can be encrypted to ensure the security of project data.
We will introduce the following points today:
1. Simple Analysis of the enterprise database cryptographer (encryption module.
2. Implement a custom encryption interface.
3. Apply the custom interface in the project.
First, simple analysis of the enterprise database cryptographer (encryption module)
In our daily development, encryption is always used to encrypt the data. We usually customize some encryption methods in the project, and the Enterprise Library is to simplify these development, provides a simple way to encrypt and decrypt data.
Like other modules, cryptographer (encryption module) can also perform data encryption and decryption through simple configuration. For more information about the configuration, see huangcong's article in the garden, I will not talk about it much more:
Cryptography Application Block (Elementary)
Cryptography Application Block (advanced)
Cryptographer (encryption module) provides two encryption methods:
1,Hashcryptographer (discrete encryption ),This method encrypts data based on a specific algorithm, which cannot be decrypted.
2,Symmetric riccryptographer (symmetric encryption ),This method also encrypts data based on specific algorithms, but the data can be decrypted after encryption.
You can better understand the figure and reference the document from enterprise database 5.0:
Encryption moduleStatic class cryptographerAs the core, it facilitates programmers to encrypt and decrypt data according to their configurations. It mainly includes the following members:
1. The createhash method reads the data according to the discrete configuration name configured in the configuration file and encrypts the data.
2. Method encryptsymmetric: encrypt the data according to the configuration name configured in the configuration file.
3. The method decryptsymmetric is used to decrypt the data according to the configuration name configured in the configuration file.
4. Use comparehash to compare whether the encrypted data is consistent with the encrypted data.
5. The private methods include gethashprovider and getjavasriccryptoprovider to obtain discrete and symmetric encryption instances based on the configuration file name.
In this encryption module,Static class cryptographerProvides encryption and decryption Based on the configuration name, and providesAbstract class cryptographymanagerTo implement a custom encryption and decryption Manager. The encryption module provides us with the implementation of cryptographymanager --Cryptographymanagerimpl.
Abstract class cryptographymanagerIt is essentially a non-static cryptography, which defines four Abstract METHODS:
1. createhash method.
2. Method encryptpolicric.
3. decryptpolicric.
4. comparehash method.
Implementation classCryptographymanagerimplThis mainly implementsAbstract class cryptographymanagerThe main information is as follows:
1. Field idictionary <string, ihashprovider> hashproviders, a set of discrete encryption key-value pairs, including multiple discrete encryption implementations.
2. Field idictionary <string, isyuncriccryptoprovider> encryption riccryptoproviders, a set of symmetric encryption key-value pairs, including multiple symmetric encryption implementations.
3. Field idefacrycryptographyinstrumentationprovider instrumentationprovider, which provides an error report for the encryption module
4. constructor. A total of three constructor functions are provided, including discrete encryption in the form of a generic list, symmetric encryption, and
5. the encryption and decryption methods are createhash, encryptsymmetric, and decryptsymmetric. These three methods receive three parameters: the configured encryption and decryption Instance name, the data to be encrypted, and the Error Report of the encryption module (idefaultcryptographyinstrumentationprovider ).
Internally, it searches for the corresponding encryption and decryption implementation in the hashproviders or your riccryptoproviders list based on the Instance name, and then calls the implementation for encryption and decryption.
In the actual project development process, we canStatic class cryptographerYou can simply encrypt and decrypt data.Abstract class cryptographymanagerIn general, the cryptographer module of the enterprise database has provided us with a good encryption and decryption encapsulation, at the same time, the extension interface can be further expanded on the basis of it, greatly facilitating our daily project development.
Second: implement a custom encryption Interface
In the first part, I briefly introduced the important information of the enterprise database cryptographer module. Now I will introduce the extended encryption/Decryption interface provided by the enterprise database cryptographer module.
As mentioned above, the enterprise database cryptographer module provides two encryption and decryption methods:
1,Hashcryptographer (discrete encryption ),This method encrypts data based on a specific algorithm, which cannot be decrypted.
2,Symmetric riccryptographer (symmetric encryption ),This method also encrypts data based on specific algorithms, but the data can be decrypted after encryption.
The two encryption and decryption Methods correspond to two interfaces: ihashprovider and isyuncriccryptoprovider. You can view the code of these two interfaces respectively:
Ihashprovider interface:
This interface has only two methods:
1. The createhash method receives the incoming data to be encrypted (byte array) and returns the encrypted data (byte array) based on the specific implementation of discrete encryption ).
2. The comparehash method receives the data to be encrypted (byte array) and encrypted (byte array ), call the specific implementation of the discrete encryption method to encrypt the data to be encrypted and then compare it with the encrypted data to see if it is equal.
Isypolicriccryptoprovider interface:
public interface ISymmetricCryptoProvider{ byte[] Encrypt(byte[] plaintext); byte[] Decrypt(byte[] ciphertext);}
This interface is also relatively simple, and there are only two methods:
1. The method encrypt receives the data to be encrypted (byte array), calls the implementation method for encryption, and returns the encrypted data (byte array ).
2. The decrypt method receives the encrypted data (byte array), calls the implementation method for decryption, and returns the decrypted data (byte array ).
If we need to expand the custom encryption and decryption methods, we need to start with the above two interfaces and determine whether discrete encryption or symmetric encryption is required to implement different interfaces.
The above is the information about the enterprise database cryptographer module. It mainly introduces common classes of the cryptographer module and the encryption and decryption manager. It also briefly introduces the extended encryption and decryption interfaces of the cryptographer module.
In the next article, I will continue to introduce how to implement custom discrete encryption and symmetric encryption methods, and how to use custom encryption and decryption methods in projects..