The enterprise database encryption application module provides two methods for users to protect their data:
- Hashingproviders:In short, the discrete encryption method saves your information to the memory and uses a discrete value to represent it and return it to the program. In this way, only discrete values rather than plain text can be seen in the program, this will achieve simple encryption.
- Cryptographyproviders:Key encryption method. Data is encrypted using symmetric encryption (asymmetric encryption is not yet supported ).
Advantages of using Enterprise Library to encrypt application modules:
- This reduces the amount of template code to be written and executes standard tasks. It can be used to solve common application encryption problems.
- It helps maintain data transmission encryption within an application and across enterprises.
- Allows administrators to perform encryption configuration, including using group policies.
- Scalable and supports custom encryption technology.
The following describes how to use the encryption application module in Microsoft Enterprise Library 5.0.
1. Download and install microsoftenterprise library 5.0,and then run entlibconfig.exe
2. SelectBlocksMenu, clickAdd cryptographysettings.
How to create the following stylesHash providersAndSymmetric cryptographyprovidersEncryption Policy:
()Hash providersProcedure:
(1) ClickHashprovidersThe plus sign button in the upper right corner of the block,Add hash providersAnd then clickAdd hash algorithm provider, SelectSystem. CoreUnderMd5cng,
It indicates that the MD5 encryption method is used to obtain the discrete value.
(2) ClickFileMenu, clickSave, Save asApp. configFile, you can save it to the desktop first, and then use it. Use notepad to open app. config, you can see the following content.
Code
<configuration>
<configSections>
<section name="securityCryptographyConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration.CryptographySettings,Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="true" />
</configSections>
<securityCryptographyConfiguration>
<add name="MD5Cng" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider,Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35"
algorithmType="System.Security.Cryptography.MD5Cng,System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
saltEnabled="true" />
</securityCryptographyConfiguration>
</configuration>
(3) to use the cache application module, You need to import the corresponding DLL file. What we want to import here isMicrosoft. Practices. enterpriselibrary. caching. dll, SetApp. configAdd the file to the project,
Add usingmicrosoft. Practices. enterpriselibrary. Security. cryptography reference:
Add reference:
usingMicrosoft.Practices.EnterpriseLibrary.Security.Cryptography;
(4) test:
Usingsystem;
Using system. Collections. Generic;
Using system. LINQ;
Using system. text;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography;
Namespace Test
{
Classprogram
{
Staticvoid main (string [] ARGs)
{
// Obtain the discrete code
Stringhash = cryptographer. createhash ("md5cng", "sensitivedata ");
// Print the display
Console. writeline (hash );
Console. writeline ("------------------------------------------------");
// Verify
Boolequal = cryptographer. comparehash ("md5cng", "sensitivedata", hash );
// Print the result
If (equal)
{
Console. writeline ("correct ");
}
Else
{
Console. writeline ("error ");
}
}
}
}
Running result:
(B)Symmetric cryptographyprovidersPolicy implementation steps:
(1) ClickSymmetriccryptography providerClick the plus sign in the upper-right corner of the block, and then clickAdd encryption ric cryptography providersHere we can see three options, which are described below:
- Add custom encryption riccrypto provider:As the name suggests, it is difficult for users to customize encryption policies. Therefore, they must write their own encryption classes.
- Add dpapi encryption Ric crypto provider:Add a symmetric key generated by the Data Encryption API for encryption.
- Add sysmmetric algorithm provider:For advanced symmetric encryption methods, you need to generate key files to protect data.
Here I will introduce the second method, so click SelectAdd dpapi encryption Ric crypto provider.
(2) ClickFileMenu, clickSaveUpdate the original app. config file. open the file and you can see the following content.
Code
<configuration>
<configSections>
<section name="securityCryptographyConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration.CryptographySettings,Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="true" />
</configSections>
<securityCryptographyConfiguration defaultHashInstance="MD5Cng">
<add name="MD5Cng" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.HashAlgorithmProvider,Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35"
algorithmType="System.Security.Cryptography.MD5Cng,System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
saltEnabled="true" />
<symmetricCryptoProviders>
<add type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.DpapiSymmetricCryptoProvider,Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35"
name="DPAPISymmetric Crypto Provider" />
</symmetricCryptoProviders>
</securityCryptographyConfiguration>
</configuration>
(3) test:
Using system;
Using system. Collections. Generic;
Using system. LINQ;
Using system. text;
Using Microsoft. Practices. enterpriselibrary. Security. cryptography;
Namespace Test
{
Class Program
{
Static void main (string [] ARGs)
{
//// Obtain the discrete code
// String hash = cryptographer. createhash ("md5cng", "sensitivedata ");
//// Print the display
// Console. writeline (hash );
// Console. writeline ("------------------------------------------------");
//// Verify
// Bool equal = cryptographer. comparehash ("md5cng", "sensitivedata", hash );
//// Print the result
// If (equal)
//{
// Console. writeline ("correct ");
//}
// Else
//{
// Console. writeline ("error ");
//}
String encrypt = cryptographer. encryptsymmetric ("dpapi encryption Ric crypto provider", "sensitivedata ");
Console. writeline ("ciphertext:" + encrypt );
Console. writeline ("------------------------------------------------");
Encrypt = cryptographer. decryptsymmetric ("dpapi encryption Ric crypto provider", encrypt );
Console. writeline ("Original:" + encrypt );
}
}
}
Running result:
Source: http://www.cnblogs.com/huangcong/archive/2010/05/28/1746634.html please
The copyright of this article is shared by the author and the blog Park. You are welcome to repost this article. However, you must retain this statement without the author's consent and provide a clear link to the original article on the article page. Otherwise, you will be held legally liable.