Preface:
This article includes the following: 1, a brief introduction to the Cryptography Application Block (refer to your own English document) 2. Configure the Cryptography Application Block (this article to configure Symmetric Encryption Provider as an example. The configuration of Hash Provider is basically similar) 3, how to Data encryption? 4, data decryption 5, how to get the HASH value 6 of the data, determine whether the data changes depending on the data HASH value
Part 1: Introduction to Crytography Application Block
Crytography Application Block provides two encryption methods: Hash and Symmetric, the difference between the two is that the Hash encryption algorithm is not decrypted, and Symmetric can be encrypted and decrypted. Of course, it also supports custom encryption methods, Enterprise Library 2.0 provides modifications and extensions for encryption algorithms.
First, when do you need to use Cryptography Application Block? When our application needs to use Hash or Symmetric encryption, we can consider using it, we can use Microsoft's encryption algorithms, you can also define your own encryption algorithm. When our data only needs to be encrypted, and when we do not use the decryption method, we can use the Hash Provider (for example, we can use this method to encrypt the password), when the data needs to be encrypted and need to decrypt. When we can use the Symmetric Encryption Provider (for example, when we pass the URL through the URL, you can use this method to encrypt the data).
Second, what benefits have been brought by our developers?
1. It helps our developers to easily solve encryption issues in the application. 2, it can help us unify the unity of the entire enterprise application. 3, Crytography Application Block is scalable, we can use your own write encryption algorithm to encrypt the application. Part II: Crytography Application Block configuration
First we open Enterprise Library Configuration, which exists in the bin directory with your Enterprise Library installation directory. Of course, we need to build our project first, add the app.config file, and my example is performed in the Test Project of the VS2005. Select File -> Open Application, as follows:
At this point, the app.config file we just built, as shown: then click Application -> New -> Crytography Application Block, as shown: Because we want to configure Symmetric Encryption, then next We select Symmetric Provider and right click, as follows: Create a new Symmetric Algorithm Provider, and select an encryption algorithm, as shown below: After the Cryptographic Key Wizard dialog, as follows: We choose Create a new key, this occurs Let's enter a dialog box like a registration code (I haven't understood what role in this number of hexadecimal numbers), we point Generate, then click Next, choose the key file we created. Save the path, as follows: again, let us choose the encrypted mode, as follows: Encryption mode There are two kinds, User Mode and Machine Mode use Machine Mode: 1. When your application runs on a dedicated server And there are no other applications on this server; 2, running multiple applications simultaneously on your server, you want these applications to share some sensitive information. Use User Mode: If your application runs in a multi-program environment, you don't want the sensitive data in your application to be affected by other applications or accessed by other applications; in this case, Between each application, such as files, databases, etc.) is independent, which does not affect each other. Note: If you choose a DPAPI encryption algorithm, then use Machine Mode, then encrypted data is only valid on the current machine, so you must generate an encrypted data for each machine. Then point finish, then modify the configuration name of our Cryptography Application Block. Point File -> Save All, so we have completed a Symmetric Provider configuration. At this point our profile will increase the following, of course, we can also add it.
XML Version = "1.0" encoding = "UTF-8"
?>
<
CONFIGURATION
>
<
Configsections
>
<
section
Name
= "SecurityCryptography"
Type
= "Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration.CryptographySettings, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = null"
/>
Configsections
>
<
SecurityCryptographyConfiguration
>
<
Symmetriccryptoproviders
>
<
Add
AlgorithmType
= "System.Security.cryptography.descryptoserviceProvider, Mscorlib, Version = 2.0.0.0, Culture = NEUTRAL, PUBLICKEYTOKEN = B77A5C561934E089" ProtectedKeyFileName "protected
= "E: / Study / Enterprise Library 2 / Enterprise Library 2 / Key.Key"
ProtectedKeyProtectionsCope
= "Currentuser"
Type
= "Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.SymmetricAlgorithmProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = null"
Name
= "MycryptographyProvider"
/>
Symmetriccryptoproviders
>
SecurityCryptographyConfiguration
>
CONFIGURATION
>
Part III: Use the Cryptography Application Block to introduce an operation of encrypting and decrypting the data using the Cryptography Application Block using the Cryptography Application Block. 1, encryption and decryption operation
[TestMethod]
public
Void
Usecryptography ()
{// encryption string name = Cryptographer.EncryptSymmetric ( "MyCryptographyProvider", "SHY520"); // decryption string rname = Cryptographer.DecryptSymmetric ( "MyCryptographyProvider", name); Assert.AreEqual (rname, "SHY520");}
2. Get the data value of the data, provided that we are configured with a Hash Provider (specific configuration method can refer to the configuration method of the Symmetric Provider described earlier), and then get the Hash value with the following method, but pay attention to the Hash value can not decrypt .
[TestMethod]
public
Void
GetHashValues ()
{Byte [] valueToHash = (new UnicodeEncoding ()) GetBytes ( "password");. Byte [] generatedHash = Cryptographer.CreateHash ( "hashProvider", valueToHash);. // Clear the byte array memory Array.Clear (valueToHash, 0, valuetohash.length; assert.arequal ("password", generatedhash;}
Of course, the above test method is definitely can't pass. Here is just how to get the HASH value of the data. 3. By comparing a data and a HASH value it has generated, it is determined whether the data changes.
[TestMethod]
public
Void
Comparehashvalue ()
{Byte [] ovalue = (new unicodeEncoding ()). GetBytes ("Shy520"); // Create Ovalue's Hash value byte [] generatedhash = cryptographer.createhash ("HashProvider", ovalue; // Compare data and its Hash value, if the data does not change, returns true, change the false bool result = cryptographer.comparehash ("HashProvider", Ovalue, GeneratedHash; // Change the value of the original data, then compare Ovalue = (New UnicodeEncoding () ) .Getbytes ("Shy521"); BOOL RESULT1 = Cryptographer.comParehash ("HashProvider", Ovalue, GeneratedHash; Assert.Arequal (false, result1); assert.Arequal (true, result);}
The content contained in the Cryptography Application Block is not much, but it contains a lot of common encryption algorithms, enough to meet the requirements in our project, today we will introduce the introduction of the Cryptography Application Block, I hope to help beginners. . Previous: Enterprise Library 2.0 - Caching Application Block added: Config File Encryption: First, add a reference to System.Configuration.dll then add the following code: Configuration config = null; config = ConfigurationManager.OpenExeConfiguration (ConfigurationUserLevel.None) ; ConfigurationSection section = config.ConnectionStrings; if (section.SectionInformation.IsProtected == false && section.ElementInformation.IsLocked == false) {section.SectionInformation.ProtectSection ( "RsaProtectedConfigurationProvider"); section.SectionInformation.ForceSave = true; config. Save (configurationsavemode.full);