有没有办法加密 Windows 窗体应用程序的配置文件?
有没有办法加密 Windows 窗体应用程序的配置文件?
我在谷歌上能找到的只是依赖于“aspnet_regiis.exe”的东西,但我想为桌面应用程序执行此操作?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
有没有办法加密 Windows 窗体应用程序的配置文件?
我在谷歌上能找到的只是依赖于“aspnet_regiis.exe”的东西,但我想为桌面应用程序执行此操作?
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
接受
或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
发布评论
评论(4)
你想实现什么目标?
请记住,程序本身需要解密文件,并且在您的情况下,EXE 文件将位于最终用户计算机上。
因此,任何有权访问配置文件的人几乎肯定也拥有 EXE,并且没有办法阻止他们读取它。
如果您要存储最终用户的密码并希望防止其他人读取它,您可以调用
File.Encrypt
在文件路径上。请注意,这在 XP Home 中不起作用。您还可以使用
ProtectedData
System.Security.dll 中的类来加密字节数组,以便只有登录的用户才能解密它,然后将该字节数组存储在配置文件中。 (这将在 XP 家庭中工作,据我所知)What are you trying to accomplish?
Remember that the program itself needs to decrypt the file, and, in your case, the EXE file will be on the end-users machines.
Therefore, anyone who has access to the config file will almost definitely have the EXE as well, and there is no way to prevent them from reading it.
If you're storing the end-user's password and want to prevent other people from reading it, you could call
File.Encrypt
on the path to the file. Note that this won't work in XP Home.You can also use the
ProtectedData
class in System.Security.dll to encrypt a byte array such that only the logged on user can decrypt it, then store that byte array in the config file. (This will work in XP home, AFAIK)http://weblogs.asp.net/jgalloway/archive/2008/04/13/encrypting-passwords-in-a-net-app-config-file.aspx
http://weblogs.asp.net/jgalloway/archive/2008/04/13/encrypting-passwords-in-a-net-app-config-file.aspx
回应您的评论:
不可能阻止坚定的用户。如果用户足够努力,您就无法阻止他执行其计算机上的应用程序能够执行的操作。你可以让它变得极其困难,但并非不可能。
您究竟担心用户会做什么?
如果你只希望他能够看到部分数据,可以使用数据库权限或者存储过程,或者用Web服务替换数据库。
如果你不希望他能够复制数据,没有100%的解决方案。
您可以对程序集进行混淆,但没有混淆器是完全完美的。
您可以添加诸如
if (Debugger.IsAttached) Environment.FailFast()
之类的行,但用户可以使用 Reflexil。您可以使用程序集文件的哈希值作为加密密钥(的一部分),但用户可以使用 Reflexil 将其替换为硬编码字节数组。
如果用 Web 服务替换数据库,则可以修改 Web 服务来检测可疑请求,但用户可能会在请求之间等待和/或使用不同的计算机。
您可以返回图像而不是数据,但用户可以使用 OCR。
简而言之,你可以让它变得非常困难和耗时,但你不能让它变得不可能。
In response to your comment:
It is not possible to stop a determined user. If the user tries hard enough, there is nothing you can do to prevent him from doing what an application on his machine is able to do. You can make it exceedingly difficult, but not impossible.
What exactly are you afraid that the user will do?
If you only want him to be able to see some of the data, you can use database permissions or stored procedures, or replace the database with a web service.
If you don't want him to be able to copy the data, there's no 100% solution.
You can obfuscate the assembly, but no obfuscator is completely perfect.
You can add lines like
if (Debugger.IsAttached) Environment.FailFast()
, but the user can remove them with Reflexil.You can use a hash of the assembly file as (part of) the encryption key, but the user can replace it with a hard-coded byte array using Reflexil.
If you replace the database with a web service, you could modify the web service to detect suspicious requests, but the user could wait between requests and/or use different machines.
You could return images instead of data, but the user can use OCR.
In short, you can make it very difficult and time-consuming, but you can't make it impossible.
我根据您的需求应用了一个可行的解决方案。这是它的链接。
http://www.ardabasoglu .com/1/post/2010/12/encrypting-the-windows-forms-application-settings.html
I applied a working solution to your need. Here is the link to it.
http://www.ardabasoglu.com/1/post/2010/12/encrypting-the-windows-forms-application-settings.html