如何获取 .NET 用于写入/读取配置文件配置的当前编码类型?
我正在进行连接字符串加密。我们使用自己的加密密钥和AES算法来做到这一点。在这个过程中,我们需要将字符串转换为字节数组,然后将字节数组转换回字符串。我发现编码在这些转换中发挥着重要作用。
所以我需要知道 C# 用于正确进行上述转换的编码。知道如何以可编程方式获取当前编码吗?
I am doing connection string encryption. we use our own encryption key with AES algorithm to do this. during the process, we need to convert string to byte array and then convert byte array back to string. I found the encoding play an important role on those conversions.
So I need to know the encoding C# is using to get above conversion right. Any idea how to get current encoding programmably?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
以防万一您不知道,但 .NET 内置了对 使用受保护的配置加密配置信息。加密对于应用程序来说是透明的,但操作系统将保证只有允许解密该配置的帐户(将有权访问密钥容器)才能解密它。
我不知道您的安全模型,但我想您仍然需要获取/存储密钥才能解密连接字符串。因此,有效的连接字符串与用于解密它们的密钥一样安全。如果它不像操作系统的密钥容器那样安全,我建议重新考虑您的设计。
Just in case if you don't know, but .NET have built-in support for Encrypting Configuration Information Using Protected Configuration. The encryption will be transparent for the application but operation system will guarantee that only accounts allowed to decipher that configuration (will have have access to key container) will be able to decrypt it.
I don't know your security model, but I guess you still need to get/store a key in order to decrypt connection string. So effectively connection string are as safe as the key which will be used to decrypt them. If it isn't as safe as in OS's key container I would recommend to reconsider your design.
如果您希望将加密的字符串存储在配置(或其他纯文本)文件中,最好将加密的字节存储为 Base64 编码的字符串。
同样:
您可以使用第一个代码块来获取加密数据的 Base64 编码字符串表示形式,然后将该字符串保存在配置文件中。使用第二个块将文件中的同一字符串转换回加密的字节数组。
If you're looking to store an encrypted string in a config (or other plain text) file, you're better off storing the encrypted bytes as a base64-encoded string.
Likewise:
You can use the first code block to obtain a base64-encoded string representation of your encrypted data, then save that string in the config file. Use the second block to convert that same string from the file back into an encrypted byte array.
加密的结果可能无法纯粹用 XML 的有效代码点来表示(例如,空、0 字节在 XML 中是无效的)——并且这与编码无关。因此,答案是对字节数组进行 Base64 编码,并存储结果字符串和一个字符串。并让 .NET(System.Configuration 程序集)中的配置支持进行任何进一步的编码。
The result of encryption is likely to be not representable purely in valid code-points for XML (e.g. a null, 0, byte is invaid in XML)—and this is independent of encoding. Therefore the answer is to base64 encode your byte arrarys, and store the resulting string and a string. And let the configuration support in .NET (System.Configuration assembly) do any further encoding.