Encrypting and decrypting data using NHibernate

后端未结

关注

 2  1885

渐次进展 2021-02-02 04:01

I\'m writing a publicly accessible web application which will contain personal user data, such as names and birth dates, and I\'m required to encrypt this data in a form that w

2条回答

半阙折子戏 (楼主)

2021-02-02 04:31

In true Blue Peter fashion, here's one I created earlier to do just this. It relies on a provider pattern to get the encryption algorithm but you could replace this with whatever you want.

This exposes a string property in your domain object, but persists it as a binary (array of bytes) representing the encrypted form. In my provider pattern code, Encrypt takes a string and returns a byte array, and Decrypt does the opposite.

[Serializable]
public class EncryptedStringType : PrimitiveType
{
    public EncryptedStringType() : this(new BinarySqlType()) {}

    public EncryptedStringType(SqlType sqlType) : base(sqlType) {}

    public override string Name
    {
        get { return "String"; }
    }

    public override Type ReturnedClass
    {
        get { return typeof (string); }
    }

    public override Type PrimitiveClass
    {
        get { return typeof (string); }
    }

    public override object DefaultValue
    {
        get { return null; }
    }

    public override void Set(IDbCommand cmd, object value, int index)
    {
        if (cmd == null) throw new ArgumentNullException("cmd");
        if (value == null)
        {
            ((IDataParameter)cmd.Parameters[index]).Value = null;
        }
        else
        {
            ((IDataParameter)cmd.Parameters[index]).Value = EncryptionManager.Provider.Encrypt((string)value);
        }
    }

    public override object Get(IDataReader rs, int index)
    {
        if (rs == null) throw new ArgumentNullException("rs");
        var encrypted = rs[index] as byte[];
        if (encrypted == null) return null;
        return EncryptionManager.Provider.Decrypt(encrypted);
    }

    public override object Get(IDataReader rs, string name)
    {
        return Get(rs, rs.GetOrdinal(name));
    }

    public override object FromStringValue(string xml)
    {
        if (xml == null)
        {
            return null;
        }

        if (xml.Length % 2 != 0)
        {
            throw new ArgumentException(
                "The string is not a valid xml representation of a binary content.",
                "xml");
        }

        var bytes = new byte[xml.Length / 2];
        for (int i = 0; i < bytes.Length; i++)
        {
            string hexStr = xml.Substring(i * 2, (i + 1) * 2);
            bytes[i] = (byte)(byte.MinValue
                              + byte.Parse(hexStr, NumberStyles.HexNumber, CultureInfo.InvariantCulture));
        }

        return EncryptionManager.Provider.Decrypt(bytes);
    }

    public override string ObjectToSQLString(object value, Dialect dialect)
    {
        var bytes = value as byte[];
        if (bytes == null)
        {
            return "NULL";
        }
        var builder = new StringBuilder();
        for (int i = 0; i < bytes.Length; i++)
        {
            string hexStr = (bytes[i] - byte.MinValue).ToString("x", CultureInfo.InvariantCulture);
            if (hexStr.Length == 1)
            {
                builder.Append('0');
            }
            builder.Append(hexStr);
        }
        return builder.ToString();
    }
}

0 讨论(0)

查看其它2个回答