针对某些数据字段要保存敏感数据的情况,比如银行卡号,登录密码,需要使用一种机制保证存储到数据库的数据是加密的,避免数据泄露风险,但是又能够正常读取出来显示。
示例【mysql】:
创建一个ConsoleApp1,然后引用下列NuGet包:
- EntityFrameworkCore.DataEncryption
-
Pomelo.EntityFrameworkCore.MySql
数据表User,包含3个字段: - Id 主键
- Name 姓名
-
BankCard 银行账户
创建User类,在BankCard上我们加了EncryptedAttribute,表示这个字段需要加密:
public class User
{
public int Id { get; set; }
public string Name { get; set; }
[Encrypted]
public string BankCard { get; set; }
}
创建DefaultDbContext,在构造函数创建IEncryptionProvider实例,
并在OnModelCreating方法中UseEncryption:
public class DefaultDbContext: DbContext
{
private readonly byte[] _encryptionKey = ...;
private readonly byte[] _encryptionIV = ...;
private readonly IEncryptionProvider _provider;
public DefaultDbContext()
{
this._provider = new AesProvider(this._encryptionKey, this._encryptionIV);
}
public DbSet<User> User { get; set; }
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
modelBuilder.UseEncryption(this._provider);
base.OnModelCreating(modelBuilder);
}
}
使用
DefaultDbContext context = new DefaultDbContext();
User zhangsan = new User { Id = 1, Name = "张三", BankCard = "12345" };
User lisi = new User { Id = 2, Name = "李四", BankCard = "67890" };
context.User.AddRange(zhangsan, lisi);
context.SaveChanges();
var users = context.User.ToList();
foreach (var user in users)
{
Console.WriteLine($"{user.Id} {user.Name} {user.BankCard}");
}
输出
【控制台】
【数据库】
版权声明:本文为qq_40110781原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。