I want to encrypt some passwords in sql server and have a c# app decrypt them.
我想在sql server中加密一些密码,并让c#应用程序解密它们。
Obviously I can create an SP to decrypt the required password for me and pass this to the c# app, but this means sending the plaintext password over network.
显然,我可以创建一个SP来为我解密所需的密码并将其传递给c#应用程序,但这意味着通过网络发送明文密码。
So I want to be able to encrypt my password in sql server (using passphrase, certificate etc), which can be passed around to my c# apps which will then know how to decrypt it and use it.
因此,我希望能够在sql server中加密我的密码(使用密码短语、证书等),这些密码可以传递给我的c#应用程序,这些应用程序将知道如何解密并使用它。
I think this must be possible (maybe using certificates) but not really sure where to start.
我认为这肯定是可能的(可能使用证书),但并不确定从哪里开始。
Can use .net 4 and sql server 2008 if there are new approaches to this.
如果有新的方法可以使用。net 4和sql server 2008。
Thanks in advance for your advice.
谢谢你的建议。
3 个解决方案
#1
3
Could you create an encrypt/decrypt assembly in .NET (2.0) and deploy that to SQL Server? That's the only way I see how you could have the same algorithm/mechanism to encrypt/decrypt your data.
您能否在。net(2.0)中创建一个加密/解密程序集,并将其部署到SQL Server?这是我看到的唯一方法,您可以有相同的算法/机制来加密/解密您的数据。
Create a .NET assembly with the encryption/decryption, deploy it to SQL Server, use it there to encrypt the data, and use the same assembly / same .NET code to decrypt the data in your .NET app.
使用加密/解密创建. net程序集,将其部署到SQL Server,使用它对数据进行加密,并使用相同的程序集/相同的. net代码对. net应用程序中的数据进行解密。
#2
3
Never encrypt the passwords!
从未加密的密码!
Passwords should be salted and hashed - this is rule number one when it comes to system security.
密码应该加盐和散列——这是关于系统安全的第一条规则。
#3
0
We have created this functionality, an assembly that is used in both code and deployed on the server. However, we have run into memory pressure issues. The server is a dual quad core server with 24 gb of memory, 64 bit os and 32 bit sql server. AWE is enabled, sql's process is prioritized and 19gb of the memory is allocated to sql. It is our only assembly and we get tons of errors in the log file. I am a big fan of extending systems, however, this seems like a hack. Why do we have use one or the other? Why not both?
我们已经创建了这个功能,一个在代码中使用并部署在服务器上的程序集。但是,我们遇到了内存压力问题。该服务器是一个双四元核心服务器,拥有24gb内存、64位操作系统和32位sql服务器。启用AWE,对sql进程进行优先排序,并将19gb内存分配给sql。这是我们唯一的程序集,我们在日志文件中得到大量错误。我非常喜欢扩展系统,然而,这似乎是一个黑客。为什么我们要用一个或另一个呢?为什么不两个呢?
#1
3
Could you create an encrypt/decrypt assembly in .NET (2.0) and deploy that to SQL Server? That's the only way I see how you could have the same algorithm/mechanism to encrypt/decrypt your data.
您能否在。net(2.0)中创建一个加密/解密程序集,并将其部署到SQL Server?这是我看到的唯一方法,您可以有相同的算法/机制来加密/解密您的数据。
Create a .NET assembly with the encryption/decryption, deploy it to SQL Server, use it there to encrypt the data, and use the same assembly / same .NET code to decrypt the data in your .NET app.
使用加密/解密创建. net程序集,将其部署到SQL Server,使用它对数据进行加密,并使用相同的程序集/相同的. net代码对. net应用程序中的数据进行解密。
#2
3
Never encrypt the passwords!
从未加密的密码!
Passwords should be salted and hashed - this is rule number one when it comes to system security.
密码应该加盐和散列——这是关于系统安全的第一条规则。
#3
0
We have created this functionality, an assembly that is used in both code and deployed on the server. However, we have run into memory pressure issues. The server is a dual quad core server with 24 gb of memory, 64 bit os and 32 bit sql server. AWE is enabled, sql's process is prioritized and 19gb of the memory is allocated to sql. It is our only assembly and we get tons of errors in the log file. I am a big fan of extending systems, however, this seems like a hack. Why do we have use one or the other? Why not both?
我们已经创建了这个功能,一个在代码中使用并部署在服务器上的程序集。但是,我们遇到了内存压力问题。该服务器是一个双四元核心服务器,拥有24gb内存、64位操作系统和32位sql服务器。启用AWE,对sql进程进行优先排序,并将19gb内存分配给sql。这是我们唯一的程序集,我们在日志文件中得到大量错误。我非常喜欢扩展系统,然而,这似乎是一个黑客。为什么我们要用一个或另一个呢?为什么不两个呢?