永久存储数据而无需数据库

Question

我正在实现一个C＃应用程序，该应用程序需要在其中保存10个IP地址。 因此，如果将数据库集成到应用程序中，我认为这是资源浪费。 我不能使用XML或文本文件，因为这些地址必须安全。 我提出了实施自己的文件格式并使用它的建议。
1.是否有任何建议改为实施单独的文件格式
2.如果没有实现新文件格式的方法，什么是最好的

Answer 1

将其存储在文件中并对文件进行加密，以使其他程序无法读取它。

Answer 2

您可以将详细信息保存在sqlite数据库中，也可以保存在file ，

如果您想将内容保密，则对文件进行加密

Answer 3

在其上应用Salt并将其保存在文本文件或Xml中，如果对其加密，则不会存在数据不安全的危险。

请参阅此示例：

using System.Security.Cryptography;

public static string EncodePasswordToBase64(string password)
{  byte[] bytes   = Encoding.Unicode.GetBytes(password);
   byte[] inArray = HashAlgorithm.Create("SHA1").ComputeHash(bytes);
   return Convert.ToBase64String(inArray);
}

在此方法中，使用SHA1进行哈希处理以加密字符串。

Answer 4

使用强加密对字符串进行加密。 在这里我喜欢使用2种方法。 它会高度加密并向其中添加盐。

public static string EncryptString(string sData, string sKey)
    {
        // instance of the Rihndael.
        RijndaelManaged RijndaelManagedCipher = new RijndaelManaged();

        // string to byte array.
        byte[] UnicodeText = System.Text.Encoding.Unicode.GetBytes(sData);

        // adign dirt to the string to make it harder to guess using a dictionary attack.
        byte[] Dirty = Encoding.ASCII.GetBytes(sKey.Length.ToString());

        // The Key will be generated from the specified Key and dirt.
        PasswordDeriveBytes FinalKey = new PasswordDeriveBytes(sKey, Dirty);

        // Create a encryptor from the existing FinalKey bytes.           
        ICryptoTransform Encryptor = RijndaelManagedCipher.CreateEncryptor(FinalKey.GetBytes(32), FinalKey.GetBytes(16));

        // Create a MemoryStream that is going to hold the encrypted bytes
        MemoryStream memoryStream = new MemoryStream();

        // Create a CryptoStream
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);

        // write the encryption
        cryptoStream.Write(UnicodeText, 0, UnicodeText.Length);

        // write final blocks to the memory stream
        cryptoStream.FlushFinalBlock();

        // Convert to byte array the encrypted data
        byte[] CipherBytes = memoryStream.ToArray();

        // Close streams.
        memoryStream.Close();
        cryptoStream.Close();

        // Convert to byte array to string
        string EncryptedData = Convert.ToBase64String(CipherBytes);

        // Return the encrypted string
        return EncryptedData;

    }

    public static string DecryptString(string sData, string sKey)
    {
        // instance of rijndael
        RijndaelManaged RijndaelCipher = new RijndaelManaged();

        // convert to byte aray the encrypted data
        byte[] EncryptedData = Convert.FromBase64String(sData);

        // add dirt to the key like when encrypthing
        byte[] Dirty = Encoding.ASCII.GetBytes(sKey.Length.ToString());

        // get the finalkey o be used
        PasswordDeriveBytes FinalKey = new PasswordDeriveBytes(sKey, Dirty);

        // Create a decryptor with the key
        ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(FinalKey.GetBytes(32), FinalKey.GetBytes(16));

        // load to memory stream the encrypted data
        MemoryStream memoryStream = new MemoryStream(EncryptedData);

        // Create a CryptoStream on the memory stream holding the data
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);

        // Length is unknown but need placeholder big enought for decrypted data
        // we know the decrypted version cannot ever be longer than the crypted version
        // since we added bunch of garbage to it so the length of encrypted data is safe to use
        byte[] UnicodeText = new byte[EncryptedData.Length];

        // Start decrypting
        int DecryptedCount = cryptoStream.Read(UnicodeText, 0, UnicodeText.Length);

        //close streams
        memoryStream.Close();
        cryptoStream.Close();

        // load decrypted data to string
        string DecryptedData = Encoding.Unicode.GetString(UnicodeText, 0, DecryptedCount);

        // Return decrypted string
        return DecryptedData;
    }

添加到此

现在只需做一个像

public class Settings
{
    public const string EncryptionKey = "somekey";
    public List<string> IP = new List<string>();       

    public string getClassEncrypted()
    {
        return EncryptString(new JavaScriptSerializer().Serialize(this), EncryptionKey);
    }

    public Settings getClassDecrypted(string sClassEcrypted)
    {
        return new JavaScriptSerializer().Deserialize<Settings>(DecryptString(sClassEcrypted, EncryptionKey));
    }
}

设置一个Ips只需将Settings.getClassEncrypted();写入文件Settings.getClassEncrypted(); 然后当需要取回值时，仅读取文本文件并使用以下内容进行备份：

string sFileText = ...; // from the file saved
var setting = new Settings.getClassDecrypted(sFileText);

现在您已经拥有了要做的所有课程。 而且该类甚至被序列化