开关控制数据库密码加密

performance/Performance.Api/Configurations/AppSettingConfig.cs

-using Microsoft.Extensions.Configuration;
+using System;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
 using Performance.DtoModels.AppSettings;
 using Performance.Infrastructure;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
+using Performance.Repository;
 
 namespace Performance.Api.Configurations
 {
@@ -21,7 +20,12 @@ public static void AddAppSettingConfiguration(this IServiceCollection services,
                 .Configure<HuyiSmsConfig>(configuration.GetSection("HuyiSmsConfig"))
                 .Configure<EmailOptions>(configuration.GetSection("EmailOptions"))
                 .Configure<RateLimitingConfig>(configuration.GetSection("RateLimitingConfig"))
-                .Configure<WebapiUrl>(configuration.GetSection("WebapiUrl"));
+                .Configure<WebapiUrl>(configuration.GetSection("WebapiUrl"))
+                .Configure<AppSQLEncrypt>(configuration.GetSection("AppSQLEncrypt"));
+
+            var options = services.BuildServiceProvider().GetRequiredService<IOptions<AppSQLEncrypt>>();
+            AppSQLEncryptConfig.Instance = options?.Value ?? new AppSQLEncrypt();
+
         }
     }
 }

performance/Performance.Api/wwwroot/Performance.DtoModels.xml

@@ -49,6 +49,16 @@
             相对
             </summary>
         </member>
+        <member name="T:Performance.DtoModels.AppSettings.AppSQLEncrypt">
+            <summary>
+            数据库密码加密
+            </summary>
+        </member>
+        <member name="P:Performance.DtoModels.AppSettings.AppSQLEncrypt.IsEncryption">
+            <summary>
+            是否加密 true 加密 false 明文
+            </summary>
+        </member>
         <member name="P:Performance.DtoModels.AppSettings.RateLimitingConfig.Endpoints">
             <summary>
             路径

performance/Performance.DtoModels/AppSettings/AppConnection.cs

-using System;
-using System.Collections.Generic;
-using System.Text;
-
-namespace Performance.DtoModels.AppSettings
+namespace Performance.DtoModels.AppSettings
 {
     /// <summary>
     /// 数据库连接字符串

performance/Performance.DtoModels/AppSettings/AppSQLEncrypt.cs

+namespace Performance.DtoModels.AppSettings
+{
+    /// <summary>
+    /// 数据库密码加密
+    /// </summary>
+    public class AppSQLEncrypt
+    {
+        /// <summary>
+        /// 是否加密 true 加密 false 明文
+        /// </summary>
+        public bool IsEncryption { get; set; } = false;
+        public string TempMySqlConnectionString { get; set; } = "";
+        public string TempSqlServerConnectionString { get; set; } = "";
+        public string TempOracleConnectionString { get; set; } = "";
+    }
+}

performance/Performance.Infrastructure/Helper/AESHelper.cs

+using System;
+using System.Security.Cryptography;
+using System.Text;
+
+namespace Performance.Infrastructure.Helper
+{
+    public static class AESHelper
+    {
+        /// <summary>
+        /// AES加密
+        /// </summary>
+        /// <param name="plainStr">明文字符串</param>
+        /// <returns>密文</returns>
+        public static string AESEncrypt(string encryptStr, string key = "lr1hxmoejv7czxt4mo50gfopebqkwp8l")
+        {
+            byte[] keyArray = Encoding.UTF8.GetBytes(key);
+            byte[] toEncryptArray = Encoding.UTF8.GetBytes(encryptStr);
+            RijndaelManaged rDel = new RijndaelManaged();
+            rDel.Key = keyArray;
+            rDel.Mode = CipherMode.ECB;
+            rDel.Padding = PaddingMode.PKCS7;
+            ICryptoTransform cTransform = rDel.CreateEncryptor();
+            byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
+            return Convert.ToBase64String(resultArray, 0, resultArray.Length);
+        }
+        /// <summary>
+        /// 解密
+        /// </summary>
+        /// <param name="encryptStr"></param>
+        /// <param name="key"></param>
+        /// <returns></returns>
+        public static string AESDEncrypt(string encryptStr, string key = "lr1hxmoejv7czxt4mo50gfopebqkwp8l")
+        {
+            byte[] keyArray = Encoding.UTF8.GetBytes(key);
+            byte[] toEncryptArray = Convert.FromBase64String(encryptStr);
+            RijndaelManaged rDel = new RijndaelManaged();
+            rDel.Key = keyArray;
+            rDel.Mode = CipherMode.ECB;
+            rDel.Padding = PaddingMode.PKCS7;
+            ICryptoTransform cTransform = rDel.CreateDecryptor();
+            byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
+            return Encoding.UTF8.GetString(resultArray);
+        }
+    }
+}

performance/Performance.Repository/Common/AppSQLEncryptConfig.cs

+using Performance.DtoModels.AppSettings;
+
+namespace Performance.Repository
+{
+    public static class AppSQLEncryptConfig
+    {
+        public static AppSQLEncrypt Instance { get; set; }
+    }
+}

performance/Performance.Repository/Common/ConnectionBuilder.cs

 using MySql.Data.MySqlClient;
 using Oracle.ManagedDataAccess.Client;
+using Performance.Infrastructure.Helper;
 using System;
 using System.Data;
 using System.Data.SqlClient;
@@ -46,25 +47,35 @@ public static IDbConnection Create(DatabaseType type, string connectionString)
         /// <returns></returns>
         public static string GetConnectionString(DatabaseType type, string ip, string database, string uid, string pwd)
         {
-            string connectionString = "";
-            switch (type)
+            pwd = (AppSQLEncryptConfig.Instance.IsEncryption) ? AESHelper.AESDEncrypt(pwd) : pwd;
+
+            if (type == DatabaseType.MySql)
             {
-                case DatabaseType.MySql:
-                    connectionString = $"Server={ip};Database={database};Uid={uid};Pwd={pwd};connection timeout=12000;pooling=true;charset=utf8;Convert Zero Datetime=True;port=3306;Allow User Variables=True;";
-                    break;
+                string connectionString = string.IsNullOrEmpty(AppSQLEncryptConfig.Instance.TempMySqlConnectionString)
+                    ? "Server={0};Database={1};Uid={2};Pwd={3};connection timeout=12000;pooling=true;charset=utf8;Convert Zero Datetime=True;port=3306;Allow User Variables=True;"
+                    : AppSQLEncryptConfig.Instance.TempMySqlConnectionString;
 
-                case DatabaseType.SqlServer:
-                    connectionString = $"data source={ip};initial catalog={database};user id={uid};password={pwd};connection timeout=12000;";
-                    break;
+                return string.Format(connectionString, ip, database, uid, pwd);
+            }
+            if (type == DatabaseType.SqlServer)
+            {
+                string connectionString = string.IsNullOrEmpty(AppSQLEncryptConfig.Instance.TempSqlServerConnectionString)
+                        ? "data source={0};initial catalog={1};user id={2};password={3};connection timeout=12000;"
+                        : AppSQLEncryptConfig.Instance.TempSqlServerConnectionString;
 
-                case DatabaseType.Oracle:
-                    connectionString = $"Password={pwd};User ID={uid};Connection Timeout=12000;Pooling=true;Data Source=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST={ip})(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME={database})));";
-                    break;
+                return string.Format(connectionString, ip, database, uid, pwd);
+            }
 
-                default:
-                    throw new Exception($"nonsupport {DatabaseType.MySql}");
+            if (type == DatabaseType.Oracle)
+            {
+                string connectionString = string.IsNullOrEmpty(AppSQLEncryptConfig.Instance.TempOracleConnectionString)
+                        ? "Password={3};User ID={2};Connection Timeout=12000;Pooling=true;Data Source=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST={0})(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME={1})));"
+                        : AppSQLEncryptConfig.Instance.TempOracleConnectionString;
+
+                return string.Format(connectionString, ip, database, uid, pwd);
             }
-            return connectionString;
+
+            return "";
         }
 
         /// <summary>

performance/Performance.Services/ExtractExcelService/ExtractPreConfigService.cs

@@ -3,6 +3,7 @@
 using Performance.DtoModels;
 using Performance.EntityModels;
 using Performance.Infrastructure;
+using Performance.Infrastructure.Helper;
 using Performance.Infrastructure.Models;
 using Performance.Repository;
 using System;
@@ -70,6 +71,8 @@ public bool CreateHospitalConfig(sys_hospitalconfig hospitalconfig)
                 || string.IsNullOrEmpty(hospitalconfig.DbUser) || string.IsNullOrEmpty(hospitalconfig.DbPassword))
                 throw new PerformanceException("配置信息不可为空");
 
+            hospitalconfig.DbPassword = (AppSQLEncryptConfig.Instance.IsEncryption) ? AESHelper.AESEncrypt(hospitalconfig.DbPassword) : hospitalconfig.DbPassword;
+
             var databases = EnumHelper.GetItems<DatabaseType>();
             if (!databases.Select(t => t.Value).Contains(hospitalconfig.DataBaseType))
                 throw new PerformanceException("数据库类型错误");
@@ -107,7 +110,7 @@ public bool UpdateHospitalConfig(sys_hospitalconfig hospitalconfig)
             entity.DbSource = hospitalconfig.DbSource;
             entity.DbName = hospitalconfig.DbName;
             entity.DbUser = hospitalconfig.DbUser;
-            entity.DbPassword = hospitalconfig.DbPassword;
+            entity.DbPassword = (AppSQLEncryptConfig.Instance.IsEncryption) ? AESHelper.AESEncrypt(hospitalconfig.DbPassword) : hospitalconfig.DbPassword;
 
             return hospitalconfigRepository.Update(entity);
         }