使用itemdatabound在转发器项目中解密

时间:2013-07-28 05:19:05

标签: c# asp.net encryption

我正在使用asp转发器显示图像,我希望对其进行加密,但我不知道每次转发器触发项目时如何解密

//client side <asp:Repeater ID="Repeater1" runat="server" OnItemCommand="Repeater1_ItemCommand" OnItemDataBound="Repeater1_ItemDataBound" >

`//server side
//decrypt method
private void DecryptFile(string inputFile, string outputFile)
    {

        {
            string password = @"myKey123"; // Your Key Here

            UnicodeEncoding UE = new UnicodeEncoding();
            byte[] key = UE.GetBytes(password);

            FileStream fsCrypt = new FileStream(inputFile, FileMode.Open);

            RijndaelManaged RMCrypto = new RijndaelManaged();

            CryptoStream cs = new CryptoStream(fsCrypt,
                RMCrypto.CreateDecryptor(key, key),
                CryptoStreamMode.Read);

            FileStream fsOut = new FileStream(outputFile, FileMode.Create);

            int data;
            while ((data = cs.ReadByte()) != -1)
                fsOut.WriteByte((byte)data);

            fsOut.Close();
            cs.Close();
            fsCrypt.Close();

        }
    }

`

protected void Repeater1_ItemDataBound(object source, RepeaterCommandEventArgs e)
        {
            if (e.CommandName =="openimage")
            {
                string[] commandArgs = e.CommandArgument.ToString().Split(new char[] { ',' });
                DecryptFile(commandArgs[0], commandArgs[0]);

            }
        }

当我尝试运行它时,它给了我错误CS0123:'Repeater1_ItemDataBound'没有重载匹配委托'System.Web.UI.WebControls.RepeaterItemEventHandler'

请帮助我,因为我是c#

的新手

2 个答案:

答案 0 :(得分:0)

事件处理程序上的方法签名不正确。您需要将RepeaterCommandEventArgs更改为 RepeaterItemEventArgs

protected void Repeater1_ItemDataBound(object source, RepeaterItemEventArgs e)
{
}

这将修复你的错误,但是你正在尝试做什么我不确定这是显示解密图像的好方法。我建议创建一个通用处理程序,通过传入id来动态解密您的图像,一旦id传递,您就可以解密并写出屏幕。

public class DisplayImage : IHttpHandler
{

    /// <summary>
    /// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler" /> interface.
    /// </summary>
    /// <param name="context">An <see cref="T:System.Web.HttpContext" /> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param>
    public void ProcessRequest(HttpContext context)
    {
        if (!this.HasAccess())
        {
            context.Response.End();
            return;
        }

        string requestFileName = context.Request.QueryString["FileName"];

        DecryptFile(requestFileName, context);
    }

    /// <summary>
    /// Gets a value indicating whether another request can use the <see cref="T:System.Web.IHttpHandler" /> instance.
    /// </summary>
    /// <value><c>true</c> if this instance is reusable; otherwise, <c>false</c>.</value>
    /// <returns>true if the <see cref="T:System.Web.IHttpHandler" /> instance is reusable; otherwise, false.</returns>
    public bool IsReusable
    {
        get
        {
            return false;
        }
    }

    /// <summary>
    /// Determines whether the user has access to display an image.
    /// </summary>
    /// <returns><c>true</c> if this instance has access; otherwise, <c>false</c>.</returns>
    private bool HasAccess()
    {
        // Check if user is logged in and has permissions
        // to do the decryption
        // use your own logic here
        return true;
    }

    /// <summary>
    /// Decrypts the file and outputs to the response buffer
    /// </summary>
    /// <param name="inputFile">The input file.</param>
    /// <param name="context">The context.</param>
    private void DecryptFile(string inputFile, HttpContext context)
    {
        if (PathTraversalCheck(inputFile))
        {
            context.Response.End();
            return;
        }

        // get the base directory
        inputFile = Path.Combine(ConfigurationManager.AppSettings["filedirectory"], inputFile);

        if (!File.Exists())
        {
            context.Response.End();
            return;
        }

        string password = @"myKey123"; // Your Key Here

        UnicodeEncoding UE = new UnicodeEncoding();
        byte[] key = UE.GetBytes(password);

        using (FileStream encryptedFile = new FileStream(inputFile, FileMode.Open))
        {
            RijndaelManaged rijndael = new RijndaelManaged();

            using (MemoryStream output = new MemoryStream())
            {
                using (CryptoStream cryptoStream = new CryptoStream(encryptedFile, rijndael.CreateDecryptor(key, key), CryptoStreamMode.Read))
                {
                    // write to the memory stream
                    var buffer = new byte[1024];
                    var read = cryptoStream.Read(buffer, 0, buffer.Length);
                    while (read > 0)
                    {
                        output.Write(buffer, 0, read);
                        read = cryptoStream.Read(buffer, 0, buffer.Length);
                    }

                    cryptoStream.Flush();

                    // output to the response buffer
                    context.Response.ContentType = "image/jpeg";
                    context.Response.BinaryWrite(output.ToArray());
                }
            }

        }
    }

    /// <summary>
    /// Checks for a path traversal attack
    /// </summary>
    /// <param name="inputFile">The input file.</param>
    /// <returns>System.String.</returns>
    private bool PathTraversalCheck(string inputFile)
    {
        if (inputFile.Contains(".") || inputFile.Contains('\\') || inputFile.Contains('/'))
        {
            return true;
        }

        return false;
    }
}

在你的转发器中,你只需要将带有src的img标签设置为处理程序。

<ItemTemplate>
    <img src="DisplayImage.ashx?FIleName=<%# DataBinder.Eval(Container.DataItem, "FileName" )%>" />
</ItemTemplate>

我还会改变其他的东西是我不会将我的密钥存储在源代码中,通过反编译dll可以轻松读取。相反,您应该将其存储在web.config中并加密web.config。请查看http://msdn.microsoft.com/library/dtkwfdky.aspx以获取相关说明。

答案 1 :(得分:0)

您需要更正转发器事件:

void Repeater1_ItemDataBound(Object Sender, RepeaterItemEventArgs e) {

}

此外,为了处理转发器内的事件,您应该将代码移动到Repeater1__ItemCommand事件。

void Repeater1__ItemCommand(Object Sender, RepeaterCommandEventArgs e) {       
        if (e.CommandName =="openimage")
        {
            string[] commandArgs = e.CommandArgument.ToString().Split(new char[] { ',' });
            DecryptFile(commandArgs[0], commandArgs[0]);

        }
}