使用自定义类型EncryptedString和隐式字符串转换 ，然后最终是从Azure KeyVault(对我来说是全新的蠕虫病毒))和EncryptionProvider 确定性加密以进行搜索. AesThenHmac来自此流行的帖子.我可以在当前的实现中很好地存储和检索数据.但是，为了搜索SSN，我需要确定性加密，而该库没有提供这种加密. 解决方案我的解决方案:型号:public class Patient{ //comes from the client as XXXXXXXXX, RegEx: "([0-9]{9})" public EncryptedString SocialSecurityNumber { get; set; } }自定义类型:public class EncryptedString{ private readonly string _value; public EncryptedString(string value) { _value = value; } public static implicit operator string(EncryptedString s) { return s._value; } public static implicit operator EncryptedString(string value) { if (value == null) return null; return new EncryptedString(value); }}序列化器(使用确定性加密):public interface IEncryptedStringSerializer : IBsonSerializer<EncryptedString> {} public class EncryptedStringSerializer : SerializerBase<EncryptedString>, IEncryptedStringSerializer{ private readonly IDeterministicEncrypter _encrypter; private readonly string _encryptionKey; public EncryptedStringSerializer(IConfiguration configuration, IDeterministicEncrypter encrypter) { _encrypter = encrypter; _encryptionKey = configuration.GetSection("MongoDb")["EncryptionKey"]; } public override EncryptedString Deserialize(BsonDeserializationContext context, BsonDeserializationArgs args) { var encryptedString = context.Reader.ReadString(); return _encrypter.DecryptStringWithPassword(encryptedString, _encryptionKey); } public override void Serialize(BsonSerializationContext context, BsonSerializationArgs args, EncryptedString value) { var encryptedString = _encrypter.EncryptStringWithPassword(value, _encryptionKey); context.Writer.WriteString(encryptedString); }}注册序列化器:collection.AddScoped<IEncryptedStringSerializer, EncryptedStringSerializer>();//then later...BsonSerializer.RegisterSerializer<EncryptedString>(sp.GetService<IEncryptedStringSerializer>());Just going to lay out all the info i have:In short, I am looking for something exactly (literally) like this but compatible with ASP Core (2.2) and the C# MongoDB Driver (2.7). This seems like such a common requirement, I am very surprised i can't find anything already built.Here is what i have so far:Model:public class Patient{ //comes from the client as XXXXXXXXX, RegEx: "([0-9]{9})" //[MongoEncrypt] public EncryptedString SocialSecurityNumber { get; set; } }Custom Serializer:public interface IMongoEncryptSerializer : IBsonSerializer<EncryptedString>{ }public class MongoEncryptSerializer : SerializerBase<EncryptedString>, IMongoEncryptSerializer{ private readonly string _encryptionKey; public MongoEncryptSerializer(IConfiguration configuration) { _encryptionKey = configuration.GetSection("MongoDb")["EncryptionKey"]; } public override EncryptedString Deserialize(BsonDeserializationContext context, BsonDeserializationArgs args) { var encryptedString = context.Reader.ReadString(); return AesThenHmac.SimpleDecryptWithPassword(encryptedString, _encryptionKey); } public override void Serialize(BsonSerializationContext context, BsonSerializationArgs args, EncryptedString value) { var encryptedString = AesThenHmac.SimpleEncryptWithPassword(value, _encryptionKey); context.Writer.WriteString(encryptedString); }}Open Items:Went with a custom type,EncryptedString, with implicit string conversion and then ultimately from Azure KeyVault (whole new can of worms for me)) and the EncryptionProviderdeterministic encryption for searching. AesThenHmac comes from this popular post. I can store and retrieve data back fine in its current implementation. But in order to search for SSNs, I need deterministic encryption which this lib does not provide. 解决方案 My Solution:Model:public class Patient{ //comes from the client as XXXXXXXXX, RegEx: "([0-9]{9})" public EncryptedString SocialSecurityNumber { get; set; } }Custom Type:public class EncryptedString{ private readonly string _value; public EncryptedString(string value) { _value = value; } public static implicit operator string(EncryptedString s) { return s._value; } public static implicit operator EncryptedString(string value) { if (value == null) return null; return new EncryptedString(value); }}Serializer(using Deterministic Encryption):public interface IEncryptedStringSerializer : IBsonSerializer<EncryptedString> {} public class EncryptedStringSerializer : SerializerBase<EncryptedString>, IEncryptedStringSerializer{ private readonly IDeterministicEncrypter _encrypter; private readonly string _encryptionKey; public EncryptedStringSerializer(IConfiguration configuration, IDeterministicEncrypter encrypter) { _encrypter = encrypter; _encryptionKey = configuration.GetSection("MongoDb")["EncryptionKey"]; } public override EncryptedString Deserialize(BsonDeserializationContext context, BsonDeserializationArgs args) { var encryptedString = context.Reader.ReadString(); return _encrypter.DecryptStringWithPassword(encryptedString, _encryptionKey); } public override void Serialize(BsonSerializationContext context, BsonSerializationArgs args, EncryptedString value) { var encryptedString = _encrypter.EncryptStringWithPassword(value, _encryptionKey); context.Writer.WriteString(encryptedString); }}Registering the serializer:collection.AddScoped<IEncryptedStringSerializer, EncryptedStringSerializer>();//then later...BsonSerializer.RegisterSerializer<EncryptedString>(sp.GetService<IEncryptedStringSerializer>()); 这篇关于在写入/读取到C#mongo db时加密/解密属性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！