詳解C#App.config和Web.config加密

2019-10-29 21:02:20

字體：大中小

供稿：網(wǎng)友

打開cmd，進(jìn)入vs安裝目錄C:/Windows/Microsoft.NET/Framework64/v4.0.30319

cd C:/Windows/Microsoft.NET/Framework64/v4.0.30319

如果是Web.config就直接加密，是App.config就先改為Web.config才可以進(jìn)行加密

aspnet_regiis -pef "節(jié)點(diǎn)" "項(xiàng)目路徑"

例如：

需要加密的App.config數(shù)據(jù)庫(kù)連接字符串為

<connectionStrings> <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" /> </connectionStrings>

加密命令為

aspnet_regiis -pef "connectionStrings" "Web.config所在目錄"

如加密失敗

解決方案：

創(chuàng)建一個(gè)可導(dǎo)出的rsa密鑰容器，命名為Key

aspnet_regiis -pc "Key" -exp

將Web.cofig/App.config的configuration增加屬性值xmlns，即改為

<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">

將數(shù)據(jù)庫(kù)連接字符串改為以下：

 <configProtectedData>   <providers>    <clear />    <add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/>   </providers> </configProtectedData> <connectionStrings>   <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName="System.Data.SqlClient" /> </connectionStrings>

開始對(duì)配置文件進(jìn)行加密

aspnet_regiis -pef "connectionStrings" "Web.config所在目錄" -prov "KeyProvider"

注意：vs會(huì)提示是否修改，選擇全是

解密配置文件

aspnet_regiis -pdf "connectionStrings" "Web.config所在目錄"

如果是App.config改成的Web.config，加密成功之后再改為App.config，并刪除configuration的屬性xmlns值

未加密的Web.config/App.config文件內(nèi)容：

<?xml version="1.0" encoding="utf-8" ?><configuration>  <startup>     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />  </startup> <connectionStrings>  <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" /> </connectionStrings></configuration>

修改為加密后的Web.config/App.config文件內(nèi)容：

<?xml version="1.0" encoding="utf-8" ?><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <startup>     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />  </startup> <configProtectedData>     <providers>       <clear />       <add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/>     </providers> </configProtectedData> <connectionStrings>     <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName="System.Data.SqlClient" /> </connectionStrings></configuration>

加密后的Web.config/App.config文件內(nèi)容：

<?xml version="1.0" encoding="utf-8" ?><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <startup>     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />  </startup> <configProtectedData>     <providers>       <clear />       <add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/>     </providers> </configProtectedData> <connectionStrings configProtectionProvider="KeyProvider"> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"  xmlns="http://www.w3.org/2001/04/xmlenc#">  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">   <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">     <KeyName>Rsa Key</KeyName>    </KeyInfo>    <CipherData>     <CipherValue>lSLu2RVnlfr5om5MpBuqyhBETF6dI/glZ3zlfOQvzj+l1YmsOcfGVC1LgrDFcPLEbF/r1IZZYVnQuesz3AeVUkpNCG2OfMWDeaPULtJ5Ay24SYnBR4FNtQQSf1pijelXRGE8pzH7s49RLsKWQuwVTyMrOUoIMcmD4xIPmN/cqpQ=</CipherValue>    </CipherData>   </EncryptedKey>  </KeyInfo>  <CipherData>   <CipherValue>deXEhu/mqe+WkD51qXhi9jwBhEurU6EQXBQINOGOyDgpw/W4xTpi3DtTDcEzJXbaHvyKaXLfkPxxljce07ANtN7VXRfDov0Olsq/3+hkYqVXRI5A80XVkOKh2CQaVWx/GJC7JBbbRlKXJvS93M+OQWGKpW0twcZlL1ns97g5w8QstGN6vszAiZw1z6gKXlsrMf9224ExGq+dGJS9BSU+mxaKkd9EAVELMtWv2r7jIXsEneggDR49Mtdu91j1dsDj6am3NcaHmRQ=</CipherValue>  </CipherData> </EncryptedData></connectionStrings></configuration>

導(dǎo)出密鑰容器