详解C#App.config和Web.config加密

打开cmd，进入vs安装目录C:\Windows\Microsoft.NET\Framework64\v4.0.30319

?

cd C:\Windows\Microsoft.NET\Framework64\v4.0.30319

如果是Web.config就直接加密，是App.config就先改为Web.config才可以进行加密

?

aspnet_regiis -pef "节点" "项目路径"

例如：

需要加密的App.config数据库连接字符串为

?

<connectionStrings>

  <add name= "connStr" connectionString= "Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" />

  </connectionStrings>

加密命令为

?

aspnet_regiis -pef "connectionStrings" "Web.config所在目录"

如加密失败

解决方案：

创建一个可导出的rsa密钥容器，命名为Key

?

aspnet_regiis -pc "Key" -exp

将Web.cofig/App.config的configuration增加属性值xmlns，即改为

?

< configuration xmlns = "http://schemas.microsoft测试数据/.NetConfiguration/v2.0" >

将数据库连接字符串改为以下：

?

<configProtectedData>

   <providers>

    <clear />

    <add name= "KeyProvider" type= "System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName= "Key" useMachineContainer= "true" />

   </providers>

</configProtectedData>

<connectionStrings>

   <add name= "connStr" connectionString= "Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName= "System.Data.SqlClient" />

</connectionStrings>

开始对配置文件进行加密

?

aspnet_regiis -pef "connectionStrings" "Web.config所在目录" -prov "KeyProvider"

注意：vs会提示是否修改，选择全是

解密配置文件

?

aspnet_regiis -pdf "connectionStrings" "Web.config所在目录"

如果是App.config改成的Web.config，加密成功之后再改为App.config，并删除configuration的属性xmlns值

未加密的Web.config/App.config文件内容：

?

<? xml version = "1.0" encoding = "utf-8" ?>

< configuration >

   < startup >

     < supportedRuntime version = "v4.0" sku = ".NETFramework,Version=v4.5.2" />

   </ startup >

  < connectionStrings >

   < add name = "connStr" connectionString = "Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" />

  </ connectionStrings >

</ configuration >

修改为加密后的Web.config/App.config文件内容：

?

<? xml version = "1.0" encoding = "utf-8" ?>

< configuration xmlns = "http://schemas.microsoft测试数据/.NetConfiguration/v2.0" >

  < startup >

     < supportedRuntime version = "v4.0" sku = ".NETFramework,Version=v4.5.2" />

   </ startup >

  < configProtectedData >

     < providers >

       < clear />

       < add name = "KeyProvider" type = "System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName = "Key" useMachineContainer = "true" />

     </ providers >

</ configProtectedData >

< connectionStrings >

     < add name = "connStr" connectionString = "Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName = "System.Data.SqlClient" />

</ connectionStrings >

</ configuration >

加密后的Web.config/App.config文件内容：

?

<? xml version = "1.0" encoding = "utf-8" ?>

< configuration xmlns = "http://schemas.microsoft测试数据/.NetConfiguration/v2.0" >

  < startup >

     < supportedRuntime version = "v4.0" sku = ".NETFramework,Version=v4.5.2" />

   </ startup >

  < configProtectedData >

     < providers >

       < clear />

       < add name = "KeyProvider" type = "System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName = "Key" useMachineContainer = "true" />

     </ providers >

</ configProtectedData >

< connectionStrings configProtectionProvider = "KeyProvider" >

  < EncryptedData Type = "http://HdhCmsTestw3.org/2001/04/xmlenc#Element"

   xmlns = "http://HdhCmsTestw3.org/2001/04/xmlenc#" >

   < EncryptionMethod Algorithm = "http://HdhCmsTestw3.org/2001/04/xmlenc#tripledes-cbc" />

   < KeyInfo xmlns = "http://HdhCmsTestw3.org/2000/09/xmldsig#" >

    < EncryptedKey xmlns = "http://HdhCmsTestw3.org/2001/04/xmlenc#" >

     < EncryptionMethod Algorithm = "http://HdhCmsTestw3.org/2001/04/xmlenc#rsa-1_5" />

     < KeyInfo xmlns = "http://HdhCmsTestw3.org/2000/09/xmldsig#" >

      < KeyName >Rsa Key</ KeyName >

     </ KeyInfo >

     < CipherData >

      < CipherValue >lSLu2RVnlfr5om5MpBuqyhBETF6dI/glZ3zlfOQvzj+l1YmsOcfGVC1LgrDFcPLEbF/r1IZZYVnQuesz3AeVUkpNCG2OfMWDeaPULtJ5Ay24SYnBR4FNtQQSf1pijelXRGE8pzH7s49RLsKWQuwVTyMrOUoIMcmD4xIPmN/cqpQ=</ CipherValue >

     </ CipherData >

    </ EncryptedKey >

   </ KeyInfo >

   < CipherData >

    < CipherValue >deXEhu/mqe+WkD51qXhi9jwBhEurU6EQXBQINOGOyDgpw/W4xTpi3DtTDcEzJXbaHvyKaXLfkPxxljce07ANtN7VXRfDov0Olsq/3+hkYqVXRI5A80XVkOKh2CQaVWx/GJC7JBbbRlKXJvS93M+OQWGKpW0twcZlL1ns97g5w8QstGN6vszAiZw1z6gKXlsrMf9224ExGq+dGJS9BSU+mxaKkd9EAVELMtWv2r7jIXsEneggDR49Mtdu91j1dsDj6am3NcaHmRQ=</ CipherValue >

   </ CipherData >

  </ EncryptedData >

</ connectionStrings >

</ configuration >

导出密钥容器

?

spnet_regiis -px "Key" "d:\Key.xml"

注意：加上-pri参数为导出公钥+私钥

导入密钥容器

?

aspnet_regiis -pi "Key" "d:\Key.xml"

删除密钥容器

?

aspnet_regiis -pz "Key"

注意：删除密钥程序会报错

原文链接：https://HdhCmsTestidaobin测试数据/archives/1201.html

dy("nrwz");

查看更多关于详解C#App.config和Web.config加密的详细内容...