详解C#App.config和Web.config加密

程序员文章站 2023-12-18 14:30:16

打开cmd，进入vs安装目录c:\windows\microsoft.net\framework64\v4.0.30319 cd c:\windows\micro...

打开cmd，进入vs安装目录c:\windows\microsoft.net\framework64\v4.0.30319

cd c:\windows\microsoft.net\framework64\v4.0.30319

如果是web.config就直接加密，是app.config就先改为web.config才可以进行加密

aspnet_regiis -pef "节点" "项目路径"

例如：

需要加密的app.config数据库连接字符串为

<connectionstrings>
 <add name="connstr" connectionstring="data source=.;initial catalog=testdb;user id=sa;password=123456" />
 </connectionstrings>

加密命令为

aspnet_regiis -pef "connectionstrings" "web.config所在目录"

如加密失败

解决方案：

创建一个可导出的rsa密钥容器，命名为key

aspnet_regiis -pc "key" -exp

将web.cofig/app.config的configuration增加属性值xmlns，即改为

<configuration xmlns="http://schemas.microsoft.com/.netconfiguration/v2.0">

将数据库连接字符串改为以下：

 <configprotecteddata> 
  <providers> 
   <clear /> 
   <add name="keyprovider" type="system.configuration.rsaprotectedconfigurationprovider, system.configuration, version=2.0.0.0,culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil" keycontainername="key" usemachinecontainer="true"/> 
  </providers> 
</configprotecteddata> 
<connectionstrings> 
  <add name="connstr" connectionstring="data source=.;initial catalog=testdb;user id=sa;password=123456;" providername="system.data.sqlclient" /> 
</connectionstrings>

开始对配置文件进行加密

aspnet_regiis -pef "connectionstrings" "web.config所在目录" -prov "keyprovider"

注意：vs会提示是否修改，选择全是

解密配置文件

aspnet_regiis -pdf "connectionstrings" "web.config所在目录"

如果是app.config改成的web.config，加密成功之后再改为app.config，并删除configuration的属性xmlns值

未加密的web.config/app.config文件内容：

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <startup> 
    <supportedruntime version="v4.0" sku=".netframework,version=v4.5.2" />
  </startup>
 <connectionstrings>
  <add name="connstr" connectionstring="data source=.;initial catalog=testdb;user id=sa;password=123456" />
 </connectionstrings>
</configuration>

修改为加密后的web.config/app.config文件内容：

<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns="http://schemas.microsoft.com/.netconfiguration/v2.0">
 <startup> 
    <supportedruntime version="v4.0" sku=".netframework,version=v4.5.2" />
  </startup>
 <configprotecteddata> 
    <providers> 
      <clear /> 
      <add name="keyprovider" type="system.configuration.rsaprotectedconfigurationprovider, system.configuration, version=2.0.0.0,culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil" keycontainername="key" usemachinecontainer="true"/> 
    </providers> 
</configprotecteddata> 
<connectionstrings> 
    <add name="connstr" connectionstring="data source=.;initial catalog=testdb;user id=sa;password=123456;" providername="system.data.sqlclient" /> 
</connectionstrings>
</configuration>

加密后的web.config/app.config文件内容：

<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns="http://schemas.microsoft.com/.netconfiguration/v2.0">
 <startup> 
    <supportedruntime version="v4.0" sku=".netframework,version=v4.5.2" />
  </startup>
 <configprotecteddata> 
    <providers> 
      <clear /> 
      <add name="keyprovider" type="system.configuration.rsaprotectedconfigurationprovider, system.configuration, version=2.0.0.0,culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil" keycontainername="key" usemachinecontainer="true"/> 
    </providers> 
</configprotecteddata> 
<connectionstrings configprotectionprovider="keyprovider">
 <encrypteddata type="http://www.w3.org/2001/04/xmlenc#element"
  xmlns="http://www.w3.org/2001/04/xmlenc#">
  <encryptionmethod algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
  <keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
   <encryptedkey xmlns="http://www.w3.org/2001/04/xmlenc#">
    <encryptionmethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
    <keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
     <keyname>rsa key</keyname>
    </keyinfo>
    <cipherdata>
     <ciphervalue>lslu2rvnlfr5om5mpbuqyhbetf6di/glz3zlfoqvzj+l1ymsocfgvc1lgrdfcplebf/r1izzyvnquesz3aevukpncg2ofmwdeapultj5ay24synbr4fntqqsf1pijelxrge8pzh7s49rlskwquwvtymrouoimcmd4xipmn/cqpq=</ciphervalue>
    </cipherdata>
   </encryptedkey>
  </keyinfo>
  <cipherdata>
   <ciphervalue>dexehu/mqe+wkd51qxhi9jwbheuru6eqxbqinogoydgpw/w4xtpi3dttdcezjxbahvykaxlfkpxxljce07antn7vxrfdov0olsq/3+hkyqvxri5a80xvkokh2cqavwx/gjc7jbbbrlkxjvs93m+oqwgkpw0twczll1ns97g5w8qstgn6vszaizw1z6gkxlsrmf9224exgq+dgjs9bsu+mxakkd9eavelmtwv2r7jixseneggdr49mtdu91j1dsdj6am3ncahmrq=</ciphervalue>
  </cipherdata>
 </encrypteddata>
</connectionstrings>
</configuration>

导出密钥容器

spnet_regiis -px "key" "d:\key.xml"

注意：加上-pri参数为导出公钥+私钥

导入密钥容器

aspnet_regiis -pi "key" "d:\key.xml"

删除密钥容器

aspnet_regiis -pz "key"

注意：删除密钥程序会报错

详解C#App.config和Web.config加密

详解C#App.config和Web.config加密

同时兼容JS和C#的RSA加密解密算法详解（对web提交的数据加密传输）

详解C#App.config和Web.config加密

Flask框架中密码的加盐哈希加密和验证功能的用法详解

同时兼容JS和C#的RSA加密解密算法详解（对web提交的数据加密传输）

PHP和C#可共用的可逆加密算法详解

Flask框架中密码的加盐哈希加密和验证功能的用法详解

Win10系统加密磁盘和锁定磁盘的操作方法详解

PHP和C#可共用的可逆加密算法详解

PHP和C#可共用的可逆加密算法详解_PHP