如何在ASP.NET Core 2.0中实现machineKey [英] How to implement machineKey in ASP.NET Core 2.0

问题描述

在ASP.NET(不是核心)中，我通常会在web.config中添加一个machineKey，以便可以在本地计算机而不是服务器上执行某些功能，以便数据库/回调操作将使用相同的密钥.例如

In ASP.NET (not core) I would normally add a machineKey to the web.config so that I could perform some functions on a local machine instead of the server so that database/callback operations would use the same key. Eg

<system.web>
  <machineKey validationKey="*********" 
              decryptionKey="*********" 
              validation="HMACSHA256" 
              decryption="AES" />
</system.web>

请问有人可以在ASP.NET Core 2.0中做到这一点吗?

Please can someone advise how this can be done in ASP.NET Core 2.0?

推荐答案

您需要使用

ASP.NET Core数据保护堆栈为开发人员提供了一种简单易用的加密API，开发人员可以使用它来保护数据，包括密钥管理和轮换.

The ASP.NET Core data protection stack provide a simple, easy to use cryptographic API a developer can use to protect data, including key management and rotation.

可以在官方 DataProtection存储库中找到示例.

Samples could be found in official DataProtection repo.

顺便说一句，相同的方法也可以用于ASP.NET:

The same approach, by the way, works with ASP.NET: Replacing <machineKey> in ASP.NET

数据保护系统基于两个核心概念-数据保护提供程序(由IDataProtectionProvider接口表示)，用于通过CreateProtector方法创建数据保护器(由接口表示) .数据保护器用于加密和解密数据.

The data protection system is built upon two core concepts - a data protection provider (represented by the IDataProtectionProvider interface), which is used to create a data protector (represented by the IDataProtector interface) by CreateProtector method. The data protector is used to encrypt and decrypt data.

要将IDataProtectionProvider注册到DI中，请使用.AddDataProtection方法:

To register IDataProtectionProvider into DI use .AddDataProtection method:

public void ConfigureServices(IServiceCollection services)
{
    // Adds data protection services
    services.AddDataProtection();
    ...
}

这篇关于如何在ASP.NET Core 2.0中实现machineKey的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！