如何使用AES而不是3DES加密web.config [英] How to encrypt web.config with AES instead of 3DES

问题描述

我目前正在尝试使用aspnet_regiis来加密web.config文件.虽然它使用RSA加密密钥，但是用于加密web.config文件的加密方法是3DES，NIST不再建议使用该方法.因此，有人知道如何使用AES加密web.config文件吗?奖励，如果可以的话，我该如何设置密钥大小(例如128、256 ... 2048位)?

I am currently attempting to use aspnet_regiis to encrypt the web.config file. While it uses RSA to encrypt the key, the encryption methodology for encrypting the web.config file is 3DES, which NIST no longer recommends using. So, does anyone know how to encrypt the web.config file with AES? Bonus, if it is possible, how would I set the key size (e.g., 128, 256 ... 2048 bit)?

我检查了以下链接及其伴随的链接，但未成功:

I reviewed the following links and their attendant links without success:

从TripleDES更改Microsoft配置文件加密方法

RSACryptoServiceProvider和Web.config加密

推荐答案

默认情况下，asp.net提供两个提供程序:

By default, asp.net offer two providers:

RSAProtectedConfigurationProvider

RSAProtectedConfigurationProvider

DPAPIProtectedConfigurationProvider

DPAPIProtectedConfigurationProvider

如果不能再使用另一个，则必须实现自定义提供程序.

If you can't use another one, you must implement your custom provider.

然后，注册您的提供者:

And after that, register your provider:

<providers>
  <add keyContainerName="CustomKeys" 
           useMachineContainer="true"
           description="My custom provider"
           name="CustomProvider" type="MyApp.MyCustomProtectedConfigurationProvider" />
  </providers>

并使用它:

aspnet_regiis -pe "connectionStrings" -app "/MyApp" -prov "CustomProvider"

此链接提供了有关如何实现配置的示例提供者.

This link have an example with how to implement a Configuration Provider.

这篇关于如何使用AES而不是3DES加密web.config的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！