如何加密在web.config中的一个条目 [英] How to encrypt one entry in web.config

问题描述

ASP.NET 4

我用 RSA密钥加密以连接字符串在web.config中上我的网络农场。然而，有，我想加密一个更多的自定义输入密码。我应该如何使用RSA密钥加密，而无需其余的配置被加密。请指教，谢谢。

例如：

 ＆LT;＆的appSettings GT;
        ...
    ＆LT;添加键=主机值=www.foo.com/＆GT;
    ＆LT;添加键=令牌VALUE =qwerqwre/＆GT;
    ＆LT;添加键=ACCOUNTIDVALUE =123/＆GT;
    ＆LT;添加键=的DepartmentIDVALUE =456/＆GT;
    ＆LT;添加键=密码值=asdfasdf/＆GT;
    ＆LT;添加键=SessionEmailVALUE =foo@foo.com/＆GT;
    ＆LT;添加键=DefaultFolderVALUE =789/＆GT;
  ＆LT; /的appSettings＆GT;
 

解决方案

您可以把密码到单独的部分，只有加密这个部分。例如：

 ＆LT;？XML版本=1.0编码=UTF-8＆GT？;
＆LT;结构＆gt;
    ＆LT; configSections＆GT;
        ＆lt;节名称=secureAppSettingsTYPE =System.Configuration.NameValueSectionHandler，系统，版本= 4.0.0.0，文化=中性公钥= b77a5c561934e089/＆GT;
    ＆LT; / configSections＆GT;    ＆LT;＆的appSettings GT;
        ＆LT;添加键=主机值=www.foo.com/＆GT;
        ＆LT;添加键=令牌VALUE =qwerqwre/＆GT;
        ＆LT;添加键=ACCOUNTIDVALUE =123/＆GT;
        ＆LT;添加键=的DepartmentIDVALUE =456/＆GT;
        ＆LT;添加键=SessionEmailVALUE =foo@foo.com/＆GT;
        ＆LT;添加键=DefaultFolderVALUE =789/＆GT;
    ＆LT; /的appSettings＆GT;    ＆LT; secureAppSettings＆GT;
        ＆LT;添加键=密码值=asdfasdf/＆GT;
    ＆LT; / secureAppSettings＆GT;
＆LT; /结构＆gt;
 

和则（注意，我在我的例子使用DPAPI所以适应了RSA提供者）：

 为aspnet_regiis -pef secureAppSettings。 -prov DataProtectionConfigurationProvider
 

在加密的文件将是这样的：

 ＆LT;？XML版本=1.0编码=UTF-8＆GT？;
＆LT;结构＆gt;
    ＆LT; configSections＆GT;
        ＆lt;节名称=secureAppSettingsTYPE =System.Configuration.NameValueSectionHandler，系统，版本= 4.0.0.0，文化=中性公钥= b77a5c561934e089/＆GT;
    ＆LT; / configSections＆GT;    ＆LT;＆的appSettings GT;
        ＆LT;添加键=主机值=www.foo.com/＆GT;
        ＆LT;添加键=令牌VALUE =qwerqwre/＆GT;
        ＆LT;添加键=ACCOUNTIDVALUE =123/＆GT;
        ＆LT;添加键=的DepartmentIDVALUE =456/＆GT;
        ＆LT;添加键=SessionEmailVALUE =foo@foo.com/＆GT;
        ＆LT;添加键=DefaultFolderVALUE =789/＆GT;
    ＆LT; /的appSettings＆GT;    ＆LT; secureAppSettings configProtectionProvider =DataProtectionConfigurationProvider＆GT;
        ＆LT;＆的EncryptedData GT;
            ＆LT;＆的CipherData GT;
                ＆LT;＆的CipherValue GT; AQAAANCMnd .......＆LT; /＆的CipherValue GT;
            ＆LT; /＆的CipherData GT;
        ＆LT; /＆的EncryptedData GT;
    ＆LT; / secureAppSettings＆GT;
＆LT; /结构＆gt;
 

一旦文件被加密，你会访问你的应用这些设置的方式仍然是相同的，完全透明的：

  VAR主机= ConfigurationManager.AppSettings [主机];
VAR密码= ConfigurationManager.AppSettings [密码];
 

ASP.NET 4

I've used RSA key encryption for connection strings in web.config on my web farm. However, there's one more custom password entry that I'd like to encrypt. How should I encrypt it with RSA key without having the rest configurations being encrypted. Please advise, thanks.

Example:

  <appSettings>
        ...
    <add key="Host" value="www.foo.com" />
    <add key="Token" value="qwerqwre" />
    <add key="AccountId" value="123" />
    <add key="DepartmentId" value="456" />
    <add key="Password" value="asdfasdf" />
    <add key="SessionEmail" value="foo@foo.com" />
    <add key="DefaultFolder" value="789" />
  </appSettings>

解决方案

You could put the password into a separate section and encrypt this section only. For example:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </configSections>

    <appSettings>
        <add key="Host" value="www.foo.com" />
        <add key="Token" value="qwerqwre" />
        <add key="AccountId" value="123" />
        <add key="DepartmentId" value="456" />
        <add key="SessionEmail" value="foo@foo.com" />
        <add key="DefaultFolder" value="789" />  
    </appSettings>

    <secureAppSettings>
        <add key="Password" value="asdfasdf" />
    </secureAppSettings>  
</configuration>

and then (note that I am using DPAPI in my example so adapt the provider for RSA):

aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider

Once encrypted the file will look like this:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </configSections>

    <appSettings>
        <add key="Host" value="www.foo.com" />
        <add key="Token" value="qwerqwre" />
        <add key="AccountId" value="123" />
        <add key="DepartmentId" value="456" />
        <add key="SessionEmail" value="foo@foo.com" />
        <add key="DefaultFolder" value="789" />  
    </appSettings>

    <secureAppSettings configProtectionProvider="DataProtectionConfigurationProvider">
        <EncryptedData>
            <CipherData>
                <CipherValue>AQAAANCMnd.......</CipherValue>
            </CipherData>
        </EncryptedData>
    </secureAppSettings>  
</configuration>

The way you would access those settings in your application once the file is encrypted is still the same and completely transparent:

var host = ConfigurationManager.AppSettings["Host"];
var password = ConfigurationManager.AppSettings["Password"];

这篇关于如何加密在web.config中的一个条目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！