如何加密 web.config 中的一个条目 [英] How to encrypt one entry in web.config

问题描述

ASP.NET 4

我已经将 RSA 密钥加密用于 web.config 上的连接字符串我的网络农场.但是，还有一个我想加密的自定义密码条目.我应该如何在不加密其余配置的情况下使用 RSA 密钥对其进行加密.请指教，谢谢.

I've used RSA key encryption for connection strings in web.config on my web farm. However, there's one more custom password entry that I'd like to encrypt. How should I encrypt it with RSA key without having the rest configurations being encrypted. Please advise, thanks.

示例:

  <appSettings>
        ...
    <add key="Host" value="www.foo.com" />
    <add key="Token" value="qwerqwre" />
    <add key="AccountId" value="123" />
    <add key="DepartmentId" value="456" />
    <add key="Password" value="asdfasdf" />
    <add key="SessionEmail" value="foo@foo.com" />
    <add key="DefaultFolder" value="789" />
  </appSettings>

推荐答案

你可以把密码放在一个单独的部分，只加密这个部分.例如:

You could put the password into a separate section and encrypt this section only. For example:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </configSections>

    <appSettings>
        <add key="Host" value="www.foo.com" />
        <add key="Token" value="qwerqwre" />
        <add key="AccountId" value="123" />
        <add key="DepartmentId" value="456" />
        <add key="SessionEmail" value="foo@foo.com" />
        <add key="DefaultFolder" value="789" />  
    </appSettings>

    <secureAppSettings>
        <add key="Password" value="asdfasdf" />
    </secureAppSettings>  
</configuration>

然后(请注意，我在示例中使用了 DPAPI，因此将提供程序调整为 RSA):

and then (note that I am using DPAPI in my example so adapt the provider for RSA):

aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider

加密后的文件将如下所示:

Once encrypted the file will look like this:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </configSections>

    <appSettings>
        <add key="Host" value="www.foo.com" />
        <add key="Token" value="qwerqwre" />
        <add key="AccountId" value="123" />
        <add key="DepartmentId" value="456" />
        <add key="SessionEmail" value="foo@foo.com" />
        <add key="DefaultFolder" value="789" />  
    </appSettings>

    <secureAppSettings configProtectionProvider="DataProtectionConfigurationProvider">
        <EncryptedData>
            <CipherData>
                <CipherValue>AQAAANCMnd.......</CipherValue>
            </CipherData>
        </EncryptedData>
    </secureAppSettings>  
</configuration>

文件加密后，您在应用程序中访问这些设置的方式仍然相同且完全透明:

The way you would access those settings in your application once the file is encrypted is still the same and completely transparent:

var host = ConfigurationManager.AppSettings["Host"];
var password = ConfigurationManager.AppSettings["Password"];

这篇关于如何加密 web.config 中的一个条目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！