在服务器上安全地加密/解密appsettings.json [英] Securely encrypting / decrypting appsettings.json on server

查看:237
本文介绍了在服务器上安全地加密/解密appsettings.json的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何保护Web应用程序 appsettings.json 中用于加密敏感数据的加密密钥?

How do I protect the encryption key used to encrypt sensitive data in my web application's appsettings.json?

我想在Web应用程序的配置中保护敏感数据.

I would like to protect sensitive data in my web application's config.

在ASP.NET MVC4应用程序中,我们这样做是这样的:

In ASP.NET MVC4 applications we did it like this:

  1. 敏感数据(例如,连接字符串中的密码)没有直接添加到 web.config (或 web.prod.config 等)中,而是一个占位符变量是写的.
  2. 在部署时,我们的部署服务(Octopus)将从其安全存储中检索敏感数据,并覆盖 web.config 中的变量.
  3. 然后,部署过程将使用 aspnet_regiis.exe 加密web.config的敏感部分.
  1. Sensitive data (e.g. password in a connection string) is not added directly to web.config (or web.prod.config etc.), instead a placeholder variable is written.
  2. At deployment time, our deployment service (Octopus) would retrieve sensitive data from its secure storage and overwrite the variable in the web.config.
  3. The deployment process would then encrypt sensitive sections of the web.config using aspnet_regiis.exe.

现在我们正在使用ASP.NET Core,我们遵循的过程有些不同.

Now we are using ASP.NET Core the process we are following is a bit different.

  1. appsettings.json 保存敏感数据的占位符变量,类似于web.config以前的工作方式.
  2. 部署过程像以前一样用安全存储中的敏感数据替换占位符.

  3. 我相信我需要:

  1. appsettings.json holds the placeholder variables for sensitive data, similar to how web.config worked before.
  2. Deployment process substitutes placeholders with sensitive data from it's secure store as before.

  3. Instead of using aspnet_regiis, I believe I need to:

a)制作自己的自定义工具来加密 appsettings.json 文件的部分.

a) make my own custom tool to encrypt parts of the appsettings.json file.

b)制作一个自定义配置提供程序,该提供程序可以解密(<全部>部分) appsettings.json

b) make a custom configuration provider that can decrypt (all / parts of) the appsettings.json

我不了解如何保护用于(a)和(b)的加密密钥.旧方法利用服务器的机器密钥来加密文件.

What I don't understand is how to protect the encryption key used for (a) and (b). The old way leveraged the server's machine key to encrypt the file.

我要缓解的威胁是有人可以访问服务器上的 appsettings.json 并从中读取敏感数据(例如数据库密码等)

The threat I am trying to mitigate is someone gaining access to the appsettings.json on the server and reading sensitive data out of it (e.g. database password etc.)

我还以其他方式来减轻这种方法带来的威胁和/或其他问题.

I am also intrested in alternative ways to mitigate this threat and/or other problems with this approach in general.

推荐答案

似乎您对方式"不感兴趣,但是对ASP.NET Core支持的推荐方法不感兴趣.尽管此处的其他答案已提到Azure KeyVault是敏感信息的良好存储,但它不是存储它的方法,而是实际存储.ASP.NET Core支持可覆盖配置的概念.即,可以在配置系统中注册多个配置提供者,以及它们在事务中的注册顺序.每个注册的设置都会覆盖以前的提供程序提供的设置-当然有.换句话说,如果您已经注册了标准的JSON配置提供程序,然后还假设一个数据库配置提供程序,则这两个提供程序都具有的那些设置将获取由后来定义的提供程序-数据库提供程序定义的值.因此,根据您的情况,我建议您执行以下操作:

It seems you're not interested in "ways" to do it, but in the recommended approach ASP.NET Core supports. While other answers here has mentioned the Azure KeyVault as a good storage for sensitive information, it's not the way to store it rather the actual storage. ASP.NET Core supports the notion of overridable configuration. That is, multiple configuration providers can be registered in the configuration system and the order they are registered in matters. Each registered one overrides settings from previous providers - those it has of course. In other words, if you have registered the standard JSON configuration provider and then also let's assume a database configuration provider, then those settings, which both providers have, will be getting the values defined by the later defined provider - the database provider. So in your situation, here what I'd suggest to do:

  1. 所有默认配置提供者都按原样注册.
    2. 最终
  2. 注册 Azure Key Vault (或类似的基于秘密存储的提供程序)配置提供程序.
  3. 使用证书身份验证通过Key Vault进行身份验证并读取敏感设置.
  1. Have all the default configuration providers registered as is.
  2. Register Azure Key Vault (or similar secret storage based provider) configuration provider in the end.
  3. Use certificate authentication to authenticate with Key Vault and read sensitive settings.

虽然这不是1:1映射到您当前的过程,但这符合ASP.NET Core原则.

While this is not 1:1 mapping to what your current process is, it is inline with ASP.NET Core principles.

您可以在以下位置阅读有关ASP.NET配置的更多信息:

You can read more about ASP.NET Configuration at: https://docs.microsoft.com/en-us/aspnet/core/fundamentals/configuration/index?tabs=basicconfiguration

在这里您可以阅读有关Azure KeyVault配置提供程序的信息: https://docs.microsoft.com/zh-cn/aspnet/core/security/key-vault-configuration?tabs=aspnetcore2x

Here you can read about Azure KeyVault configuration provider: https://docs.microsoft.com/en-us/aspnet/core/security/key-vault-configuration?tabs=aspnetcore2x

如果基于证书的身份验证不是您的选择,请考虑在环境变量中存储用于连接到Azure Key Vault服务的 ClientId ClientSecret 提供者( AddEnvironmentVariables()扩展方法将执行此操作)来访问这些内容.

If certificate based auth is not an option for you, consider storing ClientId and ClientSecret used to connect to Azure Key Vault service in environment variables, and use an appropriate configuration provider (AddEnvironmentVariables() extension method will do it) to access those.

此设置将非常安全.祝你好运!

This setup will be really secure. Good luck!

这篇关于在服务器上安全地加密/解密appsettings.json的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆