• ASP.NET 配置文件加密


    众所周知,web.config可以存储包括数据库链接在内的众多信息,所以为配置文件加密有时候就显得必要了。

    1.加密前的配置文件如下:

    Web.config
     1 <?xml version="1.0"?>
    2
    3 <configuration>
    4 <connectionStrings>
    5 <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"
    6 providerName="System.Data.SqlClient"/>
    7 </connectionStrings>
    8 <appSettings>
    9 <add key="key1" value="value1"/>
    10 <add key="key2" value="value2"/>
    11 </appSettings>
    12
    13 <system.web>
    14 <compilation debug="true" targetFramework="4.0"/>
    15 <sessionState cookieless="AutoDetect" timeout="30"/>
    16 <machineKey validationKey="D61B3C89CB33A2F1422FF158AFF7320E8DB8CB5CDA1742572A487D94018787EF42682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE"
    17 decryptionKey="FBF50941F22D6A3B229EA593F24C41203DA6837F1122EF17"/>
    18 </system.web>
    19
    20 <system.webServer>
    21 <modules runAllManagedModulesForAllRequests="true"/>
    22 </system.webServer>
    23 </configuration>

    2.加密

    (1)前端源代码

    ConfigurationEncryption.aspx
     1  <form id="form1" runat="server">
    2 <div style="font-family: Calibri">
    3 <asp:Label ID="lbSection" runat="server" Text="Choose a section:"></asp:Label>
    4 <asp:DropDownList ID="ddlSection" runat="server">
    5 <asp:ListItem>connectionStrings</asp:ListItem>
    6 <asp:ListItem>appSettings</asp:ListItem>
    7 <asp:ListItem>system.web/machineKey</asp:ListItem>
    8 <asp:ListItem>system.web/sessionState</asp:ListItem>
    9 </asp:DropDownList>
    10 <br />
    11 <br />
    12 <asp:Button ID="btnEncrypt" runat="server" Text="Encrypt it" OnClick="btnEncrypt_Click"
    13 Height="30px" Width="120px"/>
    14 <asp:Button ID="btnDecrypt" runat="server" Text="Decrypt it" OnClick="btnDecrypt_Click"
    15 Height="30px" Width="120px"/>
    16 </div>
    17 </form>


    (2)后台代码

     1  private const string provider = "RSAProtectedConfigurationProvider";  //Use RSA Provider to encrypt configuration sections
    2
    3 protected void Page_Load(object sender, EventArgs e)
    4 {
    5
    6 }
    7
    8 protected void btnEncrypt_Click(object sender, EventArgs e)
    9 {
    10 if (string.IsNullOrEmpty(this.ddlSection.SelectedValue))
    11 {
    12 Response.Write("please select a configuration section");
    13 //选择要加密的配置节点
    14 return;
    15 }
    16 //获取加密的配置节点
    17 string sectionString = this.ddlSection.SelectedValue;
    18 //使用指定的虚拟路径将 Web 应用程序配置文件作为 System.Configuration.Configuration 对象打开以允许读或写操作。
    19 Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
    20 ConfigurationSection section = config.GetSection(sectionString);
    21 if (section != null)
    22 { //标记配置节点,进行保护
    23 section.SectionInformation.ProtectSection(provider);
    24 config.Save();
    25 Response.Write("encrypt successed, please check the configuration file.");
    26 }
    27 }
    28
    29 protected void btnDecrypt_Click(object sender, EventArgs e)
    30 {
    31 string sectionString = this.ddlSection.SelectedValue;
    32
    33 Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
    34 ConfigurationSection section = config.GetSection(sectionString);
    35 if (section != null && section.SectionInformation.IsProtected)
    36 {
    37 // 从关联的配置节中移除受保护的配置加密。
    38 section.SectionInformation.UnprotectSection();
    39 config.Save();
    40 Response.Write("decrypt success, please check the configuration file.");
    41 }
    42
    43 }

    (3)加密后的效果

    <?xml version="1.0"?>

    <configuration>
    <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
    xmlns
    ="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <KeyName>Rsa Key</KeyName>
    </KeyInfo>
    <CipherData>
    <CipherValue>im7ZLO/++t/Iu7rVXYj7J0WvUH0cry6YgZXyY9FKE47TLBggiJPrSn+kVKBGPzSygH92ompVIhPWhJtqsTGJhdKuxRlQA5SrASmEvlB7ANo3chLoZOQbTzRyiCNFk3jOF7uoUykyFIqDPDZO9Tw9tW+iJ3LUYEhWyhOuz66GgQs=</CipherValue>
    </CipherData>
    </EncryptedKey>
    </KeyInfo>
    <CipherData>
    <CipherValue>mCgroKV5diU9GnjPG7vNEBwtRLdA3h5P8NwkVFkUuS8jnV36dhJH0turxsHRQRFSIpxWQYOXz91yxEwuifCSfT2LBSw9ggE2gO/V1Ju/q/J+lfqFdHs2j1mXPbaiD4kXmcT+2i6UB+Cl8+ML0F+G6pru0ztoFAMS2otQovS8npFaGrNvv078wkYbfOPhIrjSHftgdBES48VXgcnILfFtGeF7BHAW1a36pInc9KWBA6H64orVuIRSGxTzZPxhaRrgsCANJbKRu3NX3q3o4vIfbQ4ugkrix9qG9UK4tcnhq5ytukEAaUJQe19Zb5onfDM54vG+Bd2Cggxs84Ie738LY/5qT8Gz0lS+</CipherValue>
    </CipherData>
    </EncryptedData>
    </connectionStrings>
    <appSettings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
    xmlns
    ="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <KeyName>Rsa Key</KeyName>
    </KeyInfo>
    <CipherData>
    <CipherValue>Jb0l7McUq/QKBTtPJ75KALSPOchDYkOMxYqqSVVUGg9OEQ0reea1eU7lr4tL7XgYP+llKFD+/i1PCL0mWXUqSCVzK9aVWsjTcyQEGLRrBF0YXYwq3TOyn+Egl/ENxtAabCGcStimDs2SQOjPCkuD3k3uRXI/0+wXNNXAPRftXZ8=</CipherValue>
    </CipherData>
    </EncryptedKey>
    </KeyInfo>
    <CipherData>
    <CipherValue>5/GgaNoruJPElBuKbq+ro5PlqcBECu7p1+3s+G3WzO5AGacgxDOJQvfQ6O33kEL3CLezhJ2/Nvzbq75lvvbnfSjCYXKcKVsk2LJADM5XAg61/U1v+0Ov1XlQ9WQKdyaepmTV5ccGRuHp94U4+JuJE/eXw2vJabkf</CipherValue>
    </CipherData>
    </EncryptedData>
    </appSettings>

    <system.web>
    <compilation debug="true" targetFramework="4.0"/>
    <sessionState configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
    xmlns
    ="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <KeyName>Rsa Key</KeyName>
    </KeyInfo>
    <CipherData>
    <CipherValue>K+G4c3VQgg7LtKZUuA5TS5h9Y8DWwdtudONFC9cgywGxedUEzcmnF0ise4XPv6F0Wx9pT6hwC2C+agHXPmVxupXKuonKXFsWWZ1edCXNzMuhzsoSyNcpkiWvk9lH5sXzHDhqeJbeAi5q5tf7nUKt8uoq5IjVpX/JoHHxmYzWfoM=</CipherValue>
    </CipherData>
    </EncryptedKey>
    </KeyInfo>
    <CipherData>
    <CipherValue>yr+lyfRycdN7BU+uuWv5AF/radmLM2qLgyjgdLEJVurs9KijocEmI6GeoCG6SgIjPukMhY6jieo1LVbuEPb75g==</CipherValue>
    </CipherData>
    </EncryptedData>
    </sessionState>
    <machineKey configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
    xmlns
    ="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <KeyName>Rsa Key</KeyName>
    </KeyInfo>
    <CipherData>
    <CipherValue>iBNJ6+10cIZr9Cj9KJ8KEpRrQe2L/4KiIR9Vg51NyFURwhYZd4kjV0TeuALhUqtlpDImp4kCg+3X/FKp1dob8DiILTcLYY68JDIcUUgyVVwwijwqVTcDvEucmB+vRQAN7u3ivPrEdDpihjqfOh7GxODjB/PfLD5MwrAVxQAeqL0=</CipherValue>
    </CipherData>
    </EncryptedKey>
    </KeyInfo>
    <CipherData>
    <CipherValue>Zb9wsQ+U9yPLlduYe7cQtzsXGF9do97y4iGCULOffGU+WgnIUAqVgOjrhTuNSiDnb9MYHXircQIrtkV9mqrqKvR++169uOrqtakZ3oK8ht8G8Qe2hhXv1EmNttGZvVOfsZmShlPXslWfOPDeHDV1oqhe/JEANw41RQ3KXot8eXCZjkdf/xkA5rkdixvtlmh9TleWTbnTq6LzrWwXUZXAR9UXybNE2ijG6ar+5a+05R6sgXEdgqNuV7RoFcbYba/zLffLkTBZ1YNvAbEfekuJTn018zOOX4x6v2bB2X3i7MsW9moROs0ld3UL0YOuqylS</CipherValue>
    </CipherData>
    </EncryptedData>
    </machineKey>
    </system.web>

    <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
    </system.webServer>
    </configuration>



  • 相关阅读:
    HashMap与Hashtable的区别
    List集合、泛型、装箱拆箱
    关于集合
    统一建模语言
    自定义栈
    学习笔记
    如何优化limit
    mysql五大存储引擎
    [离散数学]2016.12.15周四作业
    [离散数学]2016.12.9周四作业
  • 原文地址:https://www.cnblogs.com/January/p/2260883.html
Copyright © 2020-2023  润新知