设为首页 加入收藏
首 页 企业简介 项目案例 软件定制 行业软件 解决方案 企业资讯 服务专区 客服中心
服务项目
案例展示 更多 >>
·维修管理系统 2012/5/14
·园区游客服务管理系统 2012/5/10
·党风廉政信息公开平台 2012/5/10
·职工提案系统软件 2012/1/11
·电信客户资源管理系统软… 2012/1/11
·洗衣收银软件 2012/1/11
·触摸查询系统软件 2012/1/11
·西安来电弹屏软件 2011/8/31
·西安软件公司仓库管理软… 2011/6/9
·会员管理系统 2011/6/9
联系人:李先生
电  话:029-87878512
手  机:13468700578
地  址:西安市欧亚大道丝路国际创意梦工厂4号楼
在线咨询:  762176615
Email:junsoft@126.com
 
当前的位置 >> 返回首页 >> 解决方案
Web.config加密——使用编程方式方式
发布者:西安软件公司   发布时间:2012/8/23   阅读:16次

有Web.Config,其中一部分配置如下:

<!--应用程序设置值-->
<appSettings>
<add key="EricTest" value="EricTest"/>
<add key="Encrypt" value="Encrypt value"/>
</appSettings>
<!--连接字符串-->
<connectionStrings >
<add name="EncryptConnection" connectionString="Data Source=.\SQL2000;Initial Catalog=Northwind;user id=sa;password=test"/>
<add name="SQLExpress" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=myDB;user id=sa;password=test"
providerName
="System.Data.SqlClient" />
</connectionStrings>

首先引用使用空间

using System.Configuration;
using System.Web.Configuration;

将加密方式定义一下。主要是为了使用方便。

/// <summary>
/// 加密方式
/// </summary>
public enum EncryptType
{
DataProtectionConfigurationProvider,
RSAProtectedConfigurationProvider
}

使用DPAPI加密

/// <summary>
/// 以DPAPI方式加密Config
/// </summary>
private void EncryptWebConfigByDPAPI()
{
Configuration configuration
= null;
ConfigurationSection connectionSection
= null;

//打开Request所在路径网站的Web.config文件
configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
//取得Web.config中connectionStrings设置区块
connectionSection = configuration.GetSection("connectionStrings");
//未加密时
if (!connectionSection.SectionInformation.IsProtected)
{
connectionSection.SectionInformation.ProtectSection(EncryptType.DataProtectionConfigurationProvider.ToString());
configuration.Save();
}
}

加密前后的数据对比

<!--加密前-->
<connectionStrings >
<add name="EncryptConnection" connectionString="Data Source=.\SQL2000;Initial Catalog=Northwind;user id=sa;password=test"/>
<add name="SQLExpress" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=myDB;user id=sa;password=test"
providerName
="System.Data.SqlClient" />
</connectionStrings>

-------------------------
<!--加密后-->
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAPCENeNbVhU6C+bx4E8qcPAQAAAACAAAAAAAQZgAAAAEAACAAAADiE56Y0pGCoKEpOvxMVmMYO3tMqI/2W89HUIq0LeJAegAAAAAOgAAAAAIAACAAAACYuFOjNtk1iprbV91mmP8aCIULLZvRHAPwbAvoHvtXpKACAABP0/YOt/B8IG/eLnaxrDVCXPq6l8McVOvpL0hV4507VEpJb6FyRoM9c5TI6iIF6Jz8GQfnfQiF4P27RLyvvvu/R9KpuwDsZ0IKjpe47Nt/q/qOLlQx6vhQVE8yAjJ64DrujH6wjS2XdZSC03Co4u9OG/YdJX9zkpjVMNW8cx5FFklYmIzHxWx+b1ZFtZMu0CA8lzU4slkTBFmE3JMMa4KqC6EGedDXD3z53QkBt3KISWt1lM5ulPeQ8rfR7qrzUEWQsgaGLuNTJvCDwlPJWbZVzQaOHo71/epQRPHgvmNAkK1/hRqwXr0uMF9K6HNKCr0NDLFECLHcjCC4zR6QhhWdWT8FHPm2Zg2yucekeHQsrbiWtjZqg/DdyVPLWqmEdj82T1Gm9u9xhDHuNLpOT1FXy7bGjjok9TW1MxbWIXQ7bBih0mUwmvESD8aZGdxoH0XEFyy3flY2hjwszG4Opg3Qmz1/S0x6Sbz1vJJL7rk7FTdG3PwMDFvcvKlmmDZQTkM3SqplazwrjYI4IJBnIAL/uBxwMdxO515lWS55dDkdnx5r8HtGoeCN+cw5qFW8xxRPRsQKg6Sgti1GF2KzezZ5WJegN0hqUs18XoEpzCuuALbzHqRNBswwn0/GfdadxfwdNxoTHdJ+cQC3vSLk5f02pTW9CFZWDn30AFjIpMtArNltppLvWAP1YxtKMtyzjmv7iiIOsMtHFICTJAzO7FeTc+YToifu/wddPESZQB2MlrefnUK+cBkoSzAusfhtqUWfhblv6JnEq5A/PdohEkSu0dn2pC6AeqoG/Yngb6BJzpRFxssDfIkDH6LfXdo4s5WJXJx7VQNqUo4mmTKoUcp6DGmoogZqbHODL3MbgKFQyjdvXV9+4Aa9qOlHbcKDL5tAAAAAChj0UAPAO59pmMZ7gJ67ho1Mxjg9NTuAh/lG5XI+phDRzWcNRmjv2ZrUhz8eWIgCMoIG7NviBnbmCeT4K8pXUw==</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>

对使用DPAPI加密的数据解密

/// <summary>
/// 解密DPAPI
/// </summary>
private void DecryptWebConfigByDPAPI()
{
Configuration configuration
= null;
ConfigurationSection connectionSection
= null;

//打开Request所在路径网站的Web.config文件
configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
//取得Web.config中connectionStrings设置区块
connectionSection = configuration.GetSection("connectionStrings");
if (connectionSection.SectionInformation.IsProtected)
{
connectionSection.SectionInformation.UnprotectSection();
configuration.Save();
}
}

调用DPAPI加密数据(无需解密)

/// <summary>
/// 取得加密后的数据
/// </summary>
private void GetEncryptWebConfigByDPAPI()
{
string cncryptConnection = WebConfigurationManager.ConnectionStrings["EncryptConnection"].ConnectionString;
string sqlExpressConnection = WebConfigurationManager.ConnectionStrings["SQLExpress"].ConnectionString;
}

使用RSA加密

/// <summary>
/// 以RSA方式加密Config
/// </summary>
private void EncryptWebConfigByRsa()
{
Configuration configuration
= null;
ConfigurationSection connectionSection
= null;

//打开Request所在路径网站的Web.config文件
configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
//取得Web.config中connectionStrings设置区块
connectionSection = configuration.GetSection("appSettings");
//未加密时
if (!connectionSection.SectionInformation.IsProtected)
{
connectionSection.SectionInformation.ProtectSection(EncryptType.RSAProtectedConfigurationProvider.ToString());
configuration.Save();
}
}

加密前后数据对比:

<!--加密前-->
<appSettings>
<add key="EricTest" value="EricTest"/>
<add key="Encrypt" value="Encrypt value"/>
</appSettings>
------------------------------
<!--加密后-->
<appSettings configProtectionProvider="RsaProtectedConfigurationProvider">
<EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
xmlns
="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>Rsa Key</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>CJIkulw6qBtLeY5MJ9bs1ROpF1l3f4ulRzKnd6ZXN6XyG9O+b6Hr52ijK1AL9/+nsBseAPfdKDGaX/SKlJYwgzHhhi9sBrDBJ10dJcSnuGuWpI5zSLc+QHdpV0Z4iJTw83jmRDb9eFCX7aG60qWl52ofeqlI/ps1HsOjlKPSv8M=</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>y1aEM/BRwcwZXWeuLe9mbakU8AuI7CpElrjoJgQEfzaoZXq7uEJspQAxJyDIYmCF4EgjKhE7pY6WBRAjRaBBODxxEQHGJ8I1+T554H8zosZ2InO43h5X0ZjCmvAWxNbEq1rP9DnuTcHEYqrw70nNShf79W6e2fmUF1DoVpwYNWMLeHJCP7ZkZg==</CipherValue>
</CipherData>
</EncryptedData>
</appSettings>

解密RSA加密数据

/// <summary>
/// 解密Rsa
/// </summary>
private void DecryptWebConfigByRsa()
{
Configuration configuration
= null;
ConfigurationSection connectionSection
= null;

//打开Request所在路径网站的Web.config文件
configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
//取得Web.config中connectionStrings设置区块
connectionSection = configuration.GetSection("appSettings");
if (connectionSection.SectionInformation.IsProtected)
{
connectionSection.SectionInformation.UnprotectSection();
configuration.Save();
}
}

调用使用RSA加密数据(无需解密)

/// <summary>
/// 取得加密后的数据
/// </summary>
private void GetEncryptWebConfigByRsa()
{
string cncryptConnection = WebConfigurationManager.AppSettings["EricTest"];
string sqlExpressConnection = WebConfigurationManager.AppSettings["Encrypt"];
}

网站首页 | 关于我们 | 售后服务 | 网站地图 | 查看留言 | 在线留言 | 客服中心
© 版权所有:西安润宇软件科技有限公司 
公司地址:西安市丝路国际创意梦工厂4号楼  联系电话:029-87878512 手机:13468700578 联系人:李先生
Copyright ® 2011-2020 Xbwbw.com Inc. All Rights Reserved 
技术支持:西安润宇软件科技有限公司  陕ICP备11000720号-2