C#中Web.Config加密與解密的方法

更新時(shí)間：2013年04月24日 17:23:30 作者：

C#中Web.Config加密與解密的方法，需要的朋友可以參考一下

Web.Config，其中一部分配置如下：

  <appSettings>
    <add key="EricTest" value="EricTest"/>
    <add key="Encrypt" value="Encrypt value"/>
  <appSettings>

  <connectionStrings >
    <add name="EncryptConnection" connectionString="Data Source=.\SQL2000;Initial Catalog=Northwind;user id=sa;password=test"/>
    <add name="SQLExpress" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=myDB;user id=sa;password=test"
     providerName="System.Data.SqlClient" />
  <connectionStrings>
 

在加密前，先做一些準(zhǔn)備工作。

首先引用使用空間

復(fù)制代碼代碼如下:

using System.Configuration;
using System.Web.Configuration;
//將加密方式定義一下。主要是為了使用方便。

        ///
        /// 加密方式
        ///
        public enum EncryptType
        {
            DataProtectionConfigurationProvider,
            RSAProtectedConfigurationProvider
        }

使用DPAPI加密

復(fù)制代碼代碼如下:

        ///
        /// 以DPAPI方式加密Config
        ///
        private void EncryptWebConfigByDPAPI()
        {
            Configuration configuration = null;
            ConfigurationSection connectionSection = null;

            //打開Request所在路徑網(wǎng)站的Web.config文件
            configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            //取得Web.config中connectionStrings設(shè)置區(qū)塊
            connectionSection = configuration.GetSection("connectionStrings");
            //未加密時(shí)
            if (!connectionSection.SectionInformation.IsProtected)
            {
                connectionSection.SectionInformation.ProtectSection(EncryptType.DataProtectionConfigurationProvider.ToString());
                configuration.Save();
            }
        }

加密前后的數(shù)據(jù)對(duì)比

復(fù)制代碼代碼如下:

  <connectionStrings >
    <add name="EncryptConnection" connectionString="Data Source=.\SQL2000;Initial Catalog=Northwind;user id=sa;password=test"/>
    <add name="SQLExpress" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=myDB;user id=sa;password=test"
     providerName="System.Data.SqlClient" />
  <connectionStrings>

復(fù)制代碼代碼如下:

  <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
    <EncryptedData>
      <CipherData>
        <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAPCENeNbVhU6C+bx4E8qcPAQAAAACAAAAAAAQZgAAAAEAACAAAADiE56Y0pGCoKEpOvxMVmMYO3tMqI/2W89HUIq0LeJAegAAAAAOgAAAAAIAACAAAACYuFOjNtk1iprbV91mmP8aCIULLZvRHAPwbAvoHvtXpKACAABP0/YOt/B8IG/eLnaxrDVCXPq6l8McVOvpL0hV4507VEpJb6FyRoM9c5TI6iIF6Jz8GQfnfQiF4P27RLyvvvu/R9KpuwDsZ0IKjpe47Nt/q/qOLlQx6vhQVE8yAjJ64DrujH6wjS2XdZSC03Co4u9OG/YdJX9zkpjVMNW8cx5FFklYmIzHxWx+b1ZFtZMu0CA8lzU4slkTBFmE3JMMa4KqC6EGedDXD3z53QkBt3KISWt1lM5ulPeQ8rfR7qrzUEWQsgaGLuNTJvCDwlPJWbZVzQaOHo71/epQRPHgvmNAkK1/hRqwXr0uMF9K6HNKCr0NDLFECLHcjCC4zR6QhhWdWT8FHPm2Zg2yucekeHQsrbiWtjZqg/DdyVPLWqmEdj82T1Gm9u9xhDHuNLpOT1FXy7bGjjok9TW1MxbWIXQ7bBih0mUwmvESD8aZGdxoH0XEFyy3flY2hjwszG4Opg3Qmz1/S0x6Sbz1vJJL7rk7FTdG3PwMDFvcvKlmmDZQTkM3SqplazwrjYI4IJBnIAL/uBxwMdxO515lWS55dDkdnx5r8HtGoeCN+cw5qFW8xxRPRsQKg6Sgti1GF2KzezZ5WJegN0hqUs18XoEpzCuuALbzHqRNBswwn0/GfdadxfwdNxoTHdJ+cQC3vSLk5f02pTW9CFZWDn30AFjIpMtArNltppLvWAP1YxtKMtyzjmv7iiIOsMtHFICTJAzO7FeTc+YToifu/wddPESZQB2MlrefnUK+cBkoSzAusfhtqUWfhblv6JnEq5A/PdohEkSu0dn2pC6AeqoG/Yngb6BJzpRFxssDfIkDH6LfXdo4s5WJXJx7VQNqUo4mmTKoUcp6DGmoogZqbHODL3MbgKFQyjdvXV9+4Aa9qOlHbcKDL5tAAAAAChj0UAPAO59pmMZ7gJ67ho1Mxjg9NTuAh/lG5XI+phDRzWcNRmjv2ZrUhz8eWIgCMoIG7NviBnbmCeT4K8pXUw==CipherValue>
      <CipherData>
    <EncryptedData>
  <connectionStrings>
 

對(duì)使用DPAPI加密的數(shù)據(jù)解密

復(fù)制代碼代碼如下:

        ///
        /// 解密DPAPI
        ///
        private void DecryptWebConfigByDPAPI()
        {
            Configuration configuration = null;
            ConfigurationSection connectionSection = null;

            //打開Request所在路徑網(wǎng)站的Web.config文件
            configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            //取得Web.config中connectionStrings設(shè)置區(qū)塊
            connectionSection = configuration.GetSection("connectionStrings");
            if (connectionSection.SectionInformation.IsProtected)
            {
                connectionSection.SectionInformation.UnprotectSection();
                configuration.Save();
            }
        }

調(diào)用DPAPI加密數(shù)據(jù)(無需解密)

復(fù)制代碼代碼如下:

        /// 
        /// 取得加密后的數(shù)據(jù)
        /// 
        private void GetEncryptWebConfigByDPAPI()
        {
            string cncryptConnection = WebConfigurationManager.ConnectionStrings["EncryptConnection"].ConnectionString;
            string sqlExpressConnection = WebConfigurationManager.ConnectionStrings["SQLExpress"].ConnectionString;
        }

使用RSA加密

復(fù)制代碼代碼如下:

        ///
        /// 以RSA方式加密Config
        ///
        private void EncryptWebConfigByRsa()
        {
            Configuration configuration = null;
            ConfigurationSection connectionSection = null;

            //打開Request所在路徑網(wǎng)站的Web.config文件
            configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            //取得Web.config中connectionStrings設(shè)置區(qū)塊
            connectionSection = configuration.GetSection("appSettings");
            //未加密時(shí)
            if (!connectionSection.SectionInformation.IsProtected)
            {
                connectionSection.SectionInformation.ProtectSection(EncryptType.RSAProtectedConfigurationProvider.ToString());
                configuration.Save();
            }
        }

加密前后數(shù)據(jù)對(duì)比：

復(fù)制代碼代碼如下:

    <appSettings>
    <add key="EricTest" value="EricTest"/>
    <add key="Encrypt" value="Encrypt value"/>
  <appSettings>

復(fù)制代碼代碼如下:

 
  <appSettings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
      xmlns="http://www.w3.org/2001/04/xmlenc#">
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <KeyName>Rsa <KeyKeyName>
          <KeyInfo>
          <CipherData>
            <CipherValue>CJIkulw6qBtLeY5MJ9bs1ROpF1l3f4ulRzKnd6ZXN6XyG9O+b6Hr52ijK1AL9/+nsBseAPfdKDGaX/SKlJYwgzHhhi9sBrDBJ10dJcSnuGuWpI5zSLc+QHdpV0Z4iJTw83jmRDb9eFCX7aG60qWl52ofeqlI/ps1HsOjlKPSv8M=CipherValue>
          <CipherData>
        <EncryptedKey>
      <KeyInfo>
      <CipherData>
        <CipherValue>y1aEM/BRwcwZXWeuLe9mbakU8AuI7CpElrjoJgQEfzaoZXq7uEJspQAxJyDIYmCF4EgjKhE7pY6WBRAjRaBBODxxEQHGJ8I1+T554H8zosZ2InO43h5X0ZjCmvAWxNbEq1rP9DnuTcHEYqrw70nNShf79W6e2fmUF1DoVpwYNWMLeHJCP7ZkZg==CipherValue>
      <CipherData>
    <EncryptedData>
  <appSettings>

解密RSA加密數(shù)據(jù)

復(fù)制代碼代碼如下:

        ///
        /// 解密Rsa
        ///
        private void DecryptWebConfigByRsa()
        {
            Configuration configuration = null;
            ConfigurationSection connectionSection = null;

            //打開Request所在路徑網(wǎng)站的Web.config文件
            configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            //取得Web.config中connectionStrings設(shè)置區(qū)塊
            connectionSection = configuration.GetSection("appSettings");
            if (connectionSection.SectionInformation.IsProtected)
            {
                connectionSection.SectionInformation.UnprotectSection();
                configuration.Save();
            }
        }

調(diào)用使用RSA加密數(shù)據(jù)(無需解密)

復(fù)制代碼代碼如下:

        /// 
        /// 取得加密后的數(shù)據(jù)
        /// 
        private void GetEncryptWebConfigByRsa()
        {
            string cncryptConnection = WebConfigurationManager.AppSettings["EricTest"];
            string sqlExpressConnection = WebConfigurationManager.AppSettings["Encrypt"];
        }

您可能感興趣的文章: