ASP. NET web. config encryption and decryption methods (CODE), asp. netweb. config
- /// <Summary>
- /// Protect web. config encryption and decryption
- /// </Summary>
- Public class ProtectHelper
- {
- /// <Summary>
- /// Decrypt
- /// </Summary>
- /// <Param name = "pToDecrypt"> encrypted connection string </param>
- /// <Param name = "sKey"> Custom key </param>
- /// <Returns> decrypt the string </returns>
- Public static string UnProtectSection (string pToDecrypt, string sKey)
- {
- Byte [] inputByteArray = Convert. FromBase64String (pToDecrypt );
- Using (DESCryptoServiceProvider des = new DESCryptoServiceProvider ())
- {
- Des. Key = ASCIIEncoding. ASCII. GetBytes (sKey );
- Des. IV = ASCIIEncoding. ASCII. GetBytes (sKey );
- System. IO. MemoryStream MS = new System. IO. MemoryStream ();
- Using (CryptoStream cs = new CryptoStream (MS, des. CreateDecryptor (), CryptoStreamMode. Write ))
- {
- Cs. Write (inputByteArray, 0, inputByteArray. Length );
- Cs. FlushFinalBlock ();
- Cs. Close ();
- }
- String str = Encoding. UTF8.GetString (ms. ToArray ());
- Ms. Close ();
- Return str;
- }
- }
- /// <Summary>
- /// Encryption
- /// </Summary>
- /// <Param name = "pToEncrypt"> connection string </param>
- /// <Param name = "sKey"> Custom key </param>
- /// <Returns> encrypted string </returns>
- Public static string ProtectSection (string pToEncrypt, string sKey)
- {
- Using (DESCryptoServiceProvider des = new DESCryptoServiceProvider ())
- {
- Byte [] inputByteArray = Encoding. UTF8.GetBytes (pToEncrypt );
- Des. Key = ASCIIEncoding. ASCII. GetBytes (sKey );
- Des. IV = ASCIIEncoding. ASCII. GetBytes (sKey );
- System. IO. MemoryStream MS = new System. IO. MemoryStream ();
- Using (CryptoStream cs = new CryptoStream (MS, des. CreateEncryptor (), CryptoStreamMode. Write ))
- {
- Cs. Write (inputByteArray, 0, inputByteArray. Length );
- Cs. FlushFinalBlock ();
- Cs. Close ();
- }
- String str = Convert. ToBase64String (ms. ToArray ());
- Ms. Close ();
- Return str;
- }
- }
- }
In aspnet, how does one encrypt config connectionstrings?
To encrypt the configuration information on the website, you do not need to write any code or modify any code. You only need to use the aspnet_regiis tool to modify the configuration file.
For example, the following configuration file needs to be encrypted:
<Configuration>
<ConnectionStrings>
<Add name = "SqlServices" connectionString = "Data Source = localhost;
Integrated Security = SSPI; Initial Catalog = Northwind; "/>
</ConnectionStrings>
</Configuration>
Assume that the configuration file is in the MyApplication directory.
Encryption command
Aspnet_regiis-pe "connectionStrings"-app "/MyApplication"
The aspnet_regiis command is in the. net Framework directory you have installed. The default value is:
C: \ WINDOWS \ Microsoft. Net \ Framework \ v2.0 .*
Encrypted effect:
<Configuration>
<ConnectionStrings configProtectionProvider = "RsaProtectedConfigurationProvider">
<EncryptedData Type = "www.w3.org/2001/04/xmlenc?element"
Xmlns = "www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm = "www.w3.org/2001/04/xmlenc?tripledes-cbc"/>
<KeyInfo xmlns = "www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns = "...... the remaining full text>
C # & aspnet encryption and decryption all the value methods in a webconfig Node
Just give me an idea.
1. Write a class or package the symmetric encryption algorithm into a dll for encryption and decryption.
2. web. config is an XML file. You can encrypt the content in <re> </re> into a string, and add the CDATA at both ends of the content to indicate the XML content.
3. Read and decrypt the content in Xml.
Why don't I write it into the deleetting system? Aspnet also supports functions, which is easier than making XML directly.