Read Catalogue
One: Why should we encrypt the configuration section in the Web. config configuration file?
Two: How to encrypt and decrypt?
Three: examples
Four: Operation effect
One: Why should we encrypt the configuration section in the Web. config configuration file?
Because in our project, some of the configuration sections may contain sensitive information, we see the following <connectionStrings/> configuration section contains the user name and password and IP address of the database that we connect to, which is dangerous if exposed, and < The Identity/> configuration section contains the user name and password for the demo account used by the runtime, which contain sensitive information and we do not want the password to be stored in the config file in plaintext, so we encrypt it
<connectionStrings>
<add name= "Localhostepgconnectionstr" connectionstring= "server=.; DATABASE=NEWNEWEPG; User id=sa;password=123 "providername=" System.Data.SqlClient "/>
</connectionStrings>
Two: How to encrypt and decrypt?
Use the Sectionintomation object to encrypt and decrypt Web. config
If you want to encrypt a configuration section, you only need to call the ProtectSection () method of the Sectionintomation object to pass the name of the provider you want to use to perform the encryption
If you are decrypting a configuration section, you only need to call the Unprotectsection () method of the Sectionintomation object to complete the decryption when you need to decrypt the configuration section of the file
1:protectsection () method
This method encrypts the configuration section in Web. config
The syntax is as follows:
public void ProtectSection (string protectprovider)
The parameters are described as follows:
Protectprovider: The name of the protection provider to use, by default, contains the following protection provider encryption, which must write the name of the protection provider that already exists, such as: "RsaProtectedConfigurationProvider", Cannot write " MyName ", otherwise the protection provider" MyName "cannot be reported
1.1:rsaprotectedconfigurationprovider: Encrypting and decrypting data using the RSA encryption algorithm
1.2:dpapiprotectedconfigurationprovider: Encrypting and decrypting data using the Windows Data Protection API (DPAPI)
2:unprotectsection () method
This method removes the protected configuration from the associated configuration section for decryption
Three: examples
ConfigurationManager comes from a namespace system.configuration, and WebConfigurationManager comes from a namespace System.Web.Configuration, Microsoft recommends that the Web application configuration file be manipulated It is recommended to use WebConfigurationManager when working on a client configuration file, and we have to refer to these two namespaces for ConfigurationManager.
We finally see that the decrypted <connectionStrings/> configuration section is identical to the configuration section before the unencrypted
Webconfigencryptdecrypt.aspx
Using System;
Using System.Collections.Generic;
Using System.Linq;
Using System.Web;
Using System.Web.UI;
Using System.Web.UI.WebControls;
Using System.Web.Configuration;
Using System.Configuration;
Namespace EPG. Webadmin.encryptdecrypt
{
public partial class WebConfigEncryptDecrypt:System.Web.UI.Page
{
protected void Page_Load (object sender, EventArgs e)
{
}
<summary>
Encrypt the Web. config file
</summary>
protected void Btnencrypt_click (object sender, EventArgs e)
{
Get the current configuration file
Configuration config = webconfigurationmanager.openwebconfiguration (request.applicationpath);
Get section Section
ConfigurationSection section = Config. GetSection ("connectionStrings");
If the section is not empty and the section is not protected
if (section! = null &&!section. sectioninformation.isprotected)
{
Protect specified sections encrypt and decrypt data using RSA encryption algorithm
Section. Sectioninformation.protectsection ("RsaProtectedConfigurationProvider");
Save
Config. Save ();
RegisterStartupScript ("", "<script>alert (' Encryption succeeded! ') </script> ");
}
}
<summary>
Decrypt the Web. config file
</summary>
protected void Btndecrypt_click (object sender, EventArgs e)
{
Get the current configuration file
Configuration config = webconfigurationmanager.openwebconfiguration (request.applicationpath);
Get section Section
ConfigurationSection section = Config. GetSection ("connectionStrings");
If the section is not empty and this section is protected
if (section! = null && section. sectioninformation.isprotected)
{
Protect specified sections encrypt and decrypt data using RSA encryption algorithm
Section. Sectioninformation.unprotectsection ();
Save
Config. Save ();
RegisterStartupScript ("", "<script>alert (' decryption succeeded! ') </script> ");
}
}
}
}
Four: Operation effect
Interface design
Non-encrypted <connectionStrings/> configuration section
Post-encryption <connectionStrings/> configuration section
Post-decryption <connectionStrings/> configuration section
Encryption and decryption technology-web.config encryption and decryption