本文介绍怎么用aspnet_regiis命令加密数据库连接串。
aspnet_regiis加密方式的秘钥是保存在本地的,原则上是在那台计算机上用就在那台机上加密。
执行脚本分两种情况,计算机上是否安装VS(各种版本)。
如果机子上有安装 VS,直接用VS命令行执行脚本。
没安装VS,可以用Windows命令提示符,一样的,不过要用cd命令去到aspnet_regiis目录下执行,如:C:\Windows\Microsoft.NET\Framework64\v2.0.50727。
步骤如下:
1、输入 aspnet_regiis -pc "Key" -exp,创建一个可导出的rsa密钥容器,命名为Key
aspnet_regiis -pc "Key" -exp2、在你要加密的信息前面指定密钥容器,keyContainerName是第一步创建的Key
<configProtectedData>
<providers>
<clear />
<add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/>
</providers>
</configProtectedData>
<connectionStrings>
<add name="Conn" connectionString="Data Source=.;Initial Catalog=DBTest;Persist Security Info=True;User ID=User1;Password=abc123" providerName="System.Data.SqlClient"/>
</connectionStrings>3、在configuration节的xmlns属性有如下值:<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">,加密完成后删掉xmlns。
4、对配置文件进行加密,D:\Git\Staff Management System\SMS.Web 是web.config的路径
aspnet_regiis -pef "connectionStrings" "D:\Git\Staff Management System\SMS.Web" -prov "KeyProvider"
扫描二维码关注公众号,回复:
12883143 查看本文章
加密结果如下
<configProtectedData>
<providers>
<clear />
<add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/>
</providers>
</configProtectedData>
<connectionStrings configProtectionProvider="KeyProvider">
<EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>Rsa Key</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>VBi6oVdS+PL6N2JAeqJ0mxI6CJoNneRcJTMFkUsroKtp01X1RJ/TToB74gsO7A7/nCKrgond0KFxb6qXIoOZZe+0VlHgHV4WxgwcovScLq2KJVGvdZsLszYOGrPIF7SbMZV9aFNutifoLHlwThH8D40TRJ3FItivKULTzkKcpko=</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>bALaXOFsvecXwO51abaP811MHt1QOGjb32aWHSz+c+0+qx3GFlRb2kzv79BjGb1qgRnneR1jX1tniqH//8pn+GXgcUj0TYz7Yo55LETyovyrOXvhRcxdNmZjtjZTuhL9pCkFfx3ylO+ikGOCNRWbcSGQxdKGsoGOowwp3L/u9xBO0kZ7XCiKWLYvQVpt3mRmtwfpOIl8pFxwQHDdPkRAT09mSItuyqaZDfW0cdB6t3rIiiSykCGLQ1mfjpYQwKNDQjoqJXnnULrqFvZvC0xT7ZUoNqshHMMiFsYYtY0Vr60g1Uys0MlozHU479/KqB6s5yjZPzPK1TMNthROH9PKtS1InHZzi743+eRwK8Q5mSpwH7lBzhNpAnryFxe37hlSQBDGRilzWT6Uiq+xR2znMYEXUE2maVVYkq70TqYYWs1iB6y0iTIa23NRO91pszNEw0R3azZXkLgKN5GdzYzEeJtTKYWi/2nWMFtPVDqmeuUVKvfK9JSVUj1rXMw9Ij/zb89ZZuEK2C/NcP177kF7/z6yMuYYIDHCge3eFuxra9d7I602NQLthv23VjYdKCz9SJi48z8ObibvFKz/QECjlte8SWrPq6DthbPY+FII5MHQTOPF1ytG3qXjSue5M0BfyU+kpa+QVWA4WxNogBEDaR0/g17oiaNUq7+ZQP2N8ZtTqhH79dXJjZ5fqIIfqwgyzecnOHuzENCIL2gZbHCKA4VhZ8bJbrHzvyzayMaSK/iYWvHNWP0iYMwmsTfMmeZqQ6ayy16fK2IzLnZZ/r1xjLdi5UWvcoc2tH4akpiJr2AovivyVx4XWKMQXwrcdvICxSMGmAjLCeLQYoLboFyGEg==</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
导出RSA 密钥容器
aspnet_regiis -px "Key" "c:\keys.xml" -pri
导出的xml的内容如下
导入RSA 密钥容器
aspnet_regiis -pi "MyKeys" "c:\keys.xml"
配置文件web.config的configProtectedData→providers的keyContainerName改为导入的名就行
<configProtectedData>
<providers>
<clear />
<add name="KeyProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="MyKeys" useMachineContainer="true"/>
</providers>
</configProtectedData>
推荐:4.0版的加密,方便快捷
加密,直接在cmd窗口中运行,webconfig文件不需要配置任何东西
c:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pef "connectionStrings" "D:Dev\Web" -prov "DataProtectionConfigurationProvider"解密
aspnet_regiis.exe -pdf "connectionStrings" "你的web项目路径"
c:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pdf "connectionStrings" "D:Dev\Web"