web.config 加密与解密实战

悟静 2011-12-12

展开全文

首先添加引用:

using System.Web.Configuration;

加密操作如下:

private void ProtectSection(string sectionName, string provider)
     {
         Configuration config =
             WebConfigurationManager.
                 OpenWebConfiguration(Request.ApplicationPath);

ConfigurationSection section = config.GetSection(sectionName);

         if (section != null && !section.SectionInformation.IsProtected)
         {
             section.SectionInformation.ProtectSection(provider);
             config.Save();
         }
     }

解密操作如下:

private void UnProtectSection(string sectionName)
     {
         Configuration config =
             WebConfigurationManager.
                 OpenWebConfiguration(Request.ApplicationPath);
         ConfigurationSection section = config.GetSection(sectionName);
         if (section != null && section.SectionInformation.IsProtected)
         {
             section.SectionInformation.UnprotectSection();
             config.Save();
         }
     }

实践:
加密前的配置文件:

<?xml version="1.0"?>
<configuration>
     <appSettings>
   <add key="name" value="shy520" />
   <add key="address" value="cnblogs" />
</appSettings>
     <system.web>
         <compilation debug="true"/>
   </system.web>
</configuration>

加密后的配置文件:

<?xml version="1.0"?>
<configuration>
     <appSettings configProtectionProvider="DataProtectionConfigurationProvider">
   <EncryptedData>
   <CipherData>
     <CipherValue>
       AQAAANCMnd8BFdERjHoAwE/Cl s
       BAAAABi1ATlNkEUGEf0XyWGL2Xg
       QAAAACAAAAAAADZgAAqAAAABAAA
       ABIhxMWlazAntwIIpST1CDXAAAA
       AASAAACgAAAAEAAAAPz/YKYx07c
       b h4fqdr4fkLgAAAAX1Ieyc WSx
       AfsDW1vn2C/fXsG2TAnYeUgaCov
       8e3nGFTHHsH91gLiqKregFPYzGR
       vW1xrez/3VwOmJI9eS7EFKrcXej
       NnHL66kg2iNRk3ntLNZlZtTs3cZ
       9w63u47VKAjs6miWsGBz2GntL/9
       UGHLELigrJcr3YJ lsjOscExQnv
       HGvA48EfxpD tEiFBtgXeHsFkQX
       cqGySshx16vCt2GUNUC3ZmEAhBh
       UsAFkPIYqelYHd4 m9a/xPe2tqw
       GIbla1wbW2NDEfrzJPwnkfmpNqR
       hXijKImipwXbDVYy6o0UAAAAs8D
       suYNOhJ7qAjJa2c/4eUC7sks=
       </CipherValue>
   </CipherData>
   </EncryptedData>
</appSettings>
     <system.web>
         <compilation debug="true"/>
   </system.web>
</configuration>

---------------------------------------------------------------------------------------------------

或者：

//解密可以写在页面，但也加密如何进行？
protected void Page_Load(object sender, EventArgs e)
    {
        //获取网站根目录下的web.config配置文件对蠏
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~/");
        //获取appSettings配置块信息
        ConfigurationSection appSettings = config.GetSection("appSettings");
        //判断配置块是否加密，如果己经加密，则进行解密
        if (appSettings.SectionInformation.IsProtected)
        {
            appSettings.SectionInformation.UnprotectSection();
        }
        else
        {
            //如果没有加密，则调用ProtectSection方法进行加密工作
            appSettings.SectionInformation.ProtectSection(
            "DataProtectionConfigurationProvider");
        }
        //保存配置信息
        config.Save();
        Response.Write("读取web.config配置文件中的<appSettings>配置节<br/>");
        foreach (string key in WebConfigurationManager.AppSettings.Keys)
        {
            Response.Write("键值名: " + key + "<br />");
            Response.Write("键值值为: " + WebConfigurationManager.AppSettings[key] + "<br/><br/>");
        }
    }