.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Configuration;
namespace WebConfig加密
{
public partial class index : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
Configuration myConfiguration = null;
ConfigurationSection myAppSettings = null;
// DPAIP加密(用的最多)
protected void btnDPAIP_Click(object sender, EventArgs e)
{
try
{
getAppSettings(out myConfiguration, out myAppSettings);
if (!myAppSettings.SectionInformation.IsProtected)
{
//DPAPI加密
myAppSettings.SectionInformation.ProtectSection
("DataProtectionConfigurationProvider");
//储存设定写入web.config文件
myConfiguration.Save();
Response.Write("用DPAIP加密成功");
}
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
}
}
// RSA加密(需要设置权限,比较麻烦,用的不多)
protected void btnRSA_Click(object sender, EventArgs e)
{
try
{
getAppSettings(out myConfiguration, out myAppSettings);
if (!myAppSettings.SectionInformation.IsProtected)
{
//RSA加密
myAppSettings.SectionInformation.ProtectSection
("RsaProtectedConfigurationProvider");
//储存设定写入web.config文件
myConfiguration.Save();
Response.Write("以RSA加密成功!");
}
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
}
}
//取得取得Web.config中appSettings设定区段(还可以根据需要,设置需要加密的节点)
protected void getAppSettings(out Configuration myConfig, out ConfigurationSection
appSettings)
{
//开启Request所在路径网站的Web.config文件
myConfig = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
//取得Web.config中appSettings设定区段
appSettings = myConfig.GetSection("appSettings");
}
// 完全解密
protected void btnResolve_Click(object sender, EventArgs e)
{
try
{
getAppSettings(out myConfiguration, out myAppSettings);
if (myAppSettings.SectionInformation.IsProtected)
{
myAppSettings.SectionInformation.UnprotectSection(); //解密
myConfiguration.Save();
}
Response.Write("appSettings解密成功!");
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
}
}
}
}
.aspx
<body>
<form id="form1" runat="server">
<div>
<asp:Button ID="btnDPAIP" runat="server" Text="DPAIP加密" onclick="btnDPAIP_Click" />
<br />
<br />
<asp:Button ID="btnRSA" runat="server" Text="RSA加密" onclick="btnRSA_Click" />
<br />
<br />
<asp:Button ID="btnResolve" runat="server" Text="完全解密"
onclick="btnResolve_Click" />
</div>
</form>
</body>
加密前
<appSettings>
<add key="con" value="data source=.\SQLEXPRESS;Integrated
Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" />
</appSettings>
加密结果
<appSettings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAzCJXt/1660evq+/58WwHfAQAAAACAAAAAAADZgAAqAAAABAAAABa4SlZnvwdFhVlRr9PuT3hAAAAAASAAACgAAAAEAAAAEDgN4H/IpjLojCaYhMXkudgAQAA1NHa7mkrBWMGqXH9nmGi8Ie1Mnuh1iD8hXaAzZ8/4UnzAwIyJBvLHln/Kv+LatS/w8hLkTR/GbnIkYhzeuk/ER1m76VUzuhRY7KcwdXkZkOxelEjWZU/jA7wcvgyEN7OkRyhV0nz98zHI+XdxQkFsLEltNacCqBx3PgCkX+sKz1hyzp06D0QQOIbqoaNSWl/QuBAIxlZohAKaTxAQcnKjrOuBofp49N4OCbDFdoIFMfWaoCSfQV0xQUEVRCkBzzd/FGVjrSYeLgk9CM9vdSnioLUDIMv62dxqEYM/0dRd4qhYTghIzWwe/POKR8IxUC++zRT/kEKh5cTw8OppW+mU1+6oqul98jxxk//UJ/HyVEBZ8XAVhetcSjUH1eXyzBcup03L8V+WnEmqAwzoibMpDmTkXIEitSZRJ/8Fy26hByUJkslQFYdtLgZ92OCLfSVCW3etWXDtMpD7cfJuMP6XBQAAAAYjlMjewxEJfZKD64skP+Lnh5x6w==</CipherValue>
</CipherData>
</EncryptedData>
</appSettings>
加密一般用在神马时候呢?
当你把这个程序发布给用户,发布之前,你需要把你不希望暴露给用户的信息的节点加密。