最近在做一个WinForm的项目,由于采用的是在客户端直接连接数据库的方式,需要在客户端部署App.config,由于使用了Enterprise Library,需要对App.config文件里的connectionStrings片断进行加密处理,搜索MSDN,发现已经有了现成的工具 ASP.NET IIS 注册工具 (Aspnet_regiis.exe),可是它只能针对ASP.NET的Web.config文件,难道我们就没有办法了吗?答案当然是否定的。
配置选项
输入命令:aspnet_regiis -pef "connectionStrings" "E:\开发目录",加密后的config文件内容如下:
由此可见,我们已经完成了任务,现在只需要将Web.config文件名改回App.config即可,在应用程序项目中无需对该文件进行解密操作,.NET框架会自动替我们完成,如果想解密该文件也很简单,在SDK命令提示里输入aspnet_regiis -pdf "配置节" "目录"即可。
配置选项
| -pdf section webApplicationDirectory | 对指定物理(非虚拟)目录中的 Web.config 文件的指定配置节进行解密。 |
| -pef section webApplicationDirectory | 对指定物理(非虚拟)目录中的 Web.config 文件的指定配置节进行加密。 |
-pdf 和-pef 参数是对指定的物理目录里的Web.config文件进行加密,我们可以先将App.config文件改名为Web.config,通过这两个参数便可以“骗”过系统,让它将指定的配置节进行加密,我们只需要将加密后的文件名改回App.config即可,我们来实验一下:
第一步:先将目录下的App.config改名为Web.config。
第二步:打开SDK命令提示,输入命令:aspnet_regiis -pef "配置节" "目录",以我的项目为例,加密前的config文件内容如下:
1
<? xml version="1.0" encoding="utf-8" ?>
2
< configuration >
3
< configSections >
4
< section name ="dataConfiguration" type ="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null" />
5
</ configSections >
6
< dataConfiguration defaultDatabase ="Connection String" />
7
< connectionStrings >
8
< add name ="Connection String" connectionString ="Database=LocomotiveStat;Server=10.167.61.49;User ID=sa;Password=sa;"
9
providerName ="System.Data.SqlClient" />
10
</ connectionStrings >
11
</ configuration >
<? xml version="1.0" encoding="utf-8" ?> 2
< configuration > 3
< configSections > 4
< section name ="dataConfiguration" type ="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null" /> 5
</ configSections > 6
< dataConfiguration defaultDatabase ="Connection String" /> 7
< connectionStrings > 8
< add name ="Connection String" connectionString ="Database=LocomotiveStat;Server=10.167.61.49;User ID=sa;Password=sa;" 9
providerName ="System.Data.SqlClient" /> 10
</ connectionStrings > 11
</ configuration >输入命令:aspnet_regiis -pef "connectionStrings" "E:\开发目录",加密后的config文件内容如下:
1
<? xml version="1.0" encoding="utf-8" ?>
2
< configuration >
3
< configSections >
4
< section name ="dataConfiguration" type ="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null" />
5
</ configSections >
6
< dataConfiguration defaultDatabase ="Connection String" />
7
< connectionStrings configProtectionProvider ="RsaProtectedConfigurationProvider" >
8
< EncryptedData Type ="http://www.w3.org/2001/04/xmlenc#Element"
9
xmlns ="http://www.w3.org/2001/04/xmlenc#" >
10
< EncryptionMethod Algorithm ="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
11
< KeyInfo xmlns ="http://www.w3.org/2000/09/xmldsig#" >
12
< EncryptedKey xmlns ="http://www.w3.org/2001/04/xmlenc#" >
13
< EncryptionMethod Algorithm ="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
14
< KeyInfo xmlns ="http://www.w3.org/2000/09/xmldsig#" >
15
< KeyName > Rsa Key </ KeyName >
16
</ KeyInfo >
17
< CipherData >
18
< CipherValue > g2QFQqbHU1L6WUPYqjADqFAvHcdq/7dqCd1U9GlQFEi/nHDVHjqsWvjNywOZtQQg7Q/yW7g8xlRCo0h2+yYd/tQTNoVMu/RKdJmSjZMnmnwpWq+S2VEWK4U106JQwLCfBR/bAF4DHvG47B9KB0JbRfXBt5V2wJVaAI9u3kzuj50= </ CipherValue >
19
</ CipherData >
20
</ EncryptedKey >
21
</ KeyInfo >
22
< CipherData >
23
< CipherValue > blwV/ZW1izFZL80YL5RkcjrIjWkQ0L1gJhgZbxEzzTgOcT24ihrAnv3/rDCG+WIZ7TL5D/rMm7dQwkIsij1Sh3befg6F3+pxcW4oe1w/bovIKuzjs3tokUpBvTTj+fsCs2W/MWUhQaWMKQWkHfS2Ajt6gL6MTYtb3pfQUp0pdHbeRxoqdiAksQ1Zzsi1FtRTi7gTT7hnpF0pJs+W9mxTVDMO/qSZXfXLOEMIs/A5ExcfvR5GjpaPuDeLuSsCN3XtjaiXzaDQ3It7j+r66+L2C0xvEhbT9SsG </ CipherValue >
24
</ CipherData >
25
</ EncryptedData >
26
</ connectionStrings >
27
</ configuration >
<? xml version="1.0" encoding="utf-8" ?> 2
< configuration > 3
< configSections > 4
< section name ="dataConfiguration" type ="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null" /> 5
</ configSections > 6
< dataConfiguration defaultDatabase ="Connection String" /> 7
< connectionStrings configProtectionProvider ="RsaProtectedConfigurationProvider" > 8
< EncryptedData Type ="http://www.w3.org/2001/04/xmlenc#Element" 9
xmlns ="http://www.w3.org/2001/04/xmlenc#" > 10
< EncryptionMethod Algorithm ="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> 11
< KeyInfo xmlns ="http://www.w3.org/2000/09/xmldsig#" > 12
< EncryptedKey xmlns ="http://www.w3.org/2001/04/xmlenc#" > 13
< EncryptionMethod Algorithm ="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> 14
< KeyInfo xmlns ="http://www.w3.org/2000/09/xmldsig#" > 15
< KeyName > Rsa Key </ KeyName > 16
</ KeyInfo > 17
< CipherData > 18
< CipherValue > g2QFQqbHU1L6WUPYqjADqFAvHcdq/7dqCd1U9GlQFEi/nHDVHjqsWvjNywOZtQQg7Q/yW7g8xlRCo0h2+yYd/tQTNoVMu/RKdJmSjZMnmnwpWq+S2VEWK4U106JQwLCfBR/bAF4DHvG47B9KB0JbRfXBt5V2wJVaAI9u3kzuj50= </ CipherValue > 19
</ CipherData > 20
</ EncryptedKey > 21
</ KeyInfo > 22
< CipherData > 23
< CipherValue > blwV/ZW1izFZL80YL5RkcjrIjWkQ0L1gJhgZbxEzzTgOcT24ihrAnv3/rDCG+WIZ7TL5D/rMm7dQwkIsij1Sh3befg6F3+pxcW4oe1w/bovIKuzjs3tokUpBvTTj+fsCs2W/MWUhQaWMKQWkHfS2Ajt6gL6MTYtb3pfQUp0pdHbeRxoqdiAksQ1Zzsi1FtRTi7gTT7hnpF0pJs+W9mxTVDMO/qSZXfXLOEMIs/A5ExcfvR5GjpaPuDeLuSsCN3XtjaiXzaDQ3It7j+r66+L2C0xvEhbT9SsG </ CipherValue > 24
</ CipherData > 25
</ EncryptedData > 26
</ connectionStrings > 27
</ configuration >由此可见,我们已经完成了任务,现在只需要将Web.config文件名改回App.config即可,在应用程序项目中无需对该文件进行解密操作,.NET框架会自动替我们完成,如果想解密该文件也很简单,在SDK命令提示里输入aspnet_regiis -pdf "配置节" "目录"即可。
转载于:https://www.cnblogs.com/Jinjian/archive/2006/09/06/496009.html