如何在 web.config 中为 .NET 4.5 框架添加密钥保护?

huangapple go评论58阅读模式
英文:

How can I add key protection in web.config for .NET 4.5 framework

问题

我想在web.config文件(针对.NET Framework 4.5)中添加保护密钥,就像我们在Web API中添加API密钥一样。我该如何操作?

我应该使用以下密钥类型吗?

<machineKey validationKey="..." decryption="3DES" 
            compatibilityMode="Framework20SP2" decryptionKey="..." 
            validation="3DES" />

提前感谢。

英文:

I want to add protection key in web.config file (for .NET framework 4.5) as we add api key in web api. How can I go about this?

Should I use following key type:

&lt;machineKey validationKey=&quot;...&quot; decryption=&quot;3DES&quot; 
            compatibilityMode=&quot;Framework20SP2&quot; decryptionKey=&quot;...&quot; 
            validation=&quot;3DES&quot; /&gt;

Thanks in advance

答案1

得分: 1

这里我分享一个使用protectedData类的示例:

using System.Configuration;
using System.Security.Cryptography;
using System.Text;

// 使用ProtectedData类加密字符串
private static byte[] ProtectString(string text)
{
    byte[] textBytes = Encoding.Unicode.GetBytes(text);
    return ProtectedData.Protect(textBytes, null, DataProtectionScope.LocalMachine);
}

// 使用ProtectedData类解密字节数组
private static string UnprotectBytes(byte[] encryptedBytes)
{
    byte[] unprotectedBytes = ProtectedData.Unprotect(encryptedBytes, null, DataProtectionScope.LocalMachine);
    return Encoding.Unicode.GetString(unprotectedBytes);
}

// 将受保护的密钥存储在web.config文件中
private static void StoreProtectedKey(string key)
{
    byte[] protectedBytes = ProtectString(key);
    string base64String = Convert.ToBase64String(protectedBytes);

    Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
    config.AppSettings.Settings["ApiKey"].Value = base64String;
    config.Save(ConfigurationSaveMode.Modified);
    ConfigurationManager.RefreshSection("appSettings");
}

// 从web.config文件中检索受保护的密钥
private static string RetrieveProtectedKey()
{
    string base64String = ConfigurationManager.AppSettings["ApiKey"];
    byte[] protectedBytes = Convert.FromBase64String(base64String);
    return UnprotectBytes(protectedBytes);
}

要存储受保护的密钥,您可以调用StoreProtectedKey方法,传递要保护的密钥:

string apiKey = "your_api_key_here";
StoreProtectedKey(apiKey);

该方法将使用ProtectedData类加密密钥,并将加密后的值存储在web.config文件中。

要检索受保护的密钥,您可以调用RetrieveProtectedKey方法:

string apiKey = RetrieveProtectedKey();

该方法将从web.config文件中检索加密的密钥,使用ProtectedData类解密它,并返回原始密钥。

请记住处理异常,保护web.config文件,并应用适当的访问控制以保护加密密钥。

英文:

Here I share you an example with protectedData class:

using System.Configuration;
using System.Security.Cryptography;
using System.Text;

// Encrypts a string using the ProtectedData class
private static byte[] ProtectString(string text)
{
    byte[] textBytes = Encoding.Unicode.GetBytes(text);
    return ProtectedData.Protect(textBytes, null, DataProtectionScope.LocalMachine);
}

// Decrypts a byte array using the ProtectedData class
private static string UnprotectBytes(byte[] encryptedBytes)
{
    byte[] unprotectedBytes = ProtectedData.Unprotect(encryptedBytes, null, DataProtectionScope.LocalMachine);
    return Encoding.Unicode.GetString(unprotectedBytes);
}

// Store the protected key in the web.config file
private static void StoreProtectedKey(string key)
{
    byte[] protectedBytes = ProtectString(key);
    string base64String = Convert.ToBase64String(protectedBytes);

    Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
    config.AppSettings.Settings[&quot;ApiKey&quot;].Value = base64String;
    config.Save(ConfigurationSaveMode.Modified);
    ConfigurationManager.RefreshSection(&quot;appSettings&quot;);
}

// Retrieve the protected key from the web.config file
private static string RetrieveProtectedKey()
{
    string base64String = ConfigurationManager.AppSettings[&quot;ApiKey&quot;];
    byte[] protectedBytes = Convert.FromBase64String(base64String);
    return UnprotectBytes(protectedBytes);
}

To store the protected key, you can call the StoreProtectedKey method, passing in the key you want to protect:

string apiKey = &quot;your_api_key_here&quot;;
StoreProtectedKey(apiKey);

This method will encrypt the key using the ProtectedData class and store the encrypted value in the web.config file.

To retrieve the protected key, you can call the RetrieveProtectedKey method:

string apiKey = RetrieveProtectedKey();

This method will retrieve the encrypted key from the web.config file, decrypt it using the ProtectedData class, and return the original key.

Remember to handle exceptions, secure the web.config file, and apply appropriate access controls to protect the encryption keys.

huangapple
  • 本文由 发表于 2023年7月17日 12:57:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/76701589.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定