配置选项
| -pdf section webApplicationDirectory | 对指定物理(非虚拟)目录中的 Web.config 文件的指定配置节进行解密。 |
| -pef section webApplicationDirectory | 对指定物理(非虚拟)目录中的 Web.config 文件的指定配置节进行加密。 |
-pdf 和-pef 参数是对指定的物理目录里的Web.config文件进行加密,我们可以先将App.config文件改名为Web.config,通过这两个参数便可以“骗”过系统,让它将指定的配置节进行加密,我们只需要将加密后的文件名改回App.config即可,我们来实验一下:
第一步:先将目录下的App.config改名为Web.config。
第二步:打开SDK命令提示,输入命令:aspnet_regiis -pef "配置节" "目录",以我的项目为例,加密前的config文件内容如下:
1
<?
xml version="1.0" encoding="utf-8"
?>
2
<
configuration
>
3
<
configSections
>
4
<
section
name
="dataConfiguration"
type
="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null"
/>
5
</
configSections
>
6
<
dataConfiguration
defaultDatabase
="Connection String"
/>
7
<
connectionStrings
>
8
<
add
name
="Connection String"
connectionString
="Database=LocomotiveStat;Server=10.167.61.49;User ID=sa;Password=sa;"
9 providerName
="System.Data.SqlClient"
/>
10
</
connectionStrings
>
11
</
configuration
>
<?
xml version="1.0" encoding="utf-8"
?>
2
<
configuration
>
3
<
configSections
>
4
<
section
name
="dataConfiguration"
type
="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null"
/>
5
</
configSections
>
6
<
dataConfiguration
defaultDatabase
="Connection String"
/>
7
<
connectionStrings
>
8
<
add
name
="Connection String"
connectionString
="Database=LocomotiveStat;Server=10.167.61.49;User ID=sa;Password=sa;"
9
providerName
="System.Data.SqlClient"
/>
10
</
connectionStrings
>
11
</
configuration
>
输入命令:aspnet_regiis -pef "connectionStrings" "E:\开发目录",加密后的config文件内容如下:
1
<?
xml version="1.0" encoding="utf-8"
?>
2
<
configuration
>
3
<
configSections
>
4
<
section
name
="dataConfiguration"
type
="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null"
/>
5
</
configSections
>
6
<
dataConfiguration
defaultDatabase
="Connection String"
/>
7
<
connectionStrings
configProtectionProvider
="RsaProtectedConfigurationProvider"
>
8
<
EncryptedData
Type
="http://www.w3.org/2001/04/xmlenc#Element"
9 xmlns
="http://www.w3.org/2001/04/xmlenc#"
>
10
<
EncryptionMethod
Algorithm
="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
11
<
KeyInfo
xmlns
="http://www.w3.org/2000/09/xmldsig#"
>
12
<
EncryptedKey
xmlns
="http://www.w3.org/2001/04/xmlenc#"
>
13
<
EncryptionMethod
Algorithm
="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
/>
14
<
KeyInfo
xmlns
="http://www.w3.org/2000/09/xmldsig#"
>
15
<
KeyName
>
Rsa Key
</
KeyName
>
16
</
KeyInfo
>
17
<
CipherData
>
18
<
CipherValue
>
g2QFQqbHU1L6WUPYqjADqFAvHcdq/7dqCd1U9GlQFEi/nHDVHjqsWvjNywOZtQQg7Q/yW7g8xlRCo0h2+yYd/tQTNoVMu/RKdJmSjZMnmnwpWq+S2VEWK4U106JQwLCfBR/bAF4DHvG47B9KB0JbRfXBt5V2wJVaAI9u3kzuj50=
</
CipherValue
>
19
</
CipherData
>
20
</
EncryptedKey
>
21
</
KeyInfo
>
22
<
CipherData
>
23
<
CipherValue
>
blwV/ZW1izFZL80YL5RkcjrIjWkQ0L1gJhgZbxEzzTgOcT24ihrAnv3/rDCG+WIZ7TL5D/rMm7dQwkIsij1Sh3befg6F3+pxcW4oe1w/bovIKuzjs3tokUpBvTTj+fsCs2W/MWUhQaWMKQWkHfS2Ajt6gL6MTYtb3pfQUp0pdHbeRxoqdiAksQ1Zzsi1FtRTi7gTT7hnpF0pJs+W9mxTVDMO/qSZXfXLOEMIs/A5ExcfvR5GjpaPuDeLuSsCN3XtjaiXzaDQ3It7j+r66+L2C0xvEhbT9SsG
</
CipherValue
>
24
</
CipherData
>
25
</
EncryptedData
>
26
</
connectionStrings
>
27
</
configuration
>
<?
xml version="1.0" encoding="utf-8"
?>
2
<
configuration
>
3
<
configSections
>
4
<
section
name
="dataConfiguration"
type
="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null"
/>
5
</
configSections
>
6
<
dataConfiguration
defaultDatabase
="Connection String"
/>
7
<
connectionStrings
configProtectionProvider
="RsaProtectedConfigurationProvider"
>
8
<
EncryptedData
Type
="http://www.w3.org/2001/04/xmlenc#Element"
9
xmlns
="http://www.w3.org/2001/04/xmlenc#"
>
10
<
EncryptionMethod
Algorithm
="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
11
<
KeyInfo
xmlns
="http://www.w3.org/2000/09/xmldsig#"
>
12
<
EncryptedKey
xmlns
="http://www.w3.org/2001/04/xmlenc#"
>
13
<
EncryptionMethod
Algorithm
="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
/>
14
<
KeyInfo
xmlns
="http://www.w3.org/2000/09/xmldsig#"
>
15
<
KeyName
>
Rsa Key
</
KeyName
>
16
</
KeyInfo
>
17
<
CipherData
>
18
<
CipherValue
>
g2QFQqbHU1L6WUPYqjADqFAvHcdq/7dqCd1U9GlQFEi/nHDVHjqsWvjNywOZtQQg7Q/yW7g8xlRCo0h2+yYd/tQTNoVMu/RKdJmSjZMnmnwpWq+S2VEWK4U106JQwLCfBR/bAF4DHvG47B9KB0JbRfXBt5V2wJVaAI9u3kzuj50=
</
CipherValue
>
19
</
CipherData
>
20
</
EncryptedKey
>
21
</
KeyInfo
>
22
<
CipherData
>
23
<
CipherValue
>
blwV/ZW1izFZL80YL5RkcjrIjWkQ0L1gJhgZbxEzzTgOcT24ihrAnv3/rDCG+WIZ7TL5D/rMm7dQwkIsij1Sh3befg6F3+pxcW4oe1w/bovIKuzjs3tokUpBvTTj+fsCs2W/MWUhQaWMKQWkHfS2Ajt6gL6MTYtb3pfQUp0pdHbeRxoqdiAksQ1Zzsi1FtRTi7gTT7hnpF0pJs+W9mxTVDMO/qSZXfXLOEMIs/A5ExcfvR5GjpaPuDeLuSsCN3XtjaiXzaDQ3It7j+r66+L2C0xvEhbT9SsG
</
CipherValue
>
24
</
CipherData
>
25
</
EncryptedData
>
26
</
connectionStrings
>
27
</
configuration
>
由此可见,我们已经完成了任务,现在只需要将Web.config文件名改回App.config即可,在应用程序项目中无需对该文件进行解密操作,.NET框架会自动替我们完成,如果想解密该文件也很简单,在SDK命令提示里输入aspnet_regiis -pdf "配置节" "目录"即可。