数据库连接字符串加密解密

攻城湿你是第2563个围观者 0条评论供稿者：zhaorong 标签：Asp.net, Web, 加密, 数据库, 解密

旧版本的ASP.NET将连接字符串直接保存在ASPX页面中。回想一下，连接字符串包含了数据服务器名称和用户账户等信息，有时候甚至还包含了密码。在代码中包含以上信息是非常不好的习惯，原因有二。首先，这些信息可以被设计小组中的每一位程序人员看到(但是站点访问者不能在浏览器上看到)。第二，在整个Web站点中的每一个拥有该连接的地方，都必须进行维护和更新。更新密码成为了一项繁重的工作。

ASP.NET 2.0提供了一个选项可以将连接字符串移动至Web.config文件的连接区域，给字符串一个名称并将其加密。然后ASP.NET 2.0页面就通过这个名称来引用连接字符串。保存连接字符串至Web.config的步骤并不复杂。打开位于站点根目录下的Web.config文件。找到被界定的区域(如果不存在，可自行添加)并在标记中输入如下代码。该标记有三个属性：name、connectionString和providerName。属性name就是将会在页面中使用的连接字符串的普通名称。connectionString属性应当设置为连接至数据库的完整的连接字符串，如前所述。

一、加密：

明文如下：

<connectionstrings>
  <add name="SQLProfileConnString" connectionString="server=.;database=MSPetShop4Profile;user id=mspetshop;password=pass@word1;min pool size=4;max pool size=4;"
   providerName="System.Data.SqlClient"></add>
  <add name="SQLMembershipConnString" connectionString="server=.;database=MSPetShop4Services;user id=mspetshop;password=pass@word1;min pool size=4;max pool size=4;"
   providerName="System.Data.SqlClient"></add>
  <add name="SQLConnString1" connectionString="server=.;database=MSPetShop4;user id=mspetshop;password=pass@word1;min pool size=4;max pool size=4;"
   providerName="System.Data.SqlClient"></add>
  <add name="SQLConnString2" connectionString="server=.;database=MSPetShop4;user id=mspetshop;password=pass@word1;max pool size=4;min pool size=4;"
   providerName="System.Data.SqlClient"></add>
  <add name="SQLConnString3" connectionString="server=.;database=MSPetShop4Orders;user id=mspetshop;password=pass@word1;min pool size=4;max pool size=4;"
   providerName="System.Data.SqlClient"></add>
  <add name="OraProfileConnString" connectionString="" providerName="System.Data.OracleClient"></add>
  <add name="OraMembershipConnString" connectionString="" providerName="System.Data.OracleClient"></add>
  <add name="OraConnString1" connectionString="" providerName="System.Data.OracleClient"></add>
  <add name="OraConnString2" connectionString="" providerName="System.Data.OracleClient"></add>
  <add name="OraConnString3" connectionString="" providerName="System.Data.OracleClient"></add>
 </connectionstrings>

操作命令：打开SDK命令提示， aspnet_regiis -pef “connectionStrings” d:\web 回车 //d:\web 为web.config的所在目录

加密后：

<connectionstrings configProtectionProvider="RsaProtectedConfigurationProvider">
        <encrypteddata Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
            <encryptionmethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></encryptionmethod>
            <keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <encryptedkey xmlns="http://www.w3.org/2001/04/xmlenc#">
                    <encryptionmethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></encryptionmethod>
                    <keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                        <keyname>Rsa Key</keyname>
                    </keyinfo>
                    <cipherdata>
                        <ciphervalue>t6Cms0y8Kh/t9SMwzwDsA3lVLzZZapOvRRy1iEt9YVUNRC0s49v5m4xz46SHmYqe0F9r2NIoRkrU84HgbKP+RZWEXej4ljG0vgNu0QY59mbU1ui/U+JXTNXujGlv22Am1NsJz83Od4eJVMHtvwdobCc1oG4AUq1NTmOIuI8YWFc=</ciphervalue>
                    </cipherdata>
                </encryptedkey>
            </keyinfo>
            <cipherdata>
                <ciphervalue>9AxWb33S36LspJJcLGE2Evb6oyasR3i1uoeOHCt9WPPaxXkogMclgXCt+u/LCrPsj7ApBQDi2V9rKycHh2aFUsbf0Trwuq+MS8eFShIzU5/RTAmJjMj0tWwTYYmZt0A7R3bA18uj0Kyb/aoK1ozW1Qu60WtKYpwjHbTRDjkHz/lEc/qej4IysbI2YjCSmF3NWghopssyx/5bUDc0ulvloq4bEic6JGPWI3e6MszZLLWgJRXkb0KMkjttMRr4+5eRCzWf9tAKSpNc5lOoPir1P1EcVHtGbkONH+5/KpsJncNwtjlOvRzIiJZaMjCG41QDqus6XGa73CIyrE09gO5bKqTdpstiexi5/TAwiQ3cC6lIcm6I1sSCWt//CkySiSA6DDknbhQirfKEbnRcrA+PScOLoOOSMwYI+pMzfdrdwwS1txIE84ZcixzJjMIpxSFzpnOC05CQmgohwIU/6p4avVu8i3pCpxPsh3Ayz+qJ7ZqW1TemymMBZI40ZF6EN3GPltE0iIGc10Rf6wCaVfG97WU/VezSL7oEwf9NFrqRs5JDqW2DhzvA3nLnlVIf7AY4KhzJZCrmW26xj90TGp3WEjzPkzUQitkeVtnpRKvd58NkS3T7ntgoIaddwxRcLft5WXRWqg3dlS6B74lr414JULkzh7omUCUZVtZbzBIX/bh8m8eGFWeU1zKL4c2QhZFvIRBBxl7IRziHqnG+X3QAs4AVAJLOcMm949Z8sWjPC8+jgaO00VXxNBsHcvHFlRw9M1j5/wk5mh1xZJtlpbG1nq7eWsHFfzqhdR3cjRupdgHdml/sexl9BjP1ABZd4a5jCJx7zL3aClnWCpwyocGKAyvBk8hzzHHBaX3/DtANU7iyf9hicEIDLFAsNnkA0sPt4B8J+Z+nU0cYzB6Yg33kCT9UmkJU0AjNoigj/Lns/kbLzmDRHIme60tlKcAbAefPR1JcL9ljl26UQmQ0HkI7c3yeMxspynmHa/dploTkUC5SYpN1mHg79lVLDtv/fVAoyTJx1+zababfkWNhj+F4GoT+YAabA5jFsUAGfUkGexrOmIoSYEuAF1YmZpejzwD5zA54DYuzhCLaIxlJzCCRsbcU5M7I8bttgwT37s95/HNLyda1nALDJ9Q7cVV7SxyJtA53kXzbqTMNhGbE04AyT+YO7tS0iQRih990IDfin7GzUFQZc9NCeh4afrOajX3cNMvShUHFCIqvoL0WO7hjjXCNejy17iCxbg2RBEUM8UqzD2Yip1L3PGSGr5yvX3mf+MFuI31Bg+r54cg72BPozoOKE9nIdOFYVm3OCiZ6e6kY+bCzVYfeTyDs9sZrsy7mX4GUNM0uSqZENphC3ppVIOsN1QRuO1RYd5ufv5YgHQk7wid+J+pLe8f+YScAE9+I9uSxWZNI080OppM7I1Zk/mMO+Epk3MmPnkKc0qh/6/GHQ2cUQCIGOBcVQda8kuPw1P/r0uKbJ2YWfm5ooJxPZqMHUFdfNt7MvORqbQdnFAURTGGRNB/h3bEQC8YTC5WtvvZvLQ3h7wJ0pNoeyV11yHyFnlDBaOIZ6ttvfvTOL4WHrWr2ry9aiO8sPcgeXQklV5KkarEPIer2d8UQrmi2szzRjXrMr8wckLisfoyp49ChVNORlNavuQbx1lK8JlCDhA3XHqToKP3St7Y3NbQmO0e/PZMdqjE5ZqEPMG3lZgpVKHaYvKn5kL5NWZXrusfxvm3Uho0sdVvaDtU/ri6H4n2aWilc6Np6oio88nTS11SVRqzqiKJK5kC+uKUVgoowOIgN2t09nWG0mZQDPZrLaS5drigxZOSMBLt1dCN6XL13t+7PgIkSI6BTR4ahx6zmQ4t6cSdRhGWY42PI5axH7fxY58H4+81BybZk2e0F94nfMyxd1ky1sJoX9maIRO5Lrd8hWDqGWhVdaLyD+hLt4nlXcj8g4ruulwEv0xRnbNvgXTUEFFPjwcs7efXy+s3xefkm090pVC+la2+QHEJrSh5lUbCYJcOVnMtVDH2SwqyZZa/V0kSQ9Jlr5SYdc7kB</ciphervalue>
            </cipherdata>
        </encrypteddata>
    </connectionstrings>

二、解密方法:

操作命令：打开SDK命令提示， aspnet_regiis -pdf “connectionStrings” d:\web 回车 //d:\web 为web.config的所在目录