问题
I read and tested a lot to find the best practice to encrypt and deploy an app.config to different machines. In general, I would like to secure the content of the connection string from third parties and deploy the application to different machines. I will not configure each machine manually.
I know there are several ways like:
Aspnet_Regiis (RSAProtectedConfigurationProvider, DPAPIProtectedConfigurationProvider) bound to a machine, user or custom. RSA encryption key.
System.Security.Cryptography.ProtectedDatabound to a machine or user.Encrypt the
app.configat the first execution. Which is not secure.
What do you recommend or what is the best practice to encrypt an app.config and provide the application to different machines by a setup or with copy&paste?
回答1:
Step 1 Create an RSA keypair
aspnet_regiis -pc yourkey -exp
Step2 Export you key in XML file
aspnet_regiis -px yourkey keyfile.xml -pri
for each machines
Step3 Import your container
aspnet_regiis -pi yourkey keyfile.xml (see step 2)
for each machines
Step4 Edit machine.config (canonical path C:\Windows\Microsoft.NET\Framework[64|32]\v[Version]\Config)
add in section configProtectedData this below element and set defaultProvider="YourProvider"
<add name="YourProvider"
type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
description="Uses RsaCryptoServiceProvider to encrypt and decrypt for my infrastucture"
keyContainerName="yourkey"
cspProviderName=""
useMachineContainer="true"
useOAEP="false" />
Then you can encrypt in a machine and paste in other, remember that must give privileges to users with
aspnet_regiis -pa yourkey [DOMAIN\USER]
The administrators group is already authorized.
For more info http://msdn.microsoft.com/en-us/library/yxw286t2(v=vs.90).aspx
of course this steps you can put in a powershell/batch file
Another way for encrypt a connectionStrings section by code is
var connectionStrings = ConfigurationManager.GetSection("connectionStrings")
if(!section.SectionInformation.IsProtected)
connectionStrings.SectionInformation.ProtectSection("YourProvider");
In a connected and client/server scenario I propose you a solution that I have adopted in a wide network is of not distribute connection string in app.config but of require the connection's information at a service that can be an web service or a RESTful service after the user authentication.
In step more o less is thus
- Authenticate user
- Require connection info at service with username as parameter (HTTPS protocol)
- a service return connection string
- App it connect at DB
With this solution you can choose which server the user connects if you have regional server or more server
I hope be helpful
回答2:
As I already mention in the question, there are many different ways to encrypt a configuration file. For a widely perspective I would like to describe an additional opportunity. I will not describe the concrete implementation, more the concept.
With a custom action in a msi installer you can encrypt the configuration file directly with the Windows Data Protection API (DPAPI). To secure the second entropy you can use an obfuscator. As a result, only the application is able to encrypt the configuration file.
Advantage
- Quite secure.
- No machine configuration is necessary.
- Insert the credential during the setup.
Disadvantage
- The configuration file is not encrypted in the setup. You have to protect it (permissions).
Please feel free to discuss and give some feedback to this answer.
来源:https://stackoverflow.com/questions/26294226/encrypt-and-deploy-app-config