SoFunction
Updated on 2025-03-06

Detailed explanation of C# and encryption

Open cmd and enter the vs installation directory C:\Windows\\Framework64\v4.0.30319

cd C:\Windows\\Framework64\v4.0.30319

If so, just encrypt it directly. If so, change it to before you can encrypt it

aspnet_regiis -pef "node" "Project Path"

For example:

The database connection string that needs to be encrypted is

<connectionStrings>
 <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" />
 </connectionStrings>

The encryption command is

aspnet_regiis -pef "connectionStrings" "Catalog"

If encryption fails

Solution:

Create an exportable RSA key container named Key

aspnet_regiis -pc "Key" -exp

Add the attribute value xmlns of / configuration, that is, change it to

<configuration xmlns="/.NetConfiguration/v2.0">

Change the database connection string to the following:

 <configProtectedData> 
  <providers> 
   <clear /> 
   <add name="KeyProvider" type=", , Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/> 
  </providers> 
</configProtectedData> 
<connectionStrings> 
  <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName="" /> 
</connectionStrings>

Start encrypting the configuration file

aspnet_regiis -pef "connectionStrings" "Catalog" -prov "KeyProvider"

Note: vs will prompt whether to modify it, select all

Decrypt the configuration file

aspnet_regiis -pdf "connectionStrings" "Catalog"

If it is changed, change it after the encryption is successful and delete the configuration property xmlns value

Unencrypted/file content:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <startup> 
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
  </startup>
 <connectionStrings>
  <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456" />
 </connectionStrings>
</configuration>

Modify to encrypted /file content:

<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns="/.NetConfiguration/v2.0">
 <startup> 
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
  </startup>
 <configProtectedData> 
    <providers> 
      <clear /> 
      <add name="KeyProvider" type=", , Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/> 
    </providers> 
</configProtectedData> 
<connectionStrings> 
    <add name="connStr" connectionString="Data Source=.;Initial Catalog=testDB;User ID=sa;Password=123456;" providerName="" /> 
</connectionStrings>
</configuration>

Encrypted/file content:

<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns="/.NetConfiguration/v2.0">
 <startup> 
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
  </startup>
 <configProtectedData> 
    <providers> 
      <clear /> 
      <add name="KeyProvider" type=", , Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="Key" useMachineContainer="true"/> 
    </providers> 
</configProtectedData> 
<connectionStrings configProtectionProvider="KeyProvider">
 <EncryptedData Type="http:///2001/04/xmlenc#Element"
  xmlns="http:///2001/04/xmlenc#">
  <EncryptionMethod Algorithm="http:///2001/04/xmlenc#tripledes-cbc" />
  <KeyInfo xmlns="http:///2000/09/xmldsig#">
   <EncryptedKey xmlns="http:///2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http:///2001/04/xmlenc#rsa-1_5" />
    <KeyInfo xmlns="http:///2000/09/xmldsig#">
     <KeyName>Rsa Key</KeyName>
    </KeyInfo>
    <CipherData>
     <CipherValue>lSLu2RVnlfr5om5MpBuqyhBETF6dI/glZ3zlfOQvzj+l1YmsOcfGVC1LgrDFcPLEbF/r1IZZYVnQuesz3AeVUkpNCG2OfMWDeaPULtJ5Ay24SYnBR4FNtQQSf1pijelXRGE8pzH7s49RLsKWQuwVTyMrOUoIMcmD4xIPmN/cqpQ=</CipherValue>
    </CipherData>
   </EncryptedKey>
  </KeyInfo>
  <CipherData>
   <CipherValue>deXEhu/mqe+WkD51qXhi9jwBhEurU6EQXBQINOGOyDgpw/W4xTpi3DtTDcEzJXbaHvyKaXLfkPxxljce07ANtN7VXRfDov0Olsq/3+hkYqVXRI5A80XVkOKh2CQaVWx/GJC7JBbbRlKXJvS93M+OQWGKpW0twcZlL1ns97g5w8QstGN6vszAiZw1z6gKXlsrMf9224ExGq+dGJS9BSU+mxaKkd9EAVELMtWv2r7jIXsEneggDR49Mtdu91j1dsDj6am3NcaHmRQ=</CipherValue>
  </CipherData>
 </EncryptedData>
</connectionStrings>
</configuration>

Export key container

spnet_regiis -px "Key" "d:\"

Note: Adding the -pri parameter is the export public key + private key

Import key container

aspnet_regiis -pi "Key" "d:\"

Delete the key container

aspnet_regiis -pz "Key"

Note: Deleting the key program will report an error