RsaProtectedConfigurationProvider Classe

Definição

Fornece uma instância ProtectedConfigurationProvider que usa criptografia RSA para criptografar e descriptografar dados de configuração.Provides a ProtectedConfigurationProvider instance that uses RSA encryption to encrypt and decrypt configuration data.

public ref class RsaProtectedConfigurationProvider sealed : System::Configuration::ProtectedConfigurationProvider
public sealed class RsaProtectedConfigurationProvider : System.Configuration.ProtectedConfigurationProvider
type RsaProtectedConfigurationProvider = class
    inherit ProtectedConfigurationProvider
Public NotInheritable Class RsaProtectedConfigurationProvider
Inherits ProtectedConfigurationProvider
Herança
RsaProtectedConfigurationProvider

Exemplos

O exemplo a seguir mostra como usar o RsaProtectedConfigurationProvider padrão para proteger ou desproteger uma seção de configuração.The following example shows how to use the standard RsaProtectedConfigurationProvider to protect or unprotect a configuration section.

using System;
using System.Configuration;

public class UsingRsaProtectedConfigurationProvider
{

    // Protect the connectionStrings section.
    private static void ProtectConfiguration()
    {

        // Get the application configuration file.
        System.Configuration.Configuration config =
                ConfigurationManager.OpenExeConfiguration(
                ConfigurationUserLevel.None);

        // Define the Rsa provider name.
        string provider =
            "RsaProtectedConfigurationProvider";

        // Get the section to protect.
        ConfigurationSection connStrings =
            config.ConnectionStrings;

        if (connStrings != null)
        {
            if (!connStrings.SectionInformation.IsProtected)
            {
                if (!connStrings.ElementInformation.IsLocked)
                {
                    // Protect the section.
                    connStrings.SectionInformation.ProtectSection(provider);

                    connStrings.SectionInformation.ForceSave = true;
                    config.Save(ConfigurationSaveMode.Full);

                    Console.WriteLine("Section {0} is now protected by {1}",
                        connStrings.SectionInformation.Name,
                        connStrings.SectionInformation.ProtectionProvider.Name);
                }
                else
                    Console.WriteLine(
                         "Can't protect, section {0} is locked",
                         connStrings.SectionInformation.Name);
            }
            else
                Console.WriteLine(
                    "Section {0} is already protected by {1}",
                    connStrings.SectionInformation.Name,
                    connStrings.SectionInformation.ProtectionProvider.Name);
        }
        else
            Console.WriteLine("Can't get the section {0}",
                connStrings.SectionInformation.Name);
    }

    // Unprotect the connectionStrings section.
    private static void UnProtectConfiguration()
    {

        // Get the application configuration file.
        System.Configuration.Configuration config =
                ConfigurationManager.OpenExeConfiguration(
                ConfigurationUserLevel.None);

        // Get the section to unprotect.
        ConfigurationSection connStrings =
            config.ConnectionStrings;

        if (connStrings != null)
        {
            if (connStrings.SectionInformation.IsProtected)
            {
                if (!connStrings.ElementInformation.IsLocked)
                {
                    // Unprotect the section.
                    connStrings.SectionInformation.UnprotectSection();

                    connStrings.SectionInformation.ForceSave = true;
                    config.Save(ConfigurationSaveMode.Full);

                    Console.WriteLine("Section {0} is now unprotected.",
                        connStrings.SectionInformation.Name);
                }
                else
                    Console.WriteLine(
                         "Can't unprotect, section {0} is locked",
                         connStrings.SectionInformation.Name);
            }
            else
                Console.WriteLine(
                    "Section {0} is already unprotected.",
                    connStrings.SectionInformation.Name);
        }
        else
            Console.WriteLine("Can't get the section {0}",
                connStrings.SectionInformation.Name);
    }

    public static void Main(string[] args)
    {

        string selection = string.Empty;

        if (args.Length == 0)
        {
            Console.WriteLine(
                "Select protect or unprotect");
            return;
        }

        selection = args[0].ToLower();

        switch (selection)
        {
            case "protect":
                ProtectConfiguration();
                break;

            case "unprotect":
                UnProtectConfiguration();
                break;
 
            default:
                Console.WriteLine("Unknown selection");
                break;
        }

        Console.Read();
    }
}

Imports System.Configuration


Public Class UsingRsaProtectedConfigurationProvider
   
   
   ' Protect the connectionStrings section.
   Private Shared Sub ProtectConfiguration()
      
      ' Get the application configuration file.
        Dim config As System.Configuration.Configuration = _
        ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
      
      ' Define the Rsa provider name.
        Dim provider As String = _
        "RsaProtectedConfigurationProvider"
      
      ' Get the section to protect.
        Dim connStrings As ConfigurationSection = _
        config.ConnectionStrings
      
      If Not (connStrings Is Nothing) Then
         If Not connStrings.SectionInformation.IsProtected Then
            If Not connStrings.ElementInformation.IsLocked Then
                    ' Protect the section.

                    connStrings.SectionInformation.ProtectSection(provider)


                    connStrings.SectionInformation.ForceSave = True

                    config.Save(ConfigurationSaveMode.Full)

                    Console.WriteLine( _
                    "Section {0} is now protected by {1}", _
                    connStrings.SectionInformation.Name, _
                    connStrings.SectionInformation.ProtectionProvider.Name)

                Else
                    Console.WriteLine( _
                    "Can't protect, section {0} is locked", _
                    connStrings.SectionInformation.Name)
                End If
         Else
                Console.WriteLine( _
                "Section {0} is already protected by {1}", _
                connStrings.SectionInformation.Name, _
                connStrings.SectionInformation.ProtectionProvider.Name)
         End If
      
      Else
            Console.WriteLine( _
            "Can't get the section {0}", _
            connStrings.SectionInformation.Name)
      End If
   End Sub
    
   
   
   ' Unprotect the connectionStrings section.
   Private Shared Sub UnProtectConfiguration()
      
      ' Get the application configuration file.
        Dim config As System.Configuration.Configuration = _
        ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
      
      ' Get the section to unprotect.
        Dim connStrings As ConfigurationSection = _
        config.ConnectionStrings
      
      If Not (connStrings Is Nothing) Then
         If connStrings.SectionInformation.IsProtected Then
            If Not connStrings.ElementInformation.IsLocked Then
               ' Unprotect the section.
               connStrings.SectionInformation.UnprotectSection()
               
               connStrings.SectionInformation.ForceSave = True
               config.Save(ConfigurationSaveMode.Full)
               
                    Console.WriteLine( _
                    "Section {0} is now unprotected.", _
                    connStrings.SectionInformation.Name)
            
            Else
                    Console.WriteLine( _
                    "Can't unprotect, section {0} is locked", _
                    connStrings.SectionInformation.Name)
            End If
         Else
                Console.WriteLine( _
                "Section {0} is already unprotected.", _
                connStrings.SectionInformation.Name)
         End If
      
      Else
            Console.WriteLine( _
            "Can't get the section {0}", _
            connStrings.SectionInformation.Name)
      End If
   End Sub
   
   
   
    Public Shared Sub Main(ByVal args() As String)

        Dim selection As String = String.Empty

        If args.Length = 0 Then
            Console.WriteLine( _
            "Select protect or unprotect")
            Return
        End If

        selection = args(0).ToLower()

        Select Case selection
            Case "protect"
                ProtectConfiguration()

            Case "unprotect"
                UnProtectConfiguration()

            Case Else
                Console.WriteLine( _
                "Unknown selection")
        End Select

        Console.Read()
    End Sub

End Class

O exemplo a seguir mostra um trecho de um arquivo de configuração após a criptografia.The following example shows an excerpt from a configuration file after encryption.

<?xml version="1.0" encoding="utf-8"?>  
<configuration>  
  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">  
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"  
        xmlns="http://www.w3.org/2001/04/xmlenc#">  
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />  
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">  
        <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">  
          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />  
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">  
            <KeyName>Rsa Key</KeyName>  
          </KeyInfo>  
          <CipherData>  
            <CipherValue>B702tRDVHJjC3CYXt7I0ucCDjdht/Vyk/DdUhwQyt7vepSD85dwCP8ox9Y1BUdjajFeTFfFBsGypbli5HPGRYamQdrVkPo07bBBXNT5H02qxREguGUU4iDtV1Xp8BLVZjQMV4ZgP6Wbctw2xRvPC7GvKHLI4fUN/Je5LmutsijA=</CipherValue>  
          </CipherData>  
        </EncryptedKey>  
      </KeyInfo>  
      <CipherData>  
        <CipherValue>ME+XJA2TAj3QN3yT4pJq3sRArC0i7Cz3Da71BkaRe9QNfuVuUjcv0jeGUN4wDdOAZ7LPq6UpVrpirY3kQcALDvPJ5nKxk++Mw75rjtIO8eh2goTY9rCK6zanfzaDshFy7IqItpvs/y2kmij25nM3ury6uO0hCf0UbEL1mbT2jXDqvcrHZUobO1Ef6bygBZ/8HpU+VfF9CTCob/BBE9zUkK37EQhcduwsnzBvDblYbF/Rd+F4lxAkZnecGLfCZjOzJB4xH1a0vvWtPR7zNwL/7I0uHzQjyMdWrkBnotMjoR70R7NELBotCogWO0MBimncKigdR3dTTdrCd72a7UJ4LMlEQaZXGIJp4PIg6qVDHII=</CipherValue>  
      </CipherData>  
    </EncryptedData>  
  </connectionStrings>  
</configuration>  

Comentários

A classe RsaProtectedConfigurationProvider fornece uma maneira de criptografar informações confidenciais armazenadas em um arquivo de configuração, o que ajuda a protegê-lo contra o acesso não autorizado.The RsaProtectedConfigurationProvider class gives you a way to encrypt sensitive information stored in a configuration file, which helps protect it from unauthorized access. Você usa a instância de RsaProtectedConfigurationProvider interna declarando o provedor e fazendo as configurações apropriadas no arquivo de configuração em vez de criar uma instância dessa classe, conforme mostrado na seção de exemplos.You use the built-in RsaProtectedConfigurationProvider instance by declaring the provider and making appropriate settings in the configuration file instead of creating an instance of this class, as shown in the Examples section.

O objeto RsaProtectedConfigurationProvider usa as funções de criptografia fornecidas pela classe RSA para criptografar e descriptografar seções de configuração.The RsaProtectedConfigurationProvider object uses the cryptography functions provided by RSA class to encrypt and decrypt configuration sections.

Observação

Antes que o ASP.NET possa descriptografar informações criptografadas no arquivo de configuração, a identidade do aplicativo ASP.NET deve ter acesso de leitura à chave de criptografia usada para criptografar e descriptografar os dados de configuração.Before ASP.NET can decrypt encrypted information in your configuration file, the identity of your ASP.NET application must have read access to the encryption key used to encrypt and decrypt the configuration data. Para obter mais informações, consulte Walkthrough: Criptografando informações de configuração usando a configuração protegida.For more information, see Walkthrough: Encrypting Configuration Information Using Protected Configuration.

Construtores

RsaProtectedConfigurationProvider()

Inicia uma nova instância da classe RsaProtectedConfigurationProvider.Initializes a new instance of the RsaProtectedConfigurationProvider class.

Propriedades

CspProviderName

Obtém o nome do CSP (provedor de serviço criptográfico) da crypto API (API de criptografia do Windows).Gets the name of the Windows cryptography API (crypto API) cryptographic service provider (CSP).

Description

Obtém uma breve descrição amigável adequada para exibição em ferramentas administrativas ou outras IUs (interfaces do usuário).Gets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs).

(Herdado de ProviderBase)
KeyContainerName

Obtém o nome do contêiner de chave.Gets the name of the key container.

Name

Obtém o nome amigável usado para referir-se ao provedor durante a configuração.Gets the friendly name used to refer to the provider during configuration.

(Herdado de ProviderBase)
RsaPublicKey

Obtém a chave pública usada pelo provedor.Gets the public key used by the provider.

UseFIPS

Obtém um valor que indica se o provedor usa FIPS.Gets a value indicating whether the provider uses FIPS.

UseMachineContainer

Obtém um valor que indica se o objeto RsaProtectedConfigurationProvider está usando o contêiner de chave do computador.Gets a value that indicates whether the RsaProtectedConfigurationProvider object is using the machine key container.

UseOAEP

Obtém um valor que indica se o provedor está usando dados de troca de chaves OAEP (Preenchimento de Criptografia Assimétrica Ideal).Gets a value that indicates whether the provider is using Optimal Asymmetric Encryption Padding (OAEP) key exchange data.

Métodos

AddKey(Int32, Boolean)

Adiciona uma chave ao contêiner de chave RSA.Adds a key to the RSA key container.

Decrypt(XmlNode)

Descriptografa o nó XML passado a ele.Decrypts the XML node passed to it.

DeleteKey()

Remove uma chave do contêiner de chave RSA.Removes a key from the RSA key container.

Encrypt(XmlNode)

Criptografa o nó XML passado a ele.Encrypts the XML node passed to it.

Equals(Object)

Determina se o objeto especificado é igual ao objeto atual.Determines whether the specified object is equal to the current object.

(Herdado de Object)
ExportKey(String, Boolean)

Exporta uma chave RSA do contêiner de chave.Exports an RSA key from the key container.

GetHashCode()

Serve como a função de hash padrão.Serves as the default hash function.

(Herdado de Object)
GetType()

Obtém o Type da instância atual.Gets the Type of the current instance.

(Herdado de Object)
ImportKey(String, Boolean)

Importa uma chave RSA para o contêiner de chave.Imports an RSA key into the key container.

Initialize(String, NameValueCollection)

Inicializa o provedor com configurações padrão.Initializes the provider with default settings.

MemberwiseClone()

Cria uma cópia superficial do Object atual.Creates a shallow copy of the current Object.

(Herdado de Object)
ToString()

Retorna uma cadeia de caracteres que representa o objeto atual.Returns a string that represents the current object.

(Herdado de Object)

Aplica-se a

Veja também