byte [] Key = key.Key;
XmlNodeList nodeList = xmlDoc.SelectSingleNode (“Root”). ChildNodes;
cs.Write (decryptedByteArray, 0, decryptedByteArray.Length);
aspnet_regiis – px “CustomKeys” D: \ RSAkeys.xml-pri
(2): the current plan in the machine, and with the Enterprise Library configuration tool to encrypt files. ProtectedConfigurationProvider only choice
foreach (XmlNode xn in nodeList)
private void GetKEYAndIV (out byte [] Key, out byte [] IV)
so true!
/ / /
symmetric algorithm initialization vector
2011 年 07 月 03 日
Key = null;
Since it is key file with the local machine coherent plan, and that the natural meaning of the absolute path is not much (do not say do not mean). key file copied to the rest of frustration on the machine directly to the cause is the key file and use DPAPI ( Windows data protection) is encrypted. Use DPAPI to encrypt the data only in a specific intended use on the machine, another machine of course, to die! Because when you use an encrypted machine with the landing of the current plan to the intended machine users.
}
as follows:
}
}
(5) machine in the current plan, and with the Enterprise Library configuration tool to encrypt files. ProtectedConfigurationProvider only choice RsaProtectedConfigurationProvider.
prompting the following: aspnet_regiis.exe in C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0. next. My C drive is the installation path. Therefore, the use of DOS commands to pay attention to the road. (Possibly through the start menu -> All Programs -> Microsoft Visual Studio 2005 -> Visual Studio Tools -> Visual Studio 2005 command prompt, use aspnet_regiis command to open the cmd interface.)
Why is Enterprise Library 3.0 does not get your key file into a full copy of any plan may be able to use the machine for? David Hayden said such remarks: Enterprise Library development team to request the insurance firm to help make key file, so use DPAPI to encrypt the key file, DPAPI does not need to supply the key file may supply an encryption method, which often wonderful length of. hardness tester it “bad side” is that it is least in the (machine) or the current user (current) within the context of the machine. (The EntLib Team was required to help secure the key and hence used DPAPI to encrypt the key. DPAPI is great in that it is a way to provide encryption without requiring a key file. It is “bad” in that it is scoped to either the current user or machine.)
case “IV”:
intend to download all the solutions
aspnet_regiis-pc “CustomKeys”-exp
(1) encrypt web.config
is to say, limits the use DPAPI to encrypt the file copy of any premises we are in an encrypted file, but it is considered to be from the insurance nature of the case.
(1) with (2) may directly control machines in the current plan, (3) of the DOS command arrangements may be implemented by the program.
{
When you enter into a wrong command, the command will display help information. Another Tip: If using the command to copy the above method, we must carefully check the position of the underscore with spaces!
IV = null;
aspnet_regiis-pi “NetFrameworkConfigurationKey” D: \ RSAkeys.xml
RsaProtectedConfigurationProvider. The use of RSA encryption algorithm to encrypt the data with decryption.
decryptData = Encoding.UTF8.GetString (ms.ToArray ());
break;
default:
}
xmlDoc.Load (xmlInputStream);
}
(4) machine in the current plan, the machine.config (in C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0. \ CONF IG) in keyContainerName = “NetFrameworkConfigurationKey” we exchange for the newly created name: keyContainerName = “CustomKeys”.
# endregion}}
/ / / generate a symmetric algorithm initialization vector (IV with the Data Encryption Standard (DES) algorithm with a secret key (key)
}
RsaProtectedConfigurationProvider .
(if you can not find Visual Studio 2005 command prompt, then you do not install completely clear)
IV = Convert.FromBase64String (xn.InnerXml);
using (Stream xmlInputStream = Assembly. GetExecutingAssembly (). GetManifestResourc eStream (KEY_FILE))
break;
UnicodeEncoding converter = new UnicodeEncoding (); < br /> (1) machine in the current plan, create a new RSA key container, its name is: CustomKeys. (There is a user-level machine with the intended level, the following is intended to create a machine-level, under the name your request to take)
aspnet_regiis-pz “CustomKeys”
DESCryptoServiceProvider key = new DESCryptoServiceProvider ();
MemoryStream ms = new MemoryStream ();
DPAPIProtectedConfigurationProvider. With Windows Data Protection API (DPAPI) to encrypt data with the decryption.
/ / /
Data Encryption Standard (DES) algorithm with a secret key
full end!
(6) arranged on the intended machine, guided into the name “NetFrameworkConfigurationKey” The RSA key container.
XmlDocument xmlDoc = new XmlDocument ();
}
(2) asp.net2 .0 in the data protection
{
aspnet_regiis-pa “CustomKeys” “NT AUTHORITY \ NETWORK SERVICE”
{
byte [] IV = key.IV;
The outside world is good, the outside world is helpless
case “KEY”:
L7h6oi25zn4 =
title for the first standard solution plan:
( 2) machine in the current plan, visit the permissions granted to the account
switch (xn.Name)
cs.FlushFinalBlock ();
/ / Create a new DES key.
so Incidentally one thing: produce key documents in the course of a choice items, a user mode, one machine model. User mode is the landing to the intended machine users ability to use this key file, the machine mode of course, is only is this intended to machine Users may use this key file. For example, arrangements need to use the machine WebForms the WebSite model, as WinForms arrangements, can not confirm the plan if only one account on the machine you will use the software arrangement, or the use of the machine model it!
string KeyValue = Convert.ToBase64String (Key);
//———- method two end ———————- ——
(1): in the current plan machine, export the RSA key container (perhaps in the export file before the specified path.)
return decryptData;
When it comes to configuration file encryption, they are natural to mention two:
the way to delete the RSA key container command:
/ / / get the data encryption standard (DES) algorithm with a secret key symmetric algorithm with the initial initialization vector
above this text focus:
XML file is very simple:
aspnet_regiis-pi “NetFrameworkConfigurationKey” D: \ RSAkeys.xml
permission to visit the rest have Account should also be authorized.
(3) in the current plan machine, export the RSA key container (perhaps in the export file before the specified path.)
how to use Enterprise Library 3.0 Cryptography Application Block processing of the encryption article does not demonstrate how to use the configuration tool to encrypt the configuration area, nor guide shows how to export the file into the key, and important to address two titles: 1. we use the configuration tool to configure the encrypted area, (usually configProtectionProvider have two choices, One is RsaProtectedConfigurationProvider, one DataProtectionConfigurationProvider), the use of malformations in the machine, but if change to other machines, then configure the tool to open on the helpless. use RsaProtectedConfigurationProvider, and reported the following error: the failure to use the supply process “RsaProtectedConfigurationProvider” for solution confidential. 2. we use the Cryptography Application Block encrypted block, create a Symmetric Providers, and the use of the algorithm DESCryptoServiceProvider supply, this process produces a key file, but the rest of the copy machine key file is invalid (back to clarify the cause). Of course, we had the machine may be derived by the method of the key, and then guide the rest of the machine into the key file. Beijing legal translation company, however, that only solved the developers to make use of identical between the key file the title. on the arrangements to the client, is not because we are unlikely to install on the client Enterprise Library 3.0, let alone in the installation process, again to manually configure the key. (because it significantly increases the complexity of the installation program and the installation process, it is very likely not the professionals.) state clearly that the intended use of absolute path in protectedKeyFilename idea is not too do the same! Why? because the key file directly copied to the other choice on the machine when we key to the configuration file on each machine (including creating a new key or lead into the key, to be the best to save the key position on the road), we already know the board pays to do on the road, it is absolutely unnecessary to use the road! David Hayden In response to a friends for why not use the absolute path in said: I would have thought that relative paths would be fine, but I pulled this from the documentation within the section Managing and Distributing Keys which is pretty specific about the need for absolute paths …. The Cryptography Application Block stores each key in a separate file on the local computer …. he meant, said: It is true that I would have thought that the road would be absolutely wonderful, (in fact not the case), but I it from the document “Managing key files with the Phi-fat” part away, and proportionate in this section to clarify the need to understand to make use of the road … the use of block encryption key file for each machine in the local plan stored in a file belly Mi. (see the original http://www.codeplex.com/entlib/Thread / View.aspx? ThreadId = 9834) the above diluted into a large section of nonsense into a sentence: Since it is a key file with the local intend to drive coherent, and that the natural meaning of the absolute path is not much (do not say do not mean). key file copied to the rest of frustration on the machine directly to the cause is the key file and use DPAPI (Windows data protection) to encryption using the DPAPI to encrypt the data only in a specific plan to use machine, another machine of course, die! encryption because when you intend to use the current machine with the machine intended visit to the user information, so by the way that : Generate key file in the process there is a choice item, a user mode, one machine mode user mode is logged on to the intended machine users ability to use this key file, the machine mode of course, that only is this intended to drive on the user may use this key file. For example, arrangements WebForms the WebSite must use the machine model, as WinForms arrangement, if not sure intend to drive only one account to use your scheduled software, or use of the machine model it! for the first title of standard solutions like: If would like a configuration file (for example, web.config, App.config) intend to drive in a encrypted, the rest intend to use on both machines, we reached the goal. When it comes to the configuration file encryption, natural to mention they are two: DPAPIProtectedConfigurationProvider. With Windows Data Protection API (DPAPI) to encrypt data with the decryption. RsaProtectedConfigurationProvider. the use of RSA encryption algorithm to decrypt data encrypted with this program are two supply supply strong encryption of data; However, if the intend to plan multiple machines using the same encrypted configuration file, only use RsaProtectedConfigurationProvider. because the ability to export is used to encrypt the data encryption key, and plan on another machine on the lead into them. we use the configuration tools to configure encrypt the configuration file may specify a region which ProtectedConfigurationProvider. It is clear that in addressing this title, we only use RsaProtectedConfigurationProvider. because different intended machine is the RSA key container is not identical, so we need to plan from one machine Exporting an RSA key container, and then lead into the rest intend to drive on! because the guide into the way it is possible to use DOS commands to achieve, so the arrangement does not exist in the title! In addition, because the. NET Framework has a default RSA key container name “NetFrameworkConfigurationKey”, may see this in the machine.config file default parameters prompting the following: aspnet_regiis.exe in C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0. next. C drive is the installation path. Therefore, the use of DOS commands to pay attention to the road (perhaps through the start menu -> All Programs -> Microsoft Visual Studio 2005 -> Visual Studio Tools -> Visual Studio 2005 command prompt, use aspnet_regiis command to open the cmd interface.) as follows: (1 ) machine in the current plan, Yuesao Export RSA key container (perhaps in the export file before the specified path.) aspnet_regiis-px “NetFrameworkConfigurationKey” D: \ RSAkeys.xml-pri (2) machine in the current plan, and with the Enterprise Library tools encrypt the configuration file. ProtectedConfigurationProvider only choice RsaProtectedConfigurationProvider. (3) the arrangements intended machine, guided into the name “NetFrameworkConfigurationKey” The RSA key container. aspnet_regiis-pi “NetFrameworkConfigurationKey” D: \ RSAkeys.xml (1) with (2 ) may directly control machines in the current plan, (3) of the DOS command arrangements may be implemented by the program. so true! reminder: There may be steps (1), the export fails, it can not use-pri this parameter, and This parameter is used to decrypt the information derived! if not it, the rest of the machine can only encrypt the new stuff. then the solution is as follows: (1) machine in the current plan, create a new RSA key container, its name is: CustomKeys. (There is a user-level with the intention to machine level, the following method is to create a plan machine level, the name according to your request taking) aspnet_regiis-pc “CustomKeys”-exp (2) in the current plan machine, the account is granted visiting privileges aspnet_regiis-pa “CustomKeys” “NT AUTHORITY \ NETWORK SERVICE” account, the rest have permission to visit should also be authorized. (3) in the current plan machine, export the RSA key container (perhaps before the designated roads in the export file.) aspnet_regiis-px “CustomKeys” D: \ RSAkeys.xml-pri (4) machine in the current plan, the machine.config (in C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0. \ CONF IG) in keyContainerName = “NetFrameworkConfigurationKey” exchange to let the newly created name: keyContainerName = “CustomKeys”. (5) in the current plan machine, with the corporate database tools encrypt the configuration file. ProtectedConfigurationProvider only choice RsaProtectedConfigurationProvider. (6) in the arrangement of the intended machine, leading into the called “NetFrameworkConfigurationKey” The RSA key container. aspnet_regiis-pi “NetFrameworkConfigurationKey” D: \ RSAkeys.xml the way to delete the RSA key container command: aspnet_regiis-pz “CustomKeys” When you enter into a wrong command, will command displays help information. Another Tip: If using the command to copy the above method, we must carefully check the position of the underscore with spaces! for a second title, two solutions proposed plan: a plan: As mentioned earlier, may key file using the pilot out, and then guided into the key file to resolve, between developers only need to solve, we do not meet the practical arrangements required! sand table simulation, of course, if you are happy to arrange the installation of Enterprise Library 3.0 on the machine , and then use it to encrypt the new configuration file, the length often simple below the practical arrangements required to meet proposed solutions and since may Enterprise Library 3.0 by the manual method may lead in the arrangement of the machine into the key file, which is also a symbol we may programming approach to the arrangements through the guide into the key file on the machine because the hand to go through the guide into the program to achieve. So, this part of the code where to find it? Enterprise Library 3.0 is not supply the source code of the thing, and contains configuration tools for source code in C: \ EntLib3Src \ App Blocks directory (I install directory) intends to file documents under EnterpriseLibrary solution, is this stuff, we may find some clues from the inside here an example arrangement only for symmetricCryptoProviders key file! A The new key file arranged as follows: (1) Create a new key file. / / – generate a new key file byte [] key = KeyManager.GenerateSymmetricKey (typeof (DESCryptoSe rviceProvider)); byte [] encryptedKey = ProtectedData . Protect (key, null, DataProtectionScope.CurrentUser); Stream fs = null; try {fs = new FileStream (keyFilePath, FileMode.Create); KeyManager.Write (fs, encryptedKey, DataProtectionScope.CurrentUser); fs.Flush (); } finally {if (fs! = null) fs.Close ();} (2) modify the configuration file key file path. is that protectedKeyFilename attribute. / / / / / / modify the configuration file in key road, is protectedKeyFilename property values ??/ / / / / /
custom key file path private void ModifProtectedKeyFilename (string keyFilePath) {/ / read Configuration config from the set of nodes = ConfigurationManager.OpenExeConfiguration (Configur ationUserLevel.None); if (config.HasFile) {ConfigurationSection configurationSection = config.Sections ["securityCryptographyConfiguration"]; CryptographySettings cryptographySettings = configurationSection as CryptographySettings; NameTypeConfigurationElementCollection elementCollection = cryptographySettings.SymmetricCryptoProviders; SymmetricProviderData symmetricProviderData = elementCollection.Get (“DESCryptoServiceProvider”); symmetricProviderData.ElementInformation.Propertie s ["protectedKeyFilename"]. Value = keyFilePath; config.Save (ConfigurationSaveMode.Minimal);}} However, one may ask, with a key derived possible to restore files when developing key file? true to create a new key file approach may solve the arrangements for the title, but wanted to use through the development of programming methods to restore the key file when, for example, lying on the recognition that the death of winter grounds, because In the arrangement, I have some data encrypted using this key! of course, possible to initialize so the data was encrypted on the arrangements!:) So open up a joke! Just want to look at a broad idea! Enter into the question: Second, to restore the key file as follows: (1) to restore the key file. / / – Restore the key file Stream fs = null; / / Phi made key file name: ExportKey.txt, password: using (Stream fileOut = File.OpenRead (“ExportKey.txt”)) {ProtectedKey protectedKey = KeyManager.RestoreKey (fileOut, “”, DataProtectionScope.LocalMachine); try {fs = new FileStream (keyFilePath, FileMode.Create); KeyManager.Write (fs, protectedKey.EncryptedKey, DataProtectionScope.CurrentUser); fs.Flush ();} finally {if (fs! = null) fs.Close ();}} (2) modify the configuration file key file path. Is that protectedKeyFilename properties. This and (I) is the same! Grating summary solve this plan, thinking is simple: to restore or create a new key file, so that the key file associated with the arrangement of the machine, and then modify the configuration file key file path. Let say for the second solution to the original plan! Plan two: first, there may be such an idea, if generating a key file, copy directly to any machine on the plan are likely to use it the more convenient. Here, I intend to give this solution. Thinking is: the randomly generated key on the xml file, xml file and then embedded in the methods added by the assembly, then we may in a general class of encryption and decryption methods by reflection from xml file to the key read out, and then used to encrypt with decrypt. In addition, we may be reversible by individual encryption method on the xml file encryption and decryption keys. However exaggerated, this method of insurance is inferior to the above, after all xml files on the key risk of being cracked. Of course, this method of request in the insurance system is not particularly high or may be taken. //———————————————— —————————————– / / Module code: / / filename : CustomCryptography.cs / / Description: CustomCryptography symmetric encryption and decryption of data class / / Author: ChenJie / / write date :2007-5-30 / / Copyright 2007 //————— ——————————— —————– ———————— using System; using System.Text; using System.Reflection; using System.IO; using System.Xml; using System. Security.Cryptography; namespace CryptographyLib {/ / / / / / Custom symmetric encryption and decryption of data type / / / public class CustomCryptography: ICryptography {# region Private Constants private const / / / / / / embedded in the assembly of the names of the XML file / / / private const string KEY_FILE = “CryptographyLib.SystemKey.config”; # endregion # region methods that implement an interface that implements the interface methods / / / / / / encrypt the string / / / / / /
express / / / ciphertext public string EncryptData (string plainText) { string encryptData = string.Empty; / / Create a new DES key. DESCryptoServiceProvider key = new DESCryptoServiceProvider (); / / Set Data Encryption Standard (DES) algorithm with a secret key symmetric algorithm with the value of the initialization vector byte [ ] Key = null; byte [] IV = null; GetKEYAndIV (out Key, out IV); key.Key = Key; key.IV = IV; return EncryptData (plainText, key);} / / / / / / decrypt strings through DESCryptoServiceProvider / / / / / /
ciphertext / / / express public string DecryptData (string decryptedText) {string decryptData = string.Empty; / / Create a new DES key. DESCryptoServiceProvider key = new DESCryptoServiceProvider (); / / Set Data Encryption Standard (DES) algorithm with a secret key symmetric algorithm with the value of the initialization vector byte [] Key = null; byte [] IV = null; GetKEYAndIV (out Key, out IV); key.Key = Key; key.IV = IV; return DecryptData (decryptedText, key);} / / / / / / the use of MD5 encryption string / / / / / /
express / / / ciphertext public string EncryptDataByHash (string plainText) {HashAlgorithm hashCryptoService = new SHA1Managed (); byte [] bytIn = UTF8Encoding.UTF8.GetBytes (plainText); byte [] bytOut = hashCryptoService.ComputeHash (bytIn); return Convert.ToBase64String (bytOut);} / / / / / / compare MD5 encrypted string / / / / / /
express / / /
to compare the hash value / / / are identical, it returns true, otherwise returns false public bool CompareHash (string plainText, string hashedText) {bool compare = false; string encryptData = EncryptDataByHash (plainText); compare = encryptData.Equals (hashedText ); return compare;} # endregion # region private methods private methods / / / / / / encrypt the string / / / / / /
express / / /
image of symmetric algorithms base class / / / ciphertext private string EncryptData (string plainText, SymmetricAlgorithm key) {string encryptData = string.Empty ; byte [] plainTextBytes = Encoding.UTF8.GetBytes (plainText); ////———- method one ——————- ——— / / / / Create a MemoryStream object / / MemoryStream ms = new MemoryStream (); / / / / create an encrypted stream / / CryptoStream encStream = new CryptoStream (ms, key.CreateEncryptor () , CryptoStreamMode.Write); / / / / Create a StreamWriter object / / StreamWriter sw = new StreamWriter (encStream); / / sw.WriteLine (plainText); / / sw.Close (); / / encryptData = Convert.ToBase64String ( ms.ToArray ()); / / ms.Close (); ////———- method was over —————— Method two ———- ————————– //———- – MemoryStream ms = new MemoryStream (); CryptoStream cs = new CryptoStream (ms, key.CreateEncryptor (), CryptoStreamMode.Write); cs.Write (plainTextBytes, 0, plainTextBytes.Length); cs.FlushFinalBlock (); encryptData = Convert.ToBase64String (ms.ToArray ()); //———- method two end ———————— —- / / clear the contents of the array Array.Clear (plainTextBytes, 0, plainTextBytes.Length); return encryptData;} / / / / / / decrypt the string / / / / / /
ciphertext / / /
image of symmetric algorithms base class / / / express private string DecryptData (string decryptedText, SymmetricAlgorithm key) {string decryptData = string.Empty; byte [] decryptedByteArray = Convert.FromBase64String (decryptedText); ////———- method a —— ———————- / / / / to decrypt the string to create a MemoryStream object / / MemoryStream ms = new MemoryStream (decryptedByteArray); / / / / Create a CryptoStream object / / CryptoStream encStream = new CryptoStream (ms, key.CreateDecryptor (), CryptoStreamMode.Read); / / / / create a StreamReader object / / StreamReader sr = new StreamReader (encStream); / / decryptData = sr.ReadLine (); / / sr.Close (); / / encStream.Close (); / / ms.Close (); ////———- method to an end —— Method Two ————– ———————- //———- ——————- MemoryStream ms = new MemoryStream (); CryptoStream cs = new CryptoStream (ms, key.CreateDecryptor (), CryptoStreamMode.Write); cs.Write ( decryptedByteArray, 0, decryptedByteArray.Length); cs.FlushFinalBlock (); decryptData = Encoding.UTF8.GetString (ms.ToArray ()); //———- method two end —– ———————– / / clear the contents of the array Array.Clear (decryptedByteArray, 0, decryptedByteArray.Length); return decryptData;} / / / / / / generate a symmetric algorithm initialization vector (IV with the Data Encryption Standard (DES) algorithm with a secret key (key) / / / private void GenerateIVAndKey () {/ / create a new the DES key. DESCryptoServiceProvider key = new DESCryptoServiceProvider (); byte [] Key = key.Key; byte [] IV = key.IV; UnicodeEncoding converter = new UnicodeEncoding (); string KeyValue = Convert.ToBase64String (Key); string IVValue = Convert.ToBase64String (IV);} / / / / / / get the data encryption standard (DES) algorithm with a secret key symmetric algorithm with the initialization vector / / / / / /
Data Encryption Standard (DES) algorithm with a secret key / / /
symmetric algorithm initialization vector private void GetKEYAndIV (out byte [ ] Key, out byte [] IV) {Key = null; IV = null; using (Stream xmlInputStream = Assembly.GetExecutingAssembly (). GetManifestResourc eStream (KEY_FILE)) {XmlDocument xmlDoc = new XmlDocument (); xmlDoc.Load (xmlInputStream) ; XmlNodeList nodeList = xmlDoc.SelectSingleNode (“Root”). ChildNodes; foreach (XmlNode xn in nodeList) {if (xn.NodeType! = XmlNodeType.Element) {continue;} switch (xn.Name) {case “IV”: IV = Convert.FromBase64String (xn.InnerXml); break; case “KEY”: Key = Convert.FromBase64String (xn.InnerXml); break; default: break;}}}} # endregion}} XML file is very simple: L7h6oi25zn4 = vsbq4KMhR9I = Why is Enterprise Library 3.0 is not the key file inflicted a full copy of any plan may be able to use the machine it? David Hayden said such remarks: Enterprise Library development team to request the insurance firm to help make key file, so use DPAPI to encrypt the key file, DPAPI is not required in supply key documents may supply an encryption method, which often wonderful length of it “bad side” is that it is least in the (machine) or the current user (current) machine context. (The EntLib Team was required to help secure the key and hence used DPAPI to encrypt the key. DPAPI is great in that it is a way to provide encryption without requiring a key file. It is “bad” in that it is scoped to either the current user or machine.) is to say, limits the use DPAPI to encrypt the file copy of any premises we are in the encrypted file, but it is the insurance of the consideration must be the case. intend to download the full text of all to solve the end! Beijing translation company led lighting reference material: (1 ) to encrypt web.config (2) asp.net2.0 data protection
reference material:
if (xn.NodeType! = XmlNodeType.Element)
{
vsbq4KMhR9I =
/ / empty the contents of the array
aspnet_regiis-px “NetFrameworkConfigurationKey” D: \ RSAkeys.xml-pri
continue;
if want to a configuration file (for example, web.config, App.config) intend to drive in a encrypted, the rest intend to use on both machines, we reached the goal.
{
[Popular] connection pool Lifeguards
Key = Convert.FromBase64String (xn.InnerXml);
reminder: there may be steps (1), the export fails, it can not use-pri this parameter, and this parameter is used to decrypt the information derived ! Without it, the rest of the machine can only encrypt the new stuff. then the solution is as follows:
symbolizes the beginning of the end of the beginning of the end of the turn … //———- Method Two ———————————
/ / /
CryptoStream cs = new CryptoStream (ms, key.CreateDecryptor (), CryptoStreamMode.Write);
{
private void GenerateIVAndKey ()
/ / /
/ / /
/ / /
This article published by the dark horse from automatic mass blog, this information will appear in the article section of the end;
break;
Array.Clear (decryptedByteArray, 0, decryptedByteArray.Length);
string IVValue = Convert.ToBase64String (IV);
we use the configuration tool to configure the zone configuration file encryption may specify which ProtectedConfigurationProvider. It is clear that in the settlement of this title, we only use RsaProtectedConfigurationProvider. because of the different machines on the plan of the RSA key container is not identical, so we need to plan from one machine to export an RSA key container, then guided into the rest intend to drive on! because it is possible to use the guide into the way the DOS command to achieve, so the arrangement does not exist in the title! In addition, because the. NET Framework has a default RSA key container named “NetFrameworkConfigurationKey”, in the machine. may see the default config file parameters.
supply programs both supply strong encryption of data; However, if intend to use more than one plan with an encrypted machine configuration file, only use RsaProtectedConfigurationProvider. because the ability to export is used to encrypt the data encryption key, and another intended to lead into their machine.
(3): the intention of the arrangement machine, guide into the name “NetFrameworkConfigurationKey” The RSA key container .
