如何加密或隐藏配置文件c#
How to encrypt or hide config file c#
这是 MyConfig 文件代码,我想加密或隐藏密码值,但我不知道该怎么做。
我已经使用了安全的应用程序配置,但它给我一个错误或者我做错了什么?
默认密码是 Data#Dat
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="MYdata.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />
</sectionGroup>
</configSections>
<connectionStrings>
<add name="MYdata.Properties.Settings.Database1ConnectionString"
connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database1.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
</startup>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DocumentFormat.OpenXml" publicKeyToken="8fb06cb64d019a17" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.13.1.0" newVersion="2.13.1.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="ExcelNumberFormat" publicKeyToken="23c6f5d73be07eca" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<userSettings>
<MYdata.Properties.Settings>
<setting name="FullName" serializeAs="String">
<value />
</setting>
<setting name="Email" serializeAs="String">
<value />
</setting>
<setting name="Description" serializeAs="String">
<value />
</setting>
<setting name="Password" serializeAs="String">
<value>Data#Data//</value>
</setting>
</MYdata.Properties.Settings>
</userSettings>
</configuration>
我刚发现它只显示默认密码,而不是用户设置的密码。这样就解决了我的问题。
也感谢@cly 告诉我资料:
Config should be readed by you application somehow so the application
needs all the information required to do it. You can provide the
information during startup (e.g. request a password from the operator
who started the application) so the application and the config file
itself cannot be used unless somebody gives the "config-opener"
password. But this means every startup is an interactive process which
might be okay but mostly not.
Otherwise You can hide a decryption password somewhere where the
application can access it (on executing computer or inside the
application itself) which can provide some "secrecy", but anybody who
has access to the application can dissassemble it and find out your
method and use this decryption method on its own. It depends on your
user's skills.
这是 MyConfig 文件代码,我想加密或隐藏密码值,但我不知道该怎么做。 我已经使用了安全的应用程序配置,但它给我一个错误或者我做错了什么?
默认密码是 Data#Dat
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="MYdata.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />
</sectionGroup>
</configSections>
<connectionStrings>
<add name="MYdata.Properties.Settings.Database1ConnectionString"
connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database1.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
</startup>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DocumentFormat.OpenXml" publicKeyToken="8fb06cb64d019a17" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.13.1.0" newVersion="2.13.1.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="ExcelNumberFormat" publicKeyToken="23c6f5d73be07eca" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<userSettings>
<MYdata.Properties.Settings>
<setting name="FullName" serializeAs="String">
<value />
</setting>
<setting name="Email" serializeAs="String">
<value />
</setting>
<setting name="Description" serializeAs="String">
<value />
</setting>
<setting name="Password" serializeAs="String">
<value>Data#Data//</value>
</setting>
</MYdata.Properties.Settings>
</userSettings>
</configuration>
我刚发现它只显示默认密码,而不是用户设置的密码。这样就解决了我的问题。
也感谢@cly 告诉我资料:
Config should be readed by you application somehow so the application needs all the information required to do it. You can provide the information during startup (e.g. request a password from the operator who started the application) so the application and the config file itself cannot be used unless somebody gives the "config-opener" password. But this means every startup is an interactive process which might be okay but mostly not.
Otherwise You can hide a decryption password somewhere where the application can access it (on executing computer or inside the application itself) which can provide some "secrecy", but anybody who has access to the application can dissassemble it and find out your method and use this decryption method on its own. It depends on your user's skills.