ASP.NET Core Data Protection
Create an ASP.NET Core MVC application.
Program.cs
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddDataProtection();
var app = builder.Build();HomeController.cs
public class HomeController : Controller
{
private readonly IDataProtector _dataProtector;
public HomeController(IDataProtectionProvider dataProtectionProvider)
{
_dataProtector = dataProtectionProvider.CreateProtector("HomeControllerPurpose");
}
// ...
public IActionResult Privacy()
{
// The original data to protect
string originalData = "original data";
// Protect the data (encrypt)
string protectedData = _dataProtector.Protect(originalData);
Console.WriteLine($"Protected Data: {protectedData}");
// Unprotect the data (decrypt)
string unprotectedData = _dataProtector.Unprotect(protectedData);
Console.WriteLine($"Unprotected Data: {unprotectedData}");
return View();
}
// ...
}appsettings.json
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning",
"Microsoft.AspNetCore.DataProtection": "Information"
}
},
"AllowedHosts": "*"
}
If "builder.Services.AddDataProtection()", it will store the key to registry:
User profile not available. Using 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ASP.NET\4.0.30319.0\AutoGenKeys\S-1-5-82-3624141287-1239126304-814961113-395453511-3052143996\DataProtection' as key repository and Windows DPAPI to encrypt keys at rest.
If LoadUserProfile is enabled, it will store the key to file:
%USERPROFILE%\AppData\Local\ASP.NET\DataProtection-Keys\key-56d0af0f-116f-4445-8c7f-8ad6bf9e6133.xml
If "builder.Services.AddDataProtection().PersistKeysToFileSystem(new DirectoryInfo(@"<complete_path>"));", it will store the key to specific path even through the LoadUserProfile is disabled.
创建时间:6/4/2024 12:47:34 PM
修改时间:6/4/2024 1:02:02 PM