Apq.Cfg.Crypto.DataProtection 1.2.1

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package Apq.Cfg.Crypto.DataProtection --version 1.2.1
                    


                    

                
NuGet\Install-Package Apq.Cfg.Crypto.DataProtection -Version 1.2.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Apq.Cfg.Crypto.DataProtection" Version="1.2.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Apq.Cfg.Crypto.DataProtection" Version="1.2.1" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Apq.Cfg.Crypto.DataProtection" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Apq.Cfg.Crypto.DataProtection --version 1.2.1
                    


                    

                
#r "nuget: Apq.Cfg.Crypto.DataProtection, 1.2.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Apq.Cfg.Crypto.DataProtection@1.2.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Apq.Cfg.Crypto.DataProtection&version=1.2.1
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Apq.Cfg.Crypto.DataProtection&version=1.2.1
                    


                            Install as a Cake Tool

Apq.Cfg.Crypto.DataProtection

Gitee Documentation

ASP.NET Core Data Protection 加密实现包。

仓库地址:https://gitee.com/apq/Apq.Cfg

📖 在线文档:https://apq-cfg.vercel.app/

依赖

  • Apq.Cfg.Crypto
  • Microsoft.AspNetCore.DataProtection

功能特性

  • 使用 ASP.NET Core Data Protection API
  • 支持跨机器、跨应用的密钥管理
  • 支持密钥轮换和撤销
  • 适用于 ASP.NET Core 应用程序

用法

基本使用

using Apq.Cfg;
using Apq.Cfg.Crypto;
using Apq.Cfg.Crypto.DataProtection;

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0)
    .AddDataProtectionEncryption("MyApp")
    .AddSensitiveMasking()
    .Build();

// 使用索引器访问(自动解密)
var connStr = cfg["Database:ConnectionString"];

使用自定义 Data Protection 提供者

using Microsoft.AspNetCore.DataProtection;

// 在 ASP.NET Core 应用中使用 DI 注入的提供者
public class MyService
{
    private readonly ICfgRoot _cfg;

    public MyService(IDataProtectionProvider dataProtectionProvider)
    {
        _cfg = new CfgBuilder()
            .AddJsonFile("config.json", level: 0, writeable: false)
            .AddDataProtectionEncryption(dataProtectionProvider)
            .Build();
    }
}

使用指定目录存储密钥

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0, writeable: false)
    .AddDataProtectionEncryption(
        new DirectoryInfo("/var/keys"),
        "MyApp")
    .Build();

自定义保护目的

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0, writeable: false)
    .AddDataProtectionEncryption(
        "MyApp",
        purpose: "ConfigEncryption")
    .Build();

方法签名

public static CfgBuilder AddDataProtectionEncryption(
    this CfgBuilder builder,
    IDataProtectionProvider provider,
    string purpose = "Apq.Cfg",
    Action<EncryptionOptions>? configure = null)

public static CfgBuilder AddDataProtectionEncryption(
    this CfgBuilder builder,
    string applicationName,
    string purpose = "Apq.Cfg",
    Action<EncryptionOptions>? configure = null)

public static CfgBuilder AddDataProtectionEncryption(
    this CfgBuilder builder,
    DirectoryInfo keyDirectory,
    string applicationName,
    string purpose = "Apq.Cfg",
    Action<EncryptionOptions>? configure = null)

与 AES-GCM 的对比

特性 Data Protection AES-GCM
密钥管理 自动管理 手动管理
密钥轮换 支持 需手动实现
跨机器 需配置共享存储 需共享密钥
依赖 ASP.NET Core
适用场景 ASP.NET Core 应用 通用场景

安全最佳实践

  1. 在生产环境中配置持久化密钥存储
  2. 使用 Azure Key Vault 或其他密钥管理服务
  3. 定期轮换密钥
  4. 为不同用途使用不同的 purpose

许可证

MIT License

作者

  • 邮箱:amwpfiqvy@163.com

仓库

  • Gitee:https://gitee.com/apq/Apq.Cfg
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.2.1 99 1/17/2026
1.2.0 100 1/8/2026
1.1.8 95 1/8/2026
1.1.7 102 1/4/2026
1.1.6 101 1/3/2026