当我启动我的服务(Docker 容器中 .Net Core 2.2 上的 API)时,我收到警告:
No XML encryptor configured. Key {daa53741-8295-4c9b-ae9c-e69b003f16fa} may be persisted to storage in unencrypted form.
我没有配置 DataProtection。我找到了配置 DataProtection 的解决方案,但我不需要保存此 key 。对我来说,如果 key 只会保留到应用程序重新启动 - 没关系。但是我不需要在日志中看到这个警告
有什么想法吗?我们该怎么做?
我的启动类如下所示:
public class Startup {
public Startup(IConfiguration configuration) {
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services) {
services.AddMemoryCache();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddApiVersioning(o => o.ApiVersionReader = new HeaderApiVersionReader("api-version"));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, IApplicationLifetime lifetime) {
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
}
app.UseMvc();
lifetime.ApplicationStarted.Register(OnApplicationStarted);
lifetime.ApplicationStopping.Register(OnShutdown);
}
public void OnApplicationStarted() {
Console.Out.WriteLine($"Open Api Started");
}
public void OnShutdown() {
Console.Out.WriteLine($"Open Api is shutting down.");
}
}
也许它对我在项目中的包也有帮助
<ItemGroup>
<PackageReference Include="BouncyCastle.NetCore" Version="1.8.5" />
<PackageReference Include="Microsoft.AspNetCore.App" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning" Version="3.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Razor.Design" Version="2.2.0" PrivateAssets="All" />
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.5.4" />
<PackageReference Include="Oracle.ManagedDataAccess.Core" Version="2.18.6" />
</ItemGroup>
最佳答案
您可以在 .NET 6
中通过以下方式显式配置您的加密算法。
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption;
using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel;
...
var builder = WebApplication.CreateBuilder(args);
...
builder.Services.AddDataProtection().UseCryptographicAlgorithms(
new AuthenticatedEncryptorConfiguration
{
EncryptionAlgorithm = EncryptionAlgorithm.AES_256_CBC,
ValidationAlgorithm = ValidationAlgorithm.HMACSHA256
});
Configure ASP.NET Core Data Protection
The default EncryptionAlgorithm is AES-256-CBC, and the default ValidationAlgorithm is HMACSHA256. The default policy can be set by a system administrator via a machine-wide policy, but an explicit call to UseCryptographicAlgorithms overrides the default policy.
Calling UseCryptographicAlgorithms allows you to specify the desired algorithm from a predefined built-in list. You don't need to worry about the implementation of the algorithm. In the scenario above, the Data Protection system attempts to use the CNG implementation of AES if running on Windows. Otherwise, it falls back to the managed System.Security.Cryptography.Aes class.
You can manually specify an implementation via a call to UseCustomCryptographicAlgorithms.
此解决方案也将解决基于 docker 的 linux 机器上的警告。
关于c# - .Net Core 警告未配置 XML 加密器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55760907/