Apq.Cfg.Crypto 1.2.1

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package Apq.Cfg.Crypto --version 1.2.1
                    


                    

                
NuGet\Install-Package Apq.Cfg.Crypto -Version 1.2.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Apq.Cfg.Crypto" Version="1.2.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Apq.Cfg.Crypto" Version="1.2.1" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Apq.Cfg.Crypto" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Apq.Cfg.Crypto --version 1.2.1
                    


                    

                
#r "nuget: Apq.Cfg.Crypto, 1.2.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Apq.Cfg.Crypto@1.2.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Apq.Cfg.Crypto&version=1.2.1
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Apq.Cfg.Crypto&version=1.2.1
                    


                            Install as a Cake Tool

Apq.Cfg.Crypto

Gitee Documentation

配置加密脱敏核心抽象包,提供 ICryptoProvider 接口和通用加密转换器。

仓库地址:https://gitee.com/apq/Apq.Cfg

📖 在线文档:https://apq-cfg.vercel.app/

依赖

  • Apq.Cfg

功能特性

  • 加密:敏感配置值(如数据库密码、API密钥)在存储时加密,读取时自动解密
  • 脱敏:日志输出、调试显示时自动隐藏敏感信息
  • 零侵入:不修改现有配置文件格式,通过约定标记敏感配置
  • 可扩展:支持多种加密算法,用户可自定义

用法

基本使用

using Apq.Cfg;
using Apq.Cfg.Crypto;

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0)
    .AddEncryption(new MyCustomCryptoProvider())
    .AddSensitiveMasking()
    .Build();

// 使用索引器访问(自动解密)
var connStr = cfg["Database:ConnectionString"];

// 日志输出时自动脱敏
var maskedValue = cfg.GetMasked("Database:ConnectionString");
// 输出: Ser***ion

配置文件格式

加密值使用 {ENC} 前缀标记:

{
    "Database": {
        "ConnectionString": "{ENC}base64encodedciphertext...",
        "Password": "{ENC}base64encodedciphertext..."
    },
    "Api": {
        "Key": "{ENC}base64encodedciphertext..."
    }
}

自定义加密选项

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0, writeable: false)
    .AddEncryption(provider, options =>
    {
        // 自定义前缀
        options.EncryptedPrefix = "[ENCRYPTED]";
        
        // 添加自定义敏感键模式
        options.SensitiveKeyPatterns.Add("*ApiSecret*");
        
        // 禁用自动加密
        options.AutoEncryptOnWrite = false;
    })
    .Build();

自定义脱敏选项

var cfg = new CfgBuilder()
    .AddJsonFile("config.json", level: 0, writeable: false)
    .AddSensitiveMasking(options =>
    {
        options.MaskString = "****";
        options.VisibleChars = 2;
        options.NullPlaceholder = "<空>";
    })
    .Build();

实现自定义加密提供者

public class MyCustomCryptoProvider : ICryptoProvider
{
    public string Encrypt(string plainText)
    {
        // 实现加密逻辑
        return Convert.ToBase64String(/* 加密后的字节 */);
    }

    public string Decrypt(string cipherText)
    {
        // 实现解密逻辑
        var bytes = Convert.FromBase64String(cipherText);
        return /* 解密后的字符串 */;
    }
}

敏感键模式

默认的敏感键模式(支持通配符 *?):

模式 说明
*Password* 匹配包含 Password 的键
*Secret* 匹配包含 Secret 的键
*ApiKey* 匹配包含 ApiKey 的键
*ConnectionString* 匹配包含 ConnectionString 的键
*Credential* 匹配包含 Credential 的键
*Token* 匹配包含 Token 的键

前缀格式说明

默认使用 {ENC} 前缀,使用花括号是为了避免与配置节分隔符 : 混淆:

// 容易混淆的格式
"Password": "ENC:base64cipher..."  // ENC 看起来像是配置节名

// 推荐的格式
"Password": "{ENC}base64cipher..."  // 花括号明确标识这是前缀

相关包

  • Apq.Cfg.Crypto.AesGcm:AES-GCM 加密实现
  • Apq.Cfg.Crypto.DataProtection:ASP.NET Core Data Protection 实现

许可证

MIT License

作者

  • 邮箱:amwpfiqvy@163.com

仓库

  • Gitee:https://gitee.com/apq/Apq.Cfg
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Apq.Cfg.Crypto:

Package Downloads
Apq.Cfg.Crypto.DataProtection

Apq.Cfg 的 ASP.NET Core Data Protection 加密实现

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.2.1 123 1/17/2026
1.2.0 119 1/8/2026
1.1.8 118 1/8/2026
1.1.7 119 1/4/2026
1.1.6 125 1/3/2026