ASP.Net machinekey、validationkey 和decryptionkey - key 长度

Question

将 ValidationKey 和 DecryptionKey 保留为默认值时生成的默认 key 长度是多少？例如:

<machineKey decryptionKey="AutoGenerate,IsolateApps" validationKey="AutoGenerate,IsolateApps" ... />

我无法在 MSDN 上的任何地方找到此文档。
我想生成一个静态机器 key 并使其与默认值保持一致。

Answer 1

此 MSDN页面讨论 machineKey web.config 元素:

"For SHA1, set the validationKey to 64 bytes (128 hexadecimal characters).
For AES, set the decryptionKey to 32 bytes (64 hexadecimal characters).
For 3DES, set the decryptionKey to 24 bytes (48 hexadecimal characters)."

另一个 MSDN页面有附加信息:

"validationKey specifies a manually assigned validation key. This value must be manually set to ensure consistent configuration across a network of Web servers (a Web farm). The key must be a minimum of 40 characters (20 bytes) and a maximum of 128 characters (64 bytes) long. If keys shorter than the maximum length are used, they should be created by a truly random means, such as by using RNGCryptoServiceProvider. The recommended key length is 128 hexadecimal characters. If you add the IsolateApps modifier to the validationKey value, ASP.NET generates a unique encrypted key for each application using each application's application ID."

"decryptionKey specifies a manually assigned key. This value must be manually set to a string of hexadecimal characters to ensure consistent configuration across a Web farm. The key should be 16 characters in length when using DES encryption and 48 characters in length when using Triple DES encryption. If keys shorter than the maximum length are used, they should be created by a truly random means, such as by using RNGCryptoServiceProvider. ASP.NET can use Triple DES only on computers on which 128-bit encryption is available. If you add the IsolateApps modifier to the decryptionKey value, ASP.NET generates a unique encrypted key for each application using each application's application ID."